I did read those posts from BOL, and they seem to support my findings that you cannot solve my problem with the EXECUTE AS. Please consider the following scenario:
LOGIN1 is SA
LOGIN2 is not SA and should not have SA rights
After logging in as LOGIN1
CREATE PROC TEMP AS
EXECUTE AS LOGIN = 'LOGIN1'
--Code requiring SA Access
After logging in as LOGIN2:
Yields this error:
Cannot execute as the server principal because the principal "LOGIN1" does not exist, this type of principal cannot be impersonated, or you do not have permission.
To overcome this error, I understand that I must give LOGIN2 impersonation access to LOGIN1, and if I do that I've opened up an security hole for LOGIN2 to have unfettered SA access through impersonation--which is the very problem I'm trying to avoid in this exercise.