|
<< Click to Display Table of Contents >> Permissions |
  
|
|
<< Click to Display Table of Contents >> Permissions |
|
All users should have be added to the database with the public role only. Specifically, nobody should be given the roles db_datareader and db_datawriter. The DbGrants.exe tool will remove users from these groups when it is run. Running this tool is part of a standard database update process.
Users are usually added in the application, via the Superuser menu. If users are added with database tools, e.g. if there is a need to add users in bulk, there is a stored procedure in the FastTrak database that should be used:
EXEC AddUser 'domain\user'
GO
Role membership should be managed exclusively through the FastTrak application, via the Superuser menu, except for the db_owner role which can be given with database tools.