Alternate of xp_cmdshell | SQL Server Performance Forums

SQL Server Performance Forum – Threads Archive

Alternate of xp_cmdshell

I have created normal user without sysadmin role.Previously this user were using xp_cmdshell to check for file existence with sysadmin role.So how this user can achieve same task without sysadmin role . Is there any alternative way of doing same task.
Rajeev Kumar Srivastava
–ALWAYS BE POSITIVE!–
You can use the xp_fileexist undocumented extended stored procedure to determine whether the particular file exists on the disk or not. Syntax: EXECUTE xp_fileexist filename [, file_exists INT OUTPUT] To check whether the file boot.ini exists on the disk C: or not, run: EXEC master..xp_fileexist ‘c:oot.ini’
Not entirely sure, but I would guess you also need sa privileges to run this proc. —
Frank Kalis
Microsoft SQL Server MVP
http://www.insidesql.de
Ich unterstütze PASS Deutschland e.V. http://www.sqlpass.de)
For the xp_fileexist user do not need sa privileges to run this proc.
But how to move and delete the files without using xp_cmdshell?
Rajeev Kumar Srivastava
–ALWAYS BE POSITIVE!–

Is this a script they are running or is it controlled through a job?
quote:Originally posted by rajeev_id For the xp_fileexist user do not need sa privileges to run this proc.
But how to move and delete the files without using xp_cmdshell?
Rajeev Kumar Srivastava
–ALWAYS BE POSITIVE!–
Most of the times through jobs.And is there any other way of doing all this work without using extended stored procedure?
Rajeev Kumar Srivastava
–ALWAYS BE POSITIVE!–
Are you responsible for the jobs and then you inform them of failures or are they reponsible for their own jobs? If you are responsible for the jobs, then you could enable ‘only useres with sysadmin priveledges can execute..’ on the SQLAgent properties and then they cannott directly run the xp_cmdshell but the job can run under sa priveledges. It can be done without the use of xp’s if you program outside of SQL server (ActiveX scripts etc). But again, if you control the jobs then you wont need to go that far.
quote:Originally posted by rajeev_id Most of the times through jobs.And is there any other way of doing all this work without using extended stored procedure?
Rajeev Kumar Srivastava
–ALWAYS BE POSITIVE!–
Rajeev On the security perspective avoid giving XP_CMDSHELL or other undocumented XPs to execute to the normal user and I believe the user must need SYSADMIN privileges even to run such extended XPs. Satya SKJ
Moderator
http://www.SQL-Server-Performance.Com/forum
This posting is provided “AS IS” with no rights for the sake of knowledge sharing.
Satya I agree with you that is why I wanted to know is there any other way to achieve same task such as copy, delete and moving of files by normal uses ( user with minimum privileges ). Rajeev Kumar Srivastava
–ALWAYS BE POSITIVE!–
Not as such I know, fyi
http://www.databasejournal.com/features/mssql/print.php/1580041
http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=22 &http://www.microsoft.com/technet/community/chats/trans/sql/sql0924.mspx links. Satya SKJ
Moderator
http://www.SQL-Server-Performance.Com/forum
This posting is provided “AS IS” with no rights for the sake of knowledge sharing.
]]>