问题
I have the following in a CMDExec type SQL Job step (details changed):
D:\path\PSExec.exe \\servername -accepteula -u "domain\username" -p password D:\path\executable.exe
This works fine. However, I have set up a proxy in SQL Server for the same user account - which the job is using, so you'd think I wouldn't need the -u and -p arguments. But if I don't supply them I get the error:
Unhandled Exception: System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
which is from SQL Server, because the remote executable connects to SQL as the same user context.
Why doesn't this work, and can I make it work without including the credentials in the job detail? (or a batch file, or similar)
Thanks
P.S. The SQL Server connected to by the remote executable is the same one as the job is run in, if it helps!
回答1:
The reason is because Kerberos is not running!
Thanks to Marc Jellinek on LinkedIn SQLDBA group :)
来源:https://stackoverflow.com/questions/13454402/permissions-for-psexec-run-from-sql-job