Re: backing up to network share issue.
From: Tibor Karaszi (tibor_please.no.email_karaszi_at_hotmail.nomail.com)
Date: 06/01/04
- Next message: newbie: "Re: what happens to log when I restore db with simple recovery model."
- Previous message: Tibor Karaszi: "Re: "Embedded""
- In reply to: Jim Young: "Re: backing up to network share issue."
- Next in thread: Jim Young: "Re: backing up to network share issue."
- Reply: Jim Young: "Re: backing up to network share issue."
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 1 Jun 2004 21:44:14 +0200
Jim,
You are on the spot, but for one thing (or I might just have misread you). SQL Server does not do
impersonation when it accesses the backup file on behalf of the SQL Server uses that executed the backup
command. If that was the case, no SQL Server login could perform a backup (as an SQL Server account doesn't
exist in the Windows environment). For most operations (the one exception are linked servers (*)), there is no
impersonation going on, SQL Server just uses the SQL Server service account when accessing the backup share.
One other exception is When Agent executed TSQL command (SETUSER if not sysadmin) or executed CmdExec or
ActiveScript jobsteps (Proxy account if not sysadmin).
-- Tibor Karaszi, SQL Server MVP http://www.karaszi.com/sqlserver/default.asp http://www.solidqualitylearning.com/ "Jim Young" <thorium48@hotmail.com> wrote in message news:%23hoh%231ASEHA.1388@TK2MSFTNGP09.phx.gbl... > >In this scenario how can I assing the rights to my login to access the > network shares. > > As Tibor stated, this is not an SQL Server issue, it is a network > permissions issue. The SQL login that is accessing the MSDE instance is not > a factor in whether the process doing the backup has the correct permissions > or not. Every process running on a computer that is using the Windows NT > architechture (NT/2000/2003/XP) runs with a particular security profile of a > user account, either a local or network account. The process doing the > backup to a network share must have write permission to the share in order > for that backup to be successful. If the backup is run directly by a user > (the user logged into the computer or domain) then the backup process runs > with the security context of that user. If the backup runs as a scheduled > job running under SQL Server Agent then the backup runs under the security > context of the SQL Server Agent process, which is by default the SYSTEM > account. The SYSTEM account has no access to any network resources or any > resources beyound the local computer that the process is running on. > Depending on how the backup job is being run, you will need to give write > permissions to the user account running the backup. In the case of the > backup being a scheduled job, you will need to run SQL Server Agent using a > network account that has write permissions to the network share. > > Jim > > > "whynot" <anonymous@discussions.microsoft.com> wrote in message > news:6EAD66BF-F419-4A38-A055-5B5C96B08329@microsoft.com... > > Thanks Tibor for the reply. My application has 1 custom login mapped to 1 > user, for e.g. MyAppUser (same name for both user and login). Also my > application has just 1 custom database. How can I assign this user/login > the rights to access the network shares on my client's machine. Have to > make this as seemless as possible as clients will be small office users who > will not have database administrators and are not database professionals. > So my application has to make them feel as if there is literally nothing > called SQL Server involved, means that they will not be expected to have any > technical knowhow. In this scenario how can I assing the rights to my login > to access the network shares. > > > > Thank you so much. > >
- Next message: newbie: "Re: what happens to log when I restore db with simple recovery model."
- Previous message: Tibor Karaszi: "Re: "Embedded""
- In reply to: Jim Young: "Re: backing up to network share issue."
- Next in thread: Jim Young: "Re: backing up to network share issue."
- Reply: Jim Young: "Re: backing up to network share issue."
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
