Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 SQL Server 2000 Forums
 Import/Export (DTS) and Replication (2000)
 Need Help in Replication Security

Author  Topic 

Tracey
Starting Member

40 Posts
Posted - 2004-08-05 : 01:49:12
Hello Room,
Another Question! We have Transactional Replication Setup and Some of the users wants to access to the Replication monitor so they can start the Distrubution Agent manually ( 1. Click Distribution Agents, 2. Click Start).

****This is the only task they want to perform.****

I created a user and applied replmonitor role in Distribution database.

But as far as i know only users with Sys_admin privelege can able to start and stop the Agents.

Is there any way i can implement this by creating a user without sys_admin priveleges?

when I tried with db_owner priveleges etc..., the "START and sTOP" option is disabled.

Any help would be very muchhhhhhhhh appreciated!!


Kind Regards
Tracey

tkizer
Almighty SQL Goddess

38200 Posts
Posted - 2004-08-05 : 14:11:34
Starting a job runs sp_start_job. Here is what SQL Server Books Online says about the permissions of that system stored procedure:

quote:


Permissions
Execute permissions default to the public role in the msdb database. A user who can execute this procedure and is a member of the sysadmin fixed role can start any job. A user who is not a member of the sysadmin role can use sp_start_job to start only the jobs he/she owns.

When sp_start_job is invoked by a user who is a member of the sysadmin fixed server role, sp_start_job will be executed under the security context in which the SQL Server service is running. When the user is not a member of the sysadmin fixed server role, sp_start_job will impersonate the SQL Server Agent proxy account, which is specified using xp_sqlagent_proxy_account. If the proxy account is not available, sp_start_job will fail. This is only true for Microsoft® Windows NT® 4.0 and Windows 2000. On Windows 9.x, there is no impersonation and sp_start_job is always executed under the security context of the Windows 9.x user who started SQL Server.



Tara
Go to Top of Page
   

Subscribe to SQLTeam.com

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -

Resources

Articles

Forums

Blogs

Contact Us

About the Site