xp_cmdshell (server configuration option)
Applies to: SQL Server
This article describes how to enable the xp_cmdshell
SQL Server configuration option. This option allows system administrators to control whether the xp_cmdshell extended stored procedure can be executed on a system. By default, the xp_cmdshell
option is disabled on new installations.
Before enabling this option, it's important to consider the potential security implications.
- Newly developed code shouldn't use the
xp_cmdshell
stored procedure, and generally it should be left disabled. - Some legacy applications require
xp_cmdshell
to be enabled. If they can't be modified to avoid the use of this stored procedure, you can enable it as described below.
Note
If xp_cmdshell
must be used, as a security best practice it is recommended to only enable it for the duration of the actual task that requires it. Using xp_cmdshell
can trigger security audit tools.
If you need to enable xp_cmdshell
, you can use Policy-Based Management or run the sp_configure
system stored procedure as shown in the following code example:
-- To allow advanced options to be changed.
EXECUTE sp_configure 'show advanced options', 1;
GO
-- To update the currently configured value for advanced options.
RECONFIGURE;
GO
-- To enable the feature.
EXECUTE sp_configure 'xp_cmdshell', 1;
GO
-- To update the currently configured value for this feature.
RECONFIGURE;
GO
-- To set "show advanced options" back to false
EXECUTE sp_configure 'show advanced options', 0;
GO
-- To update the currently configured value for advanced options.
RECONFIGURE;
GO
Next steps
Feedback
https://aka.ms/ContentUserFeedback.
În curând: Pe parcursul anului 2024, vom elimina treptat Probleme legate de GitHub ca mecanism de feedback pentru conținut și îl vom înlocui cu un nou sistem de feedback. Pentru mai multe informații, consultați:Trimiteți și vizualizați feedback pentru