In one of our recent migrations, we got the following error when the client tried to fire xp_cmdshell system stored procedure through some client code.

Msg 15153, Level 16, State 1, Procedure xp_cmdshell, Line 1
The xp_cmdshell proxy account information cannot be retrieved or is invalid. Verify that the ‘##SQL Server xp_cmdshell_proxy_account##’ credential exists and contains valid information.

So from Books online, this is what we got:

When xp_cmdshell is called by a user that is not a member of the sysadmin fixed server role, xp_cmdshell connects to Windows by using the account name and password stored in the credential named ##xp_cmdshell_proxy_account##. If this proxy credential does not exist, xp_cmdshell will fail.

The proxy account credential can be created by executing sp_xp_cmdshell_proxy_account. As arguments, this stored procedure takes a Windows user name and password. For example, the following command creates a proxy credential for Windows domain user SHIPPING\KobeR that has the Windows password sdfh%dkc93vcMt0.

So this is what we did:

 
1
2
3
4
EXEC sp_xp_cmdshell_proxy_account 'HOCBASE\admin', 'account_password';
GO
EXEC sp_xp_cmdshell_proxy_account 'HOCBASE\admin', 'account_password';
GO

And things worked fine. A few more things:

How do you drop the proxy credential?

 
1
2
EXEC sp_xp_cmdshell_proxy_account NULL;
GO

How can you find all the users (except sysadmins) who can execute or have access to xp_cmdshell?

 
1
2
Use master
EXEC sp_helprotect 'xp_cmdshell'

And who are all the sysadmins on the box?

 
1
2
Use master
EXEC sp_helpsrvrolemember 'sysadmin'

The xp_cmdshell proxy account information cannot be retrieved or is invalid. Verify that the '##xp_cmdshell_proxy_account##' credential exists and contains valid information.的更多相关文章

  1. Proxy account failing to run SSIS Error (Proxy (11) is not allowed for subsystem "SSIS" and user "AB\testuser ".

    USE [msdb]EXEC msdb.dbo.sp_grant_login_to_proxy @proxy_name=N'SSISProxyAgentV1', @login_name=N'WTC\E ...

  2. Next Instruction Access Intent Instruction

    Executing a Next Instruction Access Intent instruction by a computer. The processor obtains an acces ...

  3. Configure the MySQL account associate to the domain user via MySQL Windows Authentication Plugin

    在此记录如何将之前一次做第三发软件在配置的过程. 将AD user通过代理映射到mysql 用户. 在Mysql官网有这样一段话: The server-side Windows authentica ...

  4. SQL SERVER-开启xp_cmdshell

    在sql server中执行cmd命令,报以下异常. EXEC master.sys.xp_cmdshell 'dir c:/' Msg 15281, Level 16, State 1, Proce ...

  5. Risk Adaptive Information Flow Based Access Control

    Systems and methods are provided to manage risk associated with access to information within a given ...

  6. SSRS2:Reporting Service 配置Service Account

    1,Service Account SSRS以一个Service方式实现,有三部分组成:Web Service,Report Manager和一个后台的进程,这个Service运行的账号就是Servi ...

  7. Debugging Information in Separate Files

    [Debugging Information in Separate Files] gdb allows you to put a program's debugging information in ...

  8. 2014 牡丹江现场赛 i题 (zoj 3827 Information Entropy)

    I - Information Entropy Time Limit:2000MS     Memory Limit:65536KB     64bit IO Format:%lld & %l ...

  9. Nine Great Books about Information Visualization

    Nine Great Books about Information Visualization Maybe it’s anachronistic to celebrate static, print ...

随机推荐

  1. vue 设计一个倒计时秒杀的组件

    简介: 倒计时秒杀组件在电商网站中层出不穷  不过思路万变不离其踪,我自己根据其他资料设计了一个vue版的 核心思路:1.时间不能是本地客户端的时间  必须是服务器的时间这里用一个settimeout ...

  2. Dynamics CRM中跨域调用Web API 2

    关注本人微信和易信公众号: 微软动态CRM专家罗勇 ,回复224或者20160611可方便获取本文,同时可以在第一间得到我发布的最新的博文信息,follow me!我的网站是 www.luoyong. ...

  3. 【推荐】桌面版AI伴侣 含2.47 2.49 2.51汉化版

    桌面版AI伴侣,无需安装aiStarter,直接运行bat就能在电脑上启动AI伴侣,启动速度比虚拟机快很多.缺点是对硬件的要求比较高. 文件来自 https://mp.weixin.qq.com/s/ ...

  4. Redux进阶(一)

    State的不可变化带来的麻烦 在用Redux处理深度复杂的数据时会有一些麻烦.由于js的特性,我们知道当对一个对象进行复制时实际上是复制它的引用,除非你对这个对象进行深度复制.Redux要求你每次你 ...

  5. 调研pwa和sw

    概述 处于好奇,最近我调研了一下pwa和service worker,有些新的,记录下来,供以后开发时参考,相信对其他人也有用.pwa主要是通过service worker实现的,它主要包括桌面图标, ...

  6. 解决 React-Native mac 运行报错 error Failed to build iOS project. We ran "xcodebuild" command but it exited with error code 65. To debug build logs further, consider building your app with Xcode.app, by ope

    React-Native 开发的项目,Android 方面没有任何问题,IOS 就是无法跑起来,报错信息如下: mac 10.14.4 xcode 10.2.1 error Failed to bui ...

  7. springboot + redis(单机版)

    本次和大家分享的是在springboot集成使用redis,这里使用的是redis的jedis客户端(这里我docker运行的redis,可以参考 docker快速搭建几个常用的第三方服务),如下添加 ...

  8. cordova build android Command failed with exit code EACCES

    问题: 执行cordova build android 出现输出如下,编译不成功. ANDROID_HOME=/Users/huangenai/Library/Android/sdkJAVA_HOME ...

  9. MyX5TbsDemo【体验腾讯浏览服务Android SDK (完整版)】

    版权声明:本文为HaiyuKing原创文章,转载请注明出处! 前言 按照官网上的说明:可独立下载x5内核,也可共享使用微信或手Q的x5内核. 本Demo在引用腾讯X5内核的基础上进行了封装.参考< ...

  10. Mongodb在CSharp里实现Aggregate

    回到目录 今天主要用了一个mongodb.driver里的分组,事实上在网上介绍这方面的文章非常少,以至于我在出现问题后,无法找到一个正确的解决方案,最后还是通过异常信息找到的解决方法,所以感觉自己更 ...