以特定用户身份执行xp_cmdshell命令
[英]Execute xp_cmdshell command as specific user
问题描述
I would like to run xp_cmdshell (TSQL procedure) in order to mount a network drive and then access remotes mdb files. 
我想运行xp_cmdshell (TSQL过程)以安装网络驱动器,然后访问远程mdb文件。
I am administrator on the MS SQL server and I have allowed xp_cmdshell execution accordingly. 我是MS SQL服务器的管理员,因此我允许执行xp_cmdshell 。
However, there is still a problem: 但是,仍然存在一个问题:
When I call xp_cmdshell, the user executing the command is the SQL SysAdmin , ie the account who run SQL Server process.
当我调用xp_cmdshell时,执行该命令的用户是SQL SysAdmin ,即运行SQL Server进程的帐户。 I wish xp_cmdshell executes as the account with which I'm connected to SQL server, ie Administrator
我希望xp_cmdshell作为我连接到SQL服务器的帐户执行,即管理员
Both of theses account are in administrator group, SQLAdmin group, and are granted to CONTROL SERVER. 这两个帐户都在管理员组,SQLAdmin组中,并被授予CONTROL SERVER。 Both users belong to the same domain. 两个用户都属于同一个域。 All of this is run on the same machine. 所有这些都在同一台机器上运行。
Because of this conflict, I cannot use a network drive because it is mounted for SysAdmin and not for Administrator 由于这种冲突,我无法使用网络驱动器,因为它是为SysAdmin而不是为管理员安装的
I tried to use sp_ xp_ cmdshell_ proxy_ account to specify the account with which I want to run xp_cmdshell , but SysAdmin is still the used account. 我尝试使用sp_ xp_ cmdshell_ proxy_ account来指定我想要运行xp_cmdshell的帐户,但SysAdmin仍然是已使用的帐户。
Therefore, this code : 因此,这段代码:
select user_name(), suser_name;
exec xp_cmdshell 'echo %username%';
displays : 显示:
Administrator Administrator
SysAdmin
Does anybody knows how to impersonate well the xp_cmdshell command ? 有谁知道如何充分模仿xp_cmdshell命令? Is there something to (re)configure? 是否有(重新)配置的东西?
Thanks for your help. 谢谢你的帮助。
7 个解决方案
解决方案1
8 2009-07-27 03:57:33
Because you're connecting to SQL as a login in the sysadmin group, xp_cmdshell runs as the service account. 由于您将SQL连接到sysadmin组中的登录名,因此xp_cmdshell将作为服务帐户运行。
If you connect as a low-privilege login, then it will use the xp_cmdshell_proxy_account instead. 如果以低权限登录连接,则它将使用xp_cmdshell_proxy_account 。 So try doing EXECUTE AS LOGIN='lowprivaccount' first, to see if that helps. 因此,首先尝试执行EXECUTE AS LOGIN='lowprivaccount' ,看看是否有帮助。
Of course, what you're actually asking is not the expected use. 当然,你实际要问的不是预期用途。 Expected use is that the high-privilege accounts can allow xp_cmdshell to use the Service Account, whereas everyone else has to put up with the lower privilege proxy account. 预期使用是高权限帐户可以允许xp_cmdshell使用服务帐户,而其他所有人都必须使用较低权限代理帐户。
解决方案2
3 2009-08-03 18:37:27
I actually have had to use this method in the past for similar things on network shares, try this... 我实际上不得不在网络共享中使用这种方法来做类似的事情,试试这个......
-- map your drive and make it persistent.
xp_cmdshell"net use t: \\\\<server>\\<share> <password> /user:<username> /persistent:yes"
-- t-sql code making use of the t drive
-- delete the drive mapping xp_cmdshell"net use t: /delete"
you can actually set up a job that executes when sql service starts and make it map this drive so you will always have access to the share as long as sql is running. 您实际上可以设置一个在sql服务启动时执行的作业,并使其映射此驱动器,这样只要sql正在运行,您就可以始终访问该共享。 All you would need to do is setup a sproc that maps the drive and have it do the initial mapping of the drive and make use of sp_procoption ( http://msdn.microsoft.com/en-us/library/ms181720.aspx ) 您需要做的就是设置一个映射驱动器的sproc并让它执行驱动器的初始映射并使用sp_procoption( http://msdn.microsoft.com/en-us/library/ms181720.aspx )
解决方案3
1
Maybe you could try PsExec? 也许你可以试试PsExec? Download the file at this URL and copy it in a folder member of the %Path% environment variable. 从此URL下载文件,并将其复制到%Path%环境变量的文件夹成员中。
http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
exec xp_cmdshell 'psexec -u Administrator -p password net use ...'
解决方案4
0 2009-07-12 14:01:52
You could try "net use" with a username and password inside xp_cmdshell. 您可以在xp_cmdshell中使用用户名和密码尝试“net use”。 This establishes the credentials for the connection to the UNC. 这将建立与UNC连接的凭据。
However, I'm not sure how long this would persist. 但是,我不确定这会持续多久。 If it persists indefinitely (eg until server restart), you could have a start-up stored procedure that does "net use" and ensures it's available for use later. 如果它无限期地持续存在(例如,直到服务器重新启动),您可以拥有一个“净使用”的启动存储过程,并确保它可以在以后使用。
A subsequent xp_cmdshell (to access the MDB files) would not require the authentication because the credentials are already established within the OS. 后续的xp_cmdshell(用于访问MDB文件)不需要身份验证,因为已在操作系统中建立了凭据。
解决方案5
0 2016-08-03 19:56:46
I found this page helped fill in the gaps in the process of actually adding the domain account and linking it. 我发现此页面有助于填补实际添加域帐户并链接它的过程中的空白。
http://sqlblog.com/blogs/tibor_karaszi/archive/2007/08/23/xp-cmdshell-and-permissions.aspx http://sqlblog.com/blogs/tibor_karaszi/archive/2007/08/23/xp-cmdshell-and-permissions.aspx
解决方案6
-1 2016-03-23 06:08:51
After restart server must execute command plase solution save command... 重启后服务器必须执行命令plase solution save命令...
Use Master GO
EXEC master.dbo.sp_configure 'show advanced options', 1 RECONFIGURE WITH
OVERRIDE GO
EXEC master.dbo.sp_configure 'xp_cmdshell', 1 RECONFIGURE WITH OVERRIDE GO
exec xp_cmdshell 'net use \ip\xxx pass /user:xxx /persistent:no'
Use Master GO
EXEC master.dbo.sp_configure 'show advanced options', 1 RECONFIGURE WITH
OVERRIDE GO
EXEC master.dbo.sp_configure 'xp_cmdshell', 0 RECONFIGURE WITH OVERRIDE
解决方案7
-2 2013-05-15 12:34:20
You must create a stored procedure to which you will place your xp_cmdshell script in it. 您必须创建一个存储过程,将xp_cmdshell脚本放入其中。
A stored procedure runs using the administrator account, therefore your xp_cmdshell will successfully run when you execute the stored procedure 存储过程使用管理员帐户运行,因此在执行存储过程时将成功运行xp_cmdshell
create procedure RunShellIndirectly
as
declare @tawandachinaka as varchar(50)
set @tawandachinaka='DIR "c:\scrap measurement\"*.csv /B'
EXEC xp_cmdshell @tawandachinaka
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.