September 13, 2010 at 7:10 am
I realize I'm talking server security, not SQL security, but I'm hoping someone else has run into this.
We have a setup where we have a domain user as a proxy to run xp_cmdshell. The same user asociated with that is setup with SQLAgentUserRole. The proxy user is also part of group SQLServer2005DTSUser$SQLBOX. I check out the security for the dtexec.exe and the proxy user has access. So, why is it failing? My best guess is GPO, but I don't know what entry.
Event Type: Failure Audit
Event Source: Security
Event Category: Object Access
Event ID: 560
Date: 9/9/2010
Time: 12:50:57 PM
User: FOO\someuser
Computer: SQLBOX
Description:
Object Open:
Object Server: Security
Object Type: Key
Object Name: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
Handle ID: -
Operation ID: {0,172969342}
Process ID: 2052
Image File Name: C:\Program Files\Microsoft SQL Server\90\DTS\Binn\DTExec.exe
Primary User Name: someacct
Primary Domain: FOO
Primary Logon ID: (0x0,0xA4F2980)
Client User Name: -
Client Domain: -
Client Logon ID: -
Accesses: Query key value
Set key value
Create sub-key
Enumerate sub-keys
Privileges: -
Restricted Sid Count: 0
Access Mask: 0xF
Thanks,
Randy
Randy
Viewing post 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply