Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
itsonlyme4
Posting Yak Master
109 Posts |
 Posted - 2009-09-22 : 05:19:24
|
| I have been reading up on the best way to do group permissions in SQL Server 2005. I have a couple of apps that have MANY users with the same permissions. I added them all as users to the instance and then created a DB Group, gave the group the appropriate permissions and then added the users to the group. Is this the best way to handle this?? Is there a way to create a local windows group on the server, add all of the users to it and then grant the group permissions that way? or do the users all have to be added individually to the instance before they can be added to a new DB group? |
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2009-09-22 : 12:57:09
|
| The best way to do this is to create an Active Directory group, add the users to that, and then just add the AD group to SQL Server. The second best way is to do what you said via a SQL group, but as you noticed the AD logins will all have to be added to SQL before you can add them to that group. That's why it's preferable to do this at the AD group level instead so that the management of logins is not the responsibility of the DBA.Tara KizerMicrosoft MVP for Windows Server System - SQL Serverhttp://weblogs.sqlteam.com/tarad/Subscribe to my blog"Let's begin with the premise that everything you've done up until this point is wrong." |
 |
|
|
itsonlyme4
Posting Yak Master
109 Posts |
Posted - 2009-09-22 : 13:49:24
|
| Thank you. I've tried to go the route of AD groups but our infrastructure team will have none of that! I thought I could create my own local group on the Server at the OS level and then add the group to SQL.. it works that way in Db2. but sounds like with SQL Server I have to create the group IN the database - which means I still have to add each individual login to SQL Server. Thanks for your help ! |
|
|
|
|
|
|
Group permissions in sql server 2005