Restore database from a shared folder

Question

I did a backup of a database on Prod. I need to restore it to cert. I am Running below query on Cert to access the backup residing on prod

Query:

USE [master]
RESTORE DATABASE DB
FROM  DISK = N'\\SQL2005Prod\Backups\DB\DB.bak' WITH  FILE = 1,  
GO

Error:

Msg 3201, Level 16, State 2, Line 3
Cannot open backup device '\\SQL2005Prod\Backups\DB\DB.bak'. Operating system error 5(Access is denied.).
Msg 3013, Level 16, State 1, Line 3
RESTORE DATABASE is terminating abnormally.

Additional notes: I am a sys admin on the server. SQL Server Agent and I have full access to the folder Backups. SQL Server Agent account and SQL server Service account are under the same domain name. They have full control under folder permissions.

Answer 1

SQL Server accesses external resources under:

• impersonation, if the original login is an NT login
• service account, if the original login is a SQL login w/o a mapped credential
• credential, if the original login is a SQL login that has a mapped credential

So the user which actually accesses the share will depend on how you logged in to SQL at the moment you issued the RESTORE statement. Note also that if NT login is used then normal constrained delegation rules for impersonation are in place (aka. 'kerberos double hop', if your original login occured on a different LSA than the one hosting the SQL Server service and the target resource resides on a host different from the SQL Server service host then you'll be authenticated by the target resource's LSA as 'anonymous' unless you explicitly configure delegation for that resource).

PS. SQL Agent adds 'proxies' to the mixture, but those are nothing else but credentials (case 3 in my list). See Create a SQL Server Agent Proxy.