April 27, 2011 at 12:10 pm
We are using sql 2008, a question is what is the best practice to setup an account to run the jobs?
If job owner is non-sysadmin, we usually have the case that if job owner gone, the job won't run successfully. So we would like to create an account especially for our jobs, using proxy account seems only needed for some special purpose?
So for all other job, shall we create an account and give it sysadmin rights, and use it only for run sql agent jobs?
April 27, 2011 at 12:36 pm
For most jobs I usually set the owner to sa, meaning run it in the context of the system and sa never leaves the company. As a precaution, I evaluate all the code that is called by the job to make sure that the elevated rights are not abused. For some cases I have created a user that has little more than user rights and I explicitly grant it what it needs. You need to evaluate the security and risk exposure of your servers. If you have a particularly sensitive process you might create a user for it alone.
Here is an example of where I would not use the sa methodology. You have a database that is behind a web page, the web page uses an account which is a db_owner of the database. You may or may not be using sprocs as your code interface. You have jobs that call code in that database. This is a problem for a couple reasons. As a db_owner code could be added to objects called by jobs and executed with elevated rights. As the db_owner there is very little if anything in a database that cannot be modified or read, regardless of what context it is eventually used in.
As far as best, it depends, your particular scenario will define the best for you. Where I can keep it simple, I do, where I can't, I expend the additional effort to protect my server and data.
CEWII
Viewing 2 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply