ADSM-L

Re: [ADSM-L] TDP SQL Backups

2007-04-27 16:24:10
Subject: Re: [ADSM-L] TDP SQL Backups
From: Del Hoobler <hoobler AT US.IBM DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Fri, 27 Apr 2007 16:23:43 -0400
Bruce,

Data Protection for SQL requires SYSADMIN role for the ID that 
runs the backups and restores. This is because Data Protection for SQL 
uses the Microsoft recommended SQL Server Virtual Device Interface (VDI) 
API 
for performing backup and restore of the SQL Server databases.

In order to utilize the SQL Server "VDI" API, Microsoft SQL Server 
requires 
the SYSADMIN role because the VDI API actually shares storage with the 
SQL Server to increase performance. It also requires enough system 
permissions 
to read and write to the local registry.

The following is directly from the Microsoft VDI SDK documentation:

   "Security
    The system objects used to implement the virtual device set are 
    secured with an access control list. This list permits access to 
    all processes running under the account used by the primary client. 
    Access is also permitted to processes running under the account used 
    by Microsoft® SQL Server™, as recorded in the system services 
configuration.

    The server connection for SQL Server that is used to issue the 
    BACKUP or RESTORE commands must be logged in with the sysadmin fixed 
    server role. For more information, see Microsoft SQL Server Books 
Online."

Thanks,

Del

----------------------------------------------------

"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU> wrote on 04/27/2007 
03:31:30 PM:

> I finally got this working!  Thanks for the help.  I found out why it 
wasn't
> working the user wasn't given sysadmin rights to SQL.
> 
> My DBA's would like to know why the user can't only be in the backup
> operator role.
> 

<Prev in Thread] Current Thread [Next in Thread>