I have created an SSIS package that will be deployed to client SQL installations (2005, 2008 or 2008 R2) to perform data extracts which provide a support tool for our product. The deployment process requires that a Windows AD account (normal user, no elevated privileges) is created as this is used as a service account to execute the SSIS package in a SQL Agent job by way of a credential and a proxy account. This all works perfectly and means I can restrict the privileges required to perform this job.
However, I wanted to include error logging in the SSIS package to the Windows Event Log. When I run the package in BIDS (which of course uses my own credentials) and force the failure of the package, it logs just fine. When I force the package to fail (by putting a duff connection string into the config file) whilst being run by the SQL Agent job, nothing is logged. The service account is being used and it is an authenticated user on my SQL Server host machine but it will not write to the event log. If I add the service account to the local administrators group, it writes to the log just fine, but I thought the idea of the Windows event log was that you did not need elevated privileges to write to it?
Our support teams are keen to use the Windows Event Log but I can see no way of doing so without granting high privileges to a service account which I would rather not do. Am I missing something? The Logging tab in the SSIS job step page doesn't seem to do a lot but perhaps that's what I'm missing?
Apologies if this is more suited to ServerFault, but I couldn't quite decide which side of the line this fell as it is a problem encountered during development. If it is then I'll relocate it.
Many thanks
Steve
