May 7, 2018 at 12:38 pm
Hi all -
I just want to confirm (or find out I am wrong) about setting up creating a group to add users in sql server.
In our environment, we cannot add Windows Groups (AD) for our sql users. Not sure why, everywhere else I have worked, that is what we did. Anyway, since we cannot create a Windows AD group and stuff windows logins into that group, I am thinking that the only way for me to create a group so I can assign/manage permissions easier...is to create a local group on the sql sever machine itself.
I thought maybe Server Roles would help, but those don't allow me to set permissions to specific databases, objects and read/write level. Hence, my thought about creating groups that are local to the machine and then adding the user's windows logins to that group.
thanks
will
May 7, 2018 at 5:08 pm
Found an answer...database roles. I had been looking at Server roles and those won't work for me. But I can create a role for each database and assign it permissions and add users.
May 8, 2018 at 10:19 am
You are correct. Use roles in SQL, equivalent to groups in AD. Always do this, even with AD groups. Use a SQL role for permissions and then add the AD group (or SQL users) to the role.
May 8, 2018 at 11:17 am
Thanks for the extra information. I would not have considered using a role if we had AD Groups. But....I can see where adding that layer would be beneficial.
Thanks!
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply
This website stores cookies on your computer.
These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.
To find out more about the cookies we use, see our Privacy Policy