We have some users who sometimes need to directly edit certain databases. Their protocol sensibley is to back a database before editing it. However, as a result of a recent security audit their sysadmin rights were taken away. While they can still directly edit data in the appropriate DBs using SSMS, they cannot create backups.
The easy answer is to add their AD group login to the db_backupoperator database role on the DBs they work on. But instead of right-clicking the DB they're going to work on and selecting Tasks/Back up, I'd like them to run manaully launch the nightly backup job for that database instead, so that the backup file will be created in the same folder and be deleted on the same schedule as the nightly backups.
Is a user's ability to run a SQLAgent job dependent only on their rights to do what's in the job? Or are other permissions required?