Phil,
In a nutshell, it is supposed to work this way. Read on to find out why.
Please read the following from the Microsoft SQL documentation and
SQL Server Unleashed Book:
The /SQLSECURE option sets the secure connection flag in
the SQL login record structure.
"By setting the secure connection flag in a LOGINREC structure ...
the application requests a secure, or trusted connection to SQL server.
This means that SQL server will use integrated login security to establish
connections made ... with this LOGINREC, regardless of the
current login security mode at the server."
"To use ... trusted connections, you must first use ...
SQL security manager to grant SQL Server system administrator or
user privilege to the appropriate Windows NT based groups or users.
Use ... SQL Security Manager to revoke SQL Server privileges and
stop a user or group from using a trusted connection."
Note: Setting the secure connection flag in a LOGINREC structure
"enables trusted connections even when the server is in
standard login security mode".
By default, the SQL agent logs in to the SQL server
using the special 'sa' login.
"The sa login is a special login that is created as part of the
installation process. The sa login owns the server and system
databases ... "
"Regardless of actual database ownership, the sa is seen as
the dbo of any user database."
Del Hoobler
ADSM Agent Development
=================================================================
>> I have been playing around with the security options for the
>> SQL Server ConnectAgent.
>>
>> Our SQL Server is NOT configured for integrated or mixed security.
>> It is running standard security (as confirmed by our SQL DBA).
>>
>> However when I run with the GUI under an administrative account, I can use
>> the trustedsecurity option to backup the SQL databases.
>>
>> This is further demonstrated when I run the ADSM SQL scheduler service under
an
>> administrative user, specifying the "/sqlsecure" option to backup
>> the SQL databases. This again works OK.
>>
>> Have I encountered a bug or is this expected behaviour.
>>
>> Any ideas would be much appreciated.
>>
>> Regards
>> Phil
|