xp_cmdshell (version 6.5)

Grants non-administrative users permission to execute xp_cmdshell.

For complete syntax information for xp_cmdshell, see the Microsoft SQL Server Transact-SQL Reference.

For more information about enabling more flexible security management, see What's New for Administrators earlier in this document.

Remarks

Generally, xp_cmdshell executes Windows NT commands in SQL Server's security context, which by default is a user account with local administrator authority. When a non-system administrator executes xp_cmdshell with the new configuration option set, the requested command runs in the SQLExecutiveCmdExec user account, which is the same account used by SQL Executive for scheduled tasks entered by non-system administrators.

When you grant execute permission for xp_cmdshell to users, the users can execute any operating-system command at the Windows NT command shell that the account running SQL Server (usually a local system account) has privilege to execute.

To restrict xp_cmdshell access to users who have administrator permission on the Windows NT-based computer where SQL Server is running, configure your SQL Server at the Server Options tab: Select the "xp_cmdshell - Use SQLExecutiveCmdExecAccount for Non-SAs" option.

Note If you select the "xp_cmdshell - Use SQLExecutiveCmdExec Account for NonSAs" option and the client logs on to SQL Server as the system administrator, the command is executed under SQL Server's security context instead of the SQLExecutiveCmdExec security context.