Agent not run a job: why?

Posted on

Question :

I’ve a scheduled job on Server A , that simply copy tables from a Linked Server (B) to local server (A).

Linked server was “linked” as follow :

enter image description here

I can access without problem to my Linked server (B) ..

Then, in my Agent on my server A my job step (simply an EXEC mystoredprocedure) was configured using as running user my domainusername and it return error “Access to the remote server is denied because the current security context is not trusted “.
Then i tried as “etluser” but it return error again.

If I manually run “Exec mystoredprocedure” it works, not in my server agent.

So how to configure agent step to run correctly ?

Thanks

Answer :

TSQL job steps always connect as the Agent service account, then do a SQL impersonation on the job owner. This is not a real Windows impersonation and doesn’t work for remote access.

Either configure the security to work for the Agent Service account, or use an Agent proxy and a Powershell or CmdExec step to run the query.

I arrived to fix this last week. Basically you are running the Agent Job on Server A and is working successfully because it’s using the local account on that server. But when it’s time to execute on Server B it fails you are using the local account of Server A on Server B.

If you are using Active Directory and you have a user which has access to both Server A and Server B go to SQL Server Configuration Manager > SQL Server Services > SQL Server Agent (MSSQLSERVER) > Log On > This Account > Browse

enter image description here

Here you are allowed to choose what user will execute the Agent Job. Setup a user which has privileges on both Server A and Server B

Leave a Reply

Your email address will not be published.