June 25, 2003 at 9:20 am
Greetings,
I have a customer that has configured multiple replication jobs between two SQL 2000 boxes. The problem is they have use SQL accounts will sysadmin server roles to create/manage the replication jobs. This is a problem because I'm responsible for administering the server and these customer accounts are a major security hole.
I have not been able to find a definate answer to exactly what rights are necessary to create, manage, update, start/stop replication jobs. My customer wants to create, delete, modify, and start/stop replication jobs. We only want them to be able to view the job and everything else would belong to us. Is this possible ? What rights do they and us need?
Best Regards,
Michael
June 30, 2003 at 4:34 pm
Good question. To execute the job they have to be either SA or the owner. To run sp_addpublication they have to be sa or a member of db_owner. If you only want them to be able to view the jobs, you could easily set up a web page that would let them do that, no direct interaction with SQL.
I use replication quite a bit, I built a front end that lets them do the set up by entering the minimum required information, the code does the rest. The app runs using a login that is a member of sysadmin, hidden from the user, plus I restrict use of the app to a couple key people. Works pretty good.
Andy
Viewing 2 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply