June 3, 2022 at 3:49 pm
Occasionally we have certain Agent jobs failing overnight. We are in US Eastern time zone.
We have a DBA we can use located in India to cover failures of the overnight jobs like backups and restores. I'd like to be able to give them just enough access to check jobs and modify and rerun any SPs/steps that may need doing if they see failures. That way we can avoid any delays that may happen in the mornings when jobs fail.
We can't allow them any access to PHI information though. No access to table data.
Can you please help me identify what permissions will be needed for them to do this?
Likes to play Chess
June 3, 2022 at 7:28 pm
You could add them to the SQLAgentOperatorRole - that would allow them to start/stop local jobs. You really need to review this document: https://docs.microsoft.com/en-us/sql/ssms/agent/sql-server-agent-fixed-database-roles?view=sql-server-ver16
I would not - under any circumstances - grant access to any user databases or grant access to execute anything in any user database. And definitely make sure they do not have access to any proxy accounts.
If the fix to the jobs failing is to run a stored procedure - then that individual would need access to the database and execute permissions on that stored procedure. If you can be absolutely sure that no data is returned from those procedures - then it might be okay to grant execute permissions. I wouldn't risk it though...
Jeffrey Williams
“We are all faced with a series of great opportunities brilliantly disguised as impossible situations.”
― Charles R. Swindoll
How to post questions to get better answers faster
Managing Transaction Logs
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply