Does anyone know if it is possible to invoke xp_cmdshell as Administrator? I am working on trying to start the SQLSERVERAGENT service from TSQL but it fails with 'access denied' - from TSQL and from cmd.
The only way I can get it to succeed is to run cmd as Administrator and then
I dont want to alter UAC to get around this problem.
asked Sep 02, 2013 at 01:41 PM in Default
Seems UAC is going to be the sticking point and if it isn't taking the RUNAS command I don't see how it will work otherwise. Is CMD.EXE a must, can you not invoke PoSH to start the service?
answered Sep 02, 2013 at 02:24 PM
Not near a SQL instance to test, but I'm thinking you'd use sp_xp_cmdshell_proxy_account to set-up a proxy account with admin permissions, however this only comes into force when you try and run xp_cmdshell as a non-sysadmin, so you'd then have to execute as a lower permission login, which in turn would use the proxy. The danger here is that all non-sysadmin logins would have the same access whilst this was in place, so you'd have to tidy up once the command was run.
Seems messy :/
answered Sep 02, 2013 at 02:08 PM
Kev Riley ♦♦