Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
dumbo
Starting Member
8 Posts |
 Posted - 2002-04-17 : 19:30:47
|
| Oh great gurus in the ether....I'm revising someone else's code VB/SQL using ADO. At the moment, the application requires each user to be "set up" individually, rather than using NT groups.What I'd like to do is to change the code so that admins will be able to create new roles and (NT groups to match) which will not only secure the database, but will also restrict their view of the data to only the subset of data they are responsible for.I know this is old-hat to some of you, but poor old dumbo here doesn't know what the implications are at the SQL end. Can someone check my reasoning?I think I can add logins (for new NT groups) etc using the system stored procedures? (Understanding that the actual NT groups will be created by the sys-admins under NT)I think I can then find out which groups the accessing user is part of too?I should then be able to have a look up which tells me which subset of data that user should be able to see, and filter the data accordingly....Anytips, links or hints greatfully accepted...big ears are better than none |
|
|
|
|
|
developing security