[sp_Blitz] msdb checks fire and fail because of permissions #3355
Comments
Montro1981
added a commit
to Montro1981/SQL-Server-First-Responder-Kit
that referenced
this issue
Sep 26, 2023
|
Pull request #3358 created |
BrentOzar
added a commit
that referenced
this issue
Oct 10, 2023
…it_3355 #3355 Added permissions check for MSDB
|
Thanks for the pull request! Good call on skipping those checks if we don't have access to MSDB, nicely done. Merging into the dev branch, will be in the next release with credit to you in the release notes. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Version of the script
Version 8.16
VersionDate 2023-08-20
What is the current behavior?
During the "declarations for First Responder Kit consistency check" step, a script is executed to retrieve all the databases where we have SELECT permissions, the msdb database can be included in this list.
Since we have SELECT permissions, the script assumes that we can also view the objects in the current security context.
The issue is similar to issue #3334
The errors are not fatal and the procedure will continue on it's merry way.
If the current behavior is a bug, please provide the steps to reproduce.
Create a user on the SQL server with VIEW SERVER STATE rights that is not mapped to the msdb database.
Execute:
This should fail.
What is the expected behavior?
There is a
@SkipMSDBvariable declared but it is never set or used, I propose to include a check similar to the model database check that was created for issue #3334 that sets the@SkipMSDBvariable. And when@SkipMSDB = 1then checks 6, 28, 57, 79, 94, 123, 180, 181, and 219 need to be added to the#SkipCheckstableThe text was updated successfully, but these errors were encountered: