The system objects used to implement the virtual device set are secured with an access control list. This list permits access to all processes running under the account used by the primary client. Access is also permitted to processes running under the account used by Microsoft® SQL Server™, as recorded in the system services configuration.
The server connection for SQL Server that is used to issue the BACKUP or RESTORE commands must be logged in with the sysadmin fixed server role. For more information, see Microsoft SQL Server Books Online.
The CreateEx (and Create) calls modify the security DACL on the process handle in the client process. Because of this any other modification of the process handle must be serialized with invocation of CreateEx.
Tips and how-to guides for Redgate products
Ask, discuss, and solve questions about Redgate's tools
Meet us at an event, get sponsored, and join our Friends of Redgate
In-depth articles and opinion from Redgate's technical journal
Get the latest news and training with the monthly Redgate Update