var sidebar_align = 'right';
var content_container_margin = parseInt('290px');
var sidebar_width = parseInt('270px');
Unanswered: processadmin role
I'm trying to allow my developers the ability to modify/execute their jobs and dts packages in production....without giving away the security farm so to speak.
Is the processadmin role a possibility?
BOL and the net only seems to say this role allows user to "manage process"...duh.
Your thoughts and advice would be great appreciated.
The processadmin server role conveys the ability to kill a process (SPID) in SQL Server. Can't say as I would be comfy with a lot of people with that ability, myself.
In order to create/delete jobs, they will need access to the msdb database (by default all users do), and permissions on the following stored procedures, which also default to public:
If I give them this kind of access in msdb, won't it give them job and dts access to all databases?
Jobs and DTS packages are stored only in the msdb database, so yes. That's just the way the system is set up. If their user ids can access all databases, you would have had that, anyway. I am not sure if a user can try to specify a different user to run a job.