I have an AlwaysOn setup in which the jobs are running on domain service account which have been given access to a file share for backups. The jobs are not able to run.
This is the error message which I get
https://ola.hallengren.com Msg 50000, Level 16, State 1, Server xxxxx , Procedure DatabaseBackup, Line 457 The directory \xxxxxx\backups$ does not exist. Msg 50000, Level 16, State 1, Server HNATLD1SVRLSQ02, Procedure DatabaseBackup,
Should SQL agent account in the configuration manager run on the same account as the job owner or can it run on the NT\service account as shown in the screenshot attached, because the security context is still that of the job owner which has access to those file shares? What would be the best practice here? Please advice.
We have different service accounts running on the jobs
Best Answer
Add a proxy account for Operating System (CmdExec) jobs and run the Ola jobs under that. This way the proxy account can have proper access to only the backup shares, etc. and you don't have to elevate permissions on the SQL Agent account (and inherently any other jobs running under the SQL Agent security context). Principle of Least Privilege for the win! :)