|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
security problem with xp_cmdshellThis sql code doesn't work. set @cmd = 'D:\data\gegevensbeheer\produktie\AccountSynchroTrigger\AccountSynchroTrigger.exe ' set @cmd = @cmd + Cast(@PersoonID as nvarchar(10)) exec master.dbo.xp_cmdshell @cmd It has worked with a simpel exe program. This exe program adds user to the active directory. In that exe, I impersonate the user to the one that had enough rights in the AD. When I execute this exe on the server (command line), it works fine, but when I execute it in the query analyser, it doesn't. How Can I set a specific user with an sql statement or how can I solve this problem? The errors are: NULL Unhandled Exception: System.NullReferenceException: Object reference not set to an instance of an object. at LessiusBLL.AccountBeheerBLL.MaakNieuweAccount(Int32 persoonId) at AccountsSynchroTrigger.Program.Main(String[] args) NULL Unhandled Exception: System.NullReferenceException: Object reference not set to an instance of an object. at LessiusBLL.AccountBeheerBLL.MaakNieuweAccount(Int32 persoonId) at AccountsSynchroTrigger.Program.Main(String[] args) NULL thanks Filip PS: the exe is a c# 2.0 program. Which SQL Server version?
On 2005 you can impersonate special users. On 2000 - when sa calls XP_cmdshell it runs as the service account (local system by default). Non sa accounts use a proxy account that you can configure in EntManager. try executing "whoami.exe" to check the account used. --- Dominick Baier, DevelopMentor http://www.leastprivilege.com Show quoteHide quote > Hi evryone, > > This sql code doesn't work. > set @cmd = > 'D:\data\gegevensbeheer\produktie\AccountSynchroTrigger\AccountSynchro > Trigger.exe ' > set @cmd = @cmd + Cast(@PersoonID as nvarchar(10)) > exec master.dbo.xp_cmdshell @cmd > It has worked with a simpel exe program. > This exe program adds user to the active directory. > In that exe, I impersonate the user to the one that had enough rights > in the > AD. > When I execute this exe on the server (command line), it works fine, > but when I execute it in the query analyser, it doesn't. > > How Can I set a specific user with an sql statement or how can I solve > this problem? > > The errors are: > NULL > Unhandled Exception: System.NullReferenceException: Object reference > not set > to an instance of an object. > at LessiusBLL.AccountBeheerBLL.MaakNieuweAccount(Int32 persoonId) > at AccountsSynchroTrigger.Program.Main(String[] args) > NULL > Unhandled Exception: System.NullReferenceException: Object reference > not set > to an instance of an object. > at LessiusBLL.AccountBeheerBLL.MaakNieuweAccount(Int32 persoonId) > at AccountsSynchroTrigger.Program.Main(String[] args) > NULL > thanks > > Filip > > PS: the exe is a c# 2.0 program. > SQL Server 2000 SP4
where in the enterprise manager can I set the user for the xp_cmdshell stored procedure? Show quoteHide quote "Dominick Baier" wrote: > Which SQL Server version? > > On 2005 you can impersonate special users. > > On 2000 - when sa calls XP_cmdshell it runs as the service account (local > system by default). Non sa accounts use a proxy account that you can configure > in EntManager. > > try executing "whoami.exe" to check the account used. > > --- > Dominick Baier, DevelopMentor > http://www.leastprivilege.com > > > Hi evryone, > > > > This sql code doesn't work. > > set @cmd = > > 'D:\data\gegevensbeheer\produktie\AccountSynchroTrigger\AccountSynchro > > Trigger.exe ' > > set @cmd = @cmd + Cast(@PersoonID as nvarchar(10)) > > exec master.dbo.xp_cmdshell @cmd > > It has worked with a simpel exe program. > > This exe program adds user to the active directory. > > In that exe, I impersonate the user to the one that had enough rights > > in the > > AD. > > When I execute this exe on the server (command line), it works fine, > > but when I execute it in the query analyser, it doesn't. > > > > How Can I set a specific user with an sql statement or how can I solve > > this problem? > > > > The errors are: > > NULL > > Unhandled Exception: System.NullReferenceException: Object reference > > not set > > to an instance of an object. > > at LessiusBLL.AccountBeheerBLL.MaakNieuweAccount(Int32 persoonId) > > at AccountsSynchroTrigger.Program.Main(String[] args) > > NULL > > Unhandled Exception: System.NullReferenceException: Object reference > > not set > > to an instance of an object. > > at LessiusBLL.AccountBeheerBLL.MaakNieuweAccount(Int32 persoonId) > > at AccountsSynchroTrigger.Program.Main(String[] args) > > NULL > > thanks > > > > Filip > > > > PS: the exe is a c# 2.0 program. > > > > > good question. I have no ent mgr around - i think it is somewhere under Management
- but i can't remember really. --- Dominick Baier, DevelopMentor http://www.leastprivilege.com Show quoteHide quote > SQL Server 2000 SP4 > > where in the enterprise manager can I set the user for the xp_cmdshell > stored procedure? > > "Dominick Baier" wrote: > >> Which SQL Server version? >> >> On 2005 you can impersonate special users. >> >> On 2000 - when sa calls XP_cmdshell it runs as the service account >> (local system by default). Non sa accounts use a proxy account that >> you can configure in EntManager. >> >> try executing "whoami.exe" to check the account used. >> >> --- >> Dominick Baier, DevelopMentor >> http://www.leastprivilege.com >>> Hi evryone, >>> >>> This sql code doesn't work. >>> set @cmd = >>> 'D:\data\gegevensbeheer\produktie\AccountSynchroTrigger\AccountSynch >>> ro >>> Trigger.exe ' >>> set @cmd = @cmd + Cast(@PersoonID as nvarchar(10)) >>> exec master.dbo.xp_cmdshell @cmd >>> It has worked with a simpel exe program. >>> This exe program adds user to the active directory. >>> In that exe, I impersonate the user to the one that had enough >>> rights >>> in the >>> AD. >>> When I execute this exe on the server (command line), it works fine, >>> but when I execute it in the query analyser, it doesn't. >>> How Can I set a specific user with an sql statement or how can I >>> solve this problem? >>> >>> The errors are: >>> NULL >>> Unhandled Exception: System.NullReferenceException: Object reference >>> not set >>> to an instance of an object. >>> at LessiusBLL.AccountBeheerBLL.MaakNieuweAccount(Int32 persoonId) >>> at AccountsSynchroTrigger.Program.Main(String[] args) >>> NULL >>> Unhandled Exception: System.NullReferenceException: Object reference >>> not set >>> to an instance of an object. >>> at LessiusBLL.AccountBeheerBLL.MaakNieuweAccount(Int32 persoonId) >>> at AccountsSynchroTrigger.Program.Main(String[] args) >>> NULL >>> thanks >>> Filip >>> >>> PS: the exe is a c# 2.0 program. >>> 
Other interesting topics
PKI confusion...
VS2005 Throws Security Exception when run from Network!? How to determine required privileges? Windows Authentication in VB.Net Application ASP.NET Cookie Handling Client certificate error with web services what about LDAP? ActiveDirectoryMembershipProvider against non microsoft LDAP caspol -addpset How do we become a trusted publisher so ClickOnce works smoothly? |
|||||||||||||||||||||||
