0

Assuming my SSIS package has:

  • Network file process (copy task)
  • Network flat file source task (that reads the file)
  • Oledb sql source task that reads data from table located on remote server (windows authentication)

Suppose I run the package using either of:

  1. Visual Studio (runs with credentials of Visual Studio user)

  2. SSIS catalog (right click package and execute, runs with credentials of SSMS user)

  3. SQL Server agent job step (runs Under credentials of SQL Server service user)

  4. SQL Server agent job with step using Run As based on proxy credentials (runs under credentials of proxy)

My understanding is that in all the 4 situations, only 1 hop is involved. But there are articles I have been reading and colleagues that are suggesting that there are 2 hops involved and I will have to deal with Kerberos without being able to explain to me where is the 2nd hop in this situation? Can someone advise?

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
variable
  • 8,262
  • 9
  • 95
  • 215
  • Scenario 2 could easily have a double hop, unless you are running the SQL Instance locally. As that would be you authenticated to your local machine, authenticating to the SQL Instance, which is then trying to use those credentials to access a file on a file server. – Thom A Apr 04 '21 at 09:43
  • If local instance, in scenario 2 when I right click and execute package, then Hop 1 is passing SSMS user credential to package. Hop 2 is passing the same credential to access the file. Am I getting this right? – variable Apr 04 '21 at 10:40

0 Answers0