Sybase NNTP forums - End Of Life (EOL)

The NNTP forums from Sybase - forums.sybase.com - are now closed.

All new questions should be directed to the appropriate forum at the SAP Community Network (SCN).

Individual products have links to the respective forums on SCN, or you can go to SCN and search for your product in the search box (upper right corner) to find your specific developer center.

(Q) Logins for submitting NT batch processes

2 posts in Windows NT Last posting was on 1997-11-02 13:21:13.0Z
Matt Van Rensburg Posted on 1997-10-30 12:51:00.0Z
Message-ID: <345882B4.6B46@usa.net>
Date: Thu, 30 Oct 1997 12:51:00 +0000
From: Matt Van Rensburg <mattvan@usa.net>
Reply-To: mattvan@usa.net
Organization: Exabyte
X-Mailer: Mozilla 3.0 (WinNT; I)
MIME-Version: 1.0
Subject: (Q) Logins for submitting NT batch processes
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Newsgroups: sybase.public.sqlserver.nt
Lines: 28
Path: forums-1-dub!forums-master.sybase.com!forums.powersoft.com
Xref: forums-1-dub sybase.public.sqlserver.nt:5447
Article PK: 1081525

Hi All

Apologies for posting this twice (sqlserver.general group as well). I
meant to post it here.

We are running sybase on NT and are using winat for scheduling our batch
jobs. The problem we ran into was the fact that you had to hardcode the
login and password when firing an sql script file against the server.

To minimise any risk with logins we have avoided using the "sa" login to
run our batch jobs by using a login with operator role to run our backup
jobs.

The problem we had was with scripts needing to do dbcc's, update
statistics and truncate table and other general maintenance tasks. The
only people who can run these scripts are login/users who are dbo i.e.
"sa", logins with sa_role, users aliased as dbo.
It would be nice to be able to grant permissions to a login/user to exec
commands like dbcc, update stats, truncate table or have a role like
operator with priviliges only to run these commands.

We chose the option of creating a login/user which is aliased as dbo.
Has anybody else had this problem and how did you manage to get past
this problem.

Matt


Opensoft Posted on 1997-11-02 13:21:13.0Z
Message-ID: <345C7E48.413B8598@ritsec1.com.eg>
Date: Sun, 02 Nov 1997 15:21:13 +0200
From: OPENsoft <opensoft@ritsec1.com.eg>
Reply-To: opensoft@ritsec1.com.eg
X-Mailer: Mozilla 4.02 [en] (Win95; I)
MIME-Version: 1.0
To: mattvan@usa.net
Subject: Re: (Q) Logins for submitting NT batch processes
References: <345882B4.6B46@usa.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Newsgroups: sybase.public.sqlserver.nt
Lines: 39
Path: forums-1-dub!forums-master.sybase.com!forums.powersoft.com
Xref: forums-1-dub sybase.public.sqlserver.nt:5437
Article PK: 1081515

Howdy Matt,
why don't you try to put your work "scripts" as stored procedures on the
server created by "sa" and then granted for execution to whoever. The
security logic will check the abilty of this user to execute without making
sure if he is capable of doing the enclosed commands themselves.
try it and let me know,

Ahmed AbdelHady
CSPDBA & CSPPTS

Matt Van Rensburg wrote:

> Hi All
>
> Apologies for posting this twice (sqlserver.general group as well). I
> meant to post it here.
>
> We are running sybase on NT and are using winat for scheduling our batch
> jobs. The problem we ran into was the fact that you had to hardcode the
> login and password when firing an sql script file against the server.
>
> To minimise any risk with logins we have avoided using the "sa" login to
> run our batch jobs by using a login with operator role to run our backup
> jobs.
>
> The problem we had was with scripts needing to do dbcc's, update
> statistics and truncate table and other general maintenance tasks. The
> only people who can run these scripts are login/users who are dbo i.e.
> "sa", logins with sa_role, users aliased as dbo.
> It would be nice to be able to grant permissions to a login/user to exec
> commands like dbcc, update stats, truncate table or have a role like
> operator with priviliges only to run these commands.
>
> We chose the option of creating a login/user which is aliased as dbo.
> Has anybody else had this problem and how did you manage to get past
> this problem.
>
> Matt