Permission to User to Execute xp_servicecontrol

I am using SQL Server Authentication. For you build processes I need to create a User which is able to run xp_servicecontrol procedure. I am using this procedure for knowing the status of Agent service. So what permission should I give to my user so
that it can execute this procedure.
I have already given EXECUTE ON xp_cmdshell, xp_servicecontrol. What else I need to do.

Hello,
xp_servicecontrol is an undocumented & unsupported Extended procedure. And it's a "dangerous" one, because you can stop a Service, even shutdown the complete Server; I would avoid it
http://www.mssqltips.com/sqlservertip/2036/monitor-start-and-stop-sql-server-services-using-xpservicecontrol/
Olaf Helper
[ Blog] [ Xing] [ MVP]

Similar Messages

  • Special permission on Db_datareader user for execute sp_helptext

    Hi friends
    I have a question.  Is there a method that allow a user db_datareader execute the procedure sp_helptext?. 
    I tried the following with bad results:
    1) I created a role in my database and i tried to assign the sys.sp_helptext procedure but appears the following message:
    "Permissions on server scoped catalog views or system stored procedures or extended stored procedures can be granted only when the current database is master (Microsoft SQL Server, Error:4629)"
    So, i created the role in the master and i assign the user. but it didn't work in the execution.
    2) in a blog i found that was possible using this script:
    grant VIEW DEFINITION on OBJECT::sys.sp_helptext to RL_Ejecutor
    The "RL_Ejecutor" is a role that i created but it didn't work.
    Please help me with this
    Greetings

    db_datareader is a fixeddatabase role. That means you cannot change the permissions db_datareader has.
    To allow a user to execute succesfully sp_help text over an object (a view, stored procedure or function) the user must have at least view definition permission on that object, not on sp_help_text stored procedure.
    The following statement grants view definition permission to TestUser (a user in the database)
    GRANT VIEW DEFINITION TO TestUser
    TestUser now can execute successfully sp_help on any object of the current database.
    If you want to allow TestUser to view the definition of an specific object you execute the following statement:
    GRANT VIEW DEFINITION ON dbo.YourStoredProcedure TO TestUser
    The same is valid for a user defined database role, just replace TestUser with the name of your database role.
    "No darás tropezón ni desatino que no te haga adelantar camino" Bernardo Balbuena

  • Error 8 File permission error while building executable for a RT

    I got error 8 File permission error while building executable for a RT. It happened always after build, I mean new startup.rtexe and startup.alias files have been created. At the build properties, it was set use default .alias file.
    I had the executable built successfully at one time.
    The detail message is:
    Visit the Request Support page at ni.com/ask to learn more about resolving this problem. Use the following information as a reference:
    Error 8 occurred at Open/Create/Replace File in RTBEP_Generate_Deploy_Instructions.vi->RTBEP_Invoke_Build_Engine.vi->RTBUIP_Build_Invoke.vi->RTBUIP_Build_Rule_Editor.vi->RTBUIP_Open_Properties.vi->RTBUIP_Item_OnDoProperties.vi->RTBUIP_Item_OnDoProperties.vi.ProxyCaller
    Possible reason(s):
    LabVIEW:  File permission error. You do not have the correct permissions for the file.
    =========================
    NI-488:  DMA hardware error detected.
    I checked relevant posts, couldn't find any clue.
    Please give me some ideas.
    Thanks.

    Hi Ya-hoo,
    Error building application in LabView 8.0 seems to describe a similar situation. The .alias file is important, as described in that discussion forum.
    Cheers.
    | Michael K | Project Manager | LabVIEW R&D | National Instruments |

  • Security permission to user Group for menuitem in ax 2012

    Hi experts,I have a query,
    Query is that i want to give menu item level permission to user group,for e.g i want to show accounts Payable
    all set up parameter to Finance Group,so how it can be done? i don't want to use Roles--->Duties------->Privileges method,
    I want to just create two groups for one ACount Payable set up parameters will be showed on main ,and for
    other group it was disable?
    is that possible with out creating new roles ,duties and then privileges procedure?

    Hi Munsifuv. You might get more help on this and your other AX questions on an AX-specific forum. We can help with connecting Power Query to data sources, but aren't necessarily experts on configuring those sources.
    Thanks,
    Ehren

  • Grant the Essbase application permission to user in Shared Services

    Hi,
    We got a problem in granting the Essbase permission to user using Shared Services. We are using Hyperion 9.3.1.
    (1) We created an Essbase application + database through Essbase Administration Console, say TBC.Sales.
    (2) Provision the Essbase "Server Access" + Essbase Application "Read" roles to a user.
    (3) In Essbase Admin Console, we "Refresh Security from Shared Services".
    However, the user still cannot see the Essbase Database in SmartView. Does anyone know how to fix the problem?

    The problem is fixed with Essbase 9.3.1.3.0.5.

  • Client and user to execute COM_PRODUCT_UPGRADE

    Hello:
    I am almost finishing the SAP upgrade from 46C to ECC 6.0; Upgrade Assistant is asking for execution of report  COM_PRODUCT_UPGRADE using SE38.
    ¿Which client and user should I use to do this work? ¿Is it possible tio use client 000 and user DDIC? The manual is not clear about this.
    Thank you.

    Hi,
    It does not appear important which client/user you execute the report COM_PRODUCT_UPGRADE:
    Note 826092:
    Executing conversion programs for product master
                                                                      Page 6
    In the upgrade guides for ramp-up, the following follow-up activity is
    missing:
    As of SAP netWeaver 2004s, several conversion reports needed for the
    product master are bundled into a single report, COM_PRODUCT_UPGRADE.
    If the upgrade log LONGPOST.LOG (displayed in phase CHK_POSTUP) requests
    you to execute the upgrade report COM_PRODUCT_UPGRADE, after the
    upgrade, call transaction SE38 and execute the report. A transport
    request is created which you need to transport in all subsequent
    systems. After the import of the transport request, you must run report
    COM_PRODUCT_UPGRADE in the respective subsequent systems.
    Regards,
    Aidan

  • Limit users to execute "SELECT" statemes only from SQL Developer

    Hi:
    Is there a way to control what SQL command can be executed from SQL Developer?
    I am trying to limit users to execute "SELECT" statements only from SQL Developer.
    I believe SQL*Plus used to have the product profile where I can control what SQL command can be executed from what user.
    Thanks in advance.

    There's nothing special in sqldev to enforce privileges, the database does all that already. See the database documentation on the GRANT and REVOKE statements. Basically, you would only want to grant SELECT privileges to your users...
    Have fun,
    K.

  • Help: How to send response to user witch executed the workitem

    Hi friends,
    I want to execute MIGO transaction by workflow. I developed it by BAPI but, I'm using the PR_NAME parameter (on BAPI_GOODSMVT_CREATE HEADER) so it will be stored as the user witch executed MIGO.
    I'm trying to send the follow variable: &_WORKITEM.EXECUTEDBYUSER.NAMEWITHLEADINGUS&, but it doesn't work. With variable can I use to do it ?
    Glauco
    Message was edited by: Glauco Kubrusly

    Hi,
    1-Check UNAME element in the WF container has both the import & export attributes checked.
    ->YES.
    2-Check in the WF log if the UNAME element in the WF container is getting popualted with the approver's id.
    ->YES. NOW IT'S BACKING WITH THE CORRECT USER.
    3-And lastly Check the BAPI independently and verify it is actually using the user id supplied or defaulting to the executing user's id.
    ->NOT FOR TASK MIGO IN BACKGROUND.
    ->NOT FOR BAPI INDENPENDENTLY RUN TOO. I run the funcion in foreground and put the user directly in the var uname. But the R/3 system stored as my user whose I logged in SAP. I know that it's wrong coz I put another user instead mine, and the MIGO document is with my sap user. I think parameter pr_name didn't work fine.
    I discovered that the pr_name (BAPI_GOODSMVT_CREATE parameter) didn't work fine. Coz even foreground it's storing my actual logged user as document creator on MIGO, I know that coz I put another user in the test, but the function simply ignored this parameter. So always in background it will always store as wf-batch.
    Message was edited by: Glauco Kubrusly

  • Configure Drop off library with no permission for users on target document libraries

    I have configured content organizer feature and created 3 rules with 3 target document libraries.
    Users have only permission on drop off document library.
    When they upload, document is moved to target doc lib, but pop-ups message saying you do not have access to view.
    Is there a way to stop that message from showing?
    We do not want to give permission for users on target libraries.
    Thanks,
    Abhilash

    As per my knowledge, you cannot supress this message
    However, you can create a redirection script on Upload.aspx page which will redirect users to home page once document uploaded.
    Here is an example of same:
    http://social.technet.microsoft.com/Forums/sharepoint/en-US/1c22db84-b652-43bb-b85b-f1757e65e531/redirect-to-a-custom-confirmation-page-after-upload-the-document?forum=sharepointgeneralprevious

  • CUP 5.3 sp7.1 - 049:Role assignment to user not executed completely

    Hello Experts,
    Message received in audit information:
    049:Role assignment to user not executed completely
    Can anyone help me with why I am receiving this message?
    =[],id=6129,reqNo=201000139,actionDate=Tue Oct 19 10:40:27 EDT 2010,action=ROLE_PROVISIONING_FAILED,userId=U03776,path=,stage=,actionValue=PR4-300,description=049:Role assignment to user U10025 not executed

    Hi,
    Check that the connector that you have created is working fine and also the user ID that you are using in the backend system is within the valditiy date and all the required authorizations.
    Use remote login and ensure that the user can login with out any issues and has all the required authorizations.
    Rgds,
    Raghu

  • Find the user that executed the SQL procedure

    We are using Oracle 10g R2 on Linux.
    I want to know the OS user that executed the purging procedure (PURGE). For this, i am using the following query which is not returning any row:
    select *
    from DBA_HIST_ACTIVE_SESS_HISTORY ash, DBA_HIST_SQLTEXT s
    where ASH.SQL_ID = s.SQL_ID
    and UPPER(s.SQL_TEXT) like '%PURGE%';Is the above query fine?

    Moazzam wrote:
    We are using Oracle 10g R2 on Linux.
    I want to know the OS user that executed the purging procedure (PURGE). For this, i am using the following query which is not returning any row:Since what you are doing to get the user indirectly is not working would another approach be helpful?
    Since you want to know who is running the procedure would a log table you could insert into at the start or end of the procedure help, to store the information you are interesting in seeing?
    Or, can you get the information you want from other system views? V$SESSION has the OSUSER column as well as SQL_ID and other join columns for other views (like V$SQL).

  • Restrict user to execute just 1 variant

    Hi,
    I want to restrict a user to execute only a particular variant of a custom program (ZEXECFTP). I do not want to change the custom program ZEXECFTP & I have thought of the following options -
    1. Create a wrapper program that has the same selection criteria as the existing custom program ZEXECFTP and check whether the selection criteria values of the wrapper program satisfy the variant restriction requirements and then use the SUBMIT command call for ZEXECFTP.
    2. Create a transaction with program ZEXECFTP and a default variant value with the user variant. ( But I do not think this option stops the user from selecting other variants)
    Any help and hints would be appreciated.

    I assigned a default variant for a new transaction and I disabled the user from selecting or saving any variants. Following is the code I have used -
    INITIALIZATION.
      APPEND 'GET'  TO tbl_ucomm. "select variant
      APPEND 'VSHO' TO tbl_ucomm. "display variant
      APPEND 'VDEL' TO tbl_ucomm. "delete variant
      APPEND 'SPOS' TO tbl_ucomm. "save a variant
      CALL FUNCTION 'RS_SET_SELSCREEN_STATUS'
        EXPORTING
          p_status  = v_pfkey
          p_program = ''
        TABLES
          p_exclude = tbl_ucomm.
    Might not be the straight forward way or foolproof way but works in this case. I could have used authorization objects to make it completely secured but it was not needed in this case.

  • Trace the statements which the user had executed

    Hi all,
    if i want to trace the statements which the user had executed, what should i do?

    Query the v$sqlarea or v$sql view. The sql_text column
    will print out the entire sql string statement.
    SQL > select sql_text from v$sqlarea where parsing_user_id = <input>
    But its length is restricted to 1000 characters. If the query statement exceeds 1000 characters, you can query
    from the v$sqltext view
    The parsing user id is the same as stored in the dba_users table
    SQL > select sql_text from v$sqltext where address = ( select address from v$sqlarea where parsing_user_id = <input> ) order by piece asc;
    Is this what you were looking for ???

  • Search account got - Insufficient sql database permissions for user. EXECUTE permission was denied on the object proc_Gettimerrunningjobs

    Dear all,
    I am troubleshooting a critical error showed up on Event log.  It said:
    Insufficient sql database permissions for user 'Name:domain\wss_search ....... EXECUTE permission was denied on the object 'proc_GetTimerRunningJobs', database 'SharePoint_Config', schema 'dbo'
    domain\wss_search is the default content access account. According to
    http://technet.microsoft.com/en-us/library/cc678863.aspx I should not grant it the Farm Administrators permission.
    In the Search Center I am able to search out documents as expected so I think the search service is fine.   However I have no clue why this account is trying to access 'proc_GetTimerRunningJobs'.
    Mark

    Hi Mark,
    This issue was caused by the search account’s permission. For resolving your issue, please do as the followings:
    Expand your SharePoint Configuration database 'SharePoint_Config' and navigate to ‘proc_GetTimerRunningJobs’ under Programmability ->Stored Procedures
    Right-click proc_GetTimerRunningJobs and choose Properties
    Click on Permission on the left launch
    Select the Search button and browse for ‘WSS_Content_Application_Pools’
    Provide ‘Execute’ permissions for ‘WSS_Content_Application_Pools’
    Click OK
    Here are some similar posts for you to take a look at:
    http://adammcewen.wordpress.com/2013/03/01/execute-permission-denied-on-sharepoint-config-db/
    http://technet.microsoft.com/en-us/library/ee513067(v=office.14).aspx
    I hope this helps.
    Thanks,
    Wendy
    Wendy Li
    TechNet Community Support

  • Insuffiecient SQL database Permission for User

    Hi All,
    The following error is coming in the Event Viewer:
    Insufficient SQL database permissions for user 'Name: NNOK\SPPEAPO_SVC001_ES SID: S-1-5-21-2610070952-2089559051-1579118431-1720 ImpersonationLevel: Impersonation' in database 'SharePoint_AdminContent_6fa0b459-ed7c-481f-85c4-b81753e39346' on SQL Server instance
    'NOKWDCFISP'. 
    The EXECUTE permission was denied on the object 'proc_GetTimerRunningJobs', database 'SharePoint_Config', schema 'dbo'.
    Kindly reply if you know the solution for this.
    Thanks in Advance.
    Pravin Dhulap

    Hi Pravin,
    You can grant "WSS_Content_Application_Pools" execute permission to the procedure "proc_GetTimerRunningJobs"
     under SharePoint _Config database, then check results again. 
    Here is another post you can take a look.
    https://social.msdn.microsoft.com/Forums/sharepoint/en-US/a0d08e98-1fd6-42cf-b738-6ba3df082210/search-account-got-insufficient-sql-database-permissions-for-user-execute-permission-was-denied?forum=sharepointadmin
    http://sharepointpaul.blogspot.jp/2013/09/resolution-of-sharepoint-event-id-5214.html
    Thanks
    Daniel Yang
    TechNet Community Support

Maybe you are looking for

  • Calendar times from Outlook are all wrong on my Iphone

    I am using MobileMe to sync an Outlook 2003 calendar to an Iphone. I have timezone support enabled on MobileMe and the Iphone. The event times are all correct in Outlook and MobileMe, but all seem to be shifted 8 hours forward on the Iphone. We are i

  • MOVED: how can i find out if my video card has reached the repair centre

    This topic has been moved to Anything Under The Sun. https://forum-en.msi.com/index.php?topic=183793.0

  • How do I create PDF so that user can insert a placed file using Acrobat Reader

    I have just upgraded to CS4 which has Adobe Acrobat Pro. I am creating PDF's within Pro, adding text fields and buttons for customers to access and fill in using Adobe Reader. This has worked great but I would also like to add a box with text saying

  • Search not returning all 10 results per page

    Anyone seen this? When i do a search, i don't get all 10 per page... "Results from your search: 1055. Showing: 1-7." however, when i hit 'next' "Results from your search: 1055. Showing: 11-16." why aren't i seeing 8, 9 17, 18, 19....etc? 6.1 portal

  • Cannot sync address book

    I have an iphone 3G (model MA712LL) i'd like to upgrade to a 4S. When i try and sync my 3 to itunes the phone shows up the main screen just shows white with the word "iPhone" in the center- no other options. The only choice i have is to eject. I'm ru