Setting Up Accounts, Logins, Roles, and Users

This content is no longer actively maintained. It is provided as is, for anyone who may still be using these technologies, with no warranties or claims of accuracy with regard to the most recent product version or service release.

Workflow Designer for SQL Server integrates the security environment in Microsoft® Windows® 2000 and in Microsoft® SQL Server™. The security environment is stored, managed, and enforced through a hierarchical system of users. To simplify the administration of many users, Windows and SQL Server use groups and roles.

A group is an administrative unit within the Active Directory Services of Windows that contains Windows users or other groups. A role is an administrative unit within SQL Server that contains SQL Server logins, Windows domain accounts, groups, or other roles.

Arranging users into groupsand roles makes it easier to grant or deny permissions to many users at one time. The security settings defined for a group are applied to all members of that group. When a group is a member of a higher-level group, all members of the group inherit the security settings of the higher-level group, in addition to the security settings defined for the groupitself.

With this security strategy, rather than assigning permissions to each user for each object in your workflow application, you assign permissions to a few roles in the projects. These roles are associated with SQL Server logins and Windows accounts. Then, you can add users and groups to the appropriate roles. Users automatically inherit the permissions associated with any roles to which they belong.

**Note   **To simplify user administration, it is recommended you create an Active Directory group for each of your project's roles and add that group to the project, rather than adding each user individually. Then, you can add or remove users from workflow applications by managing the membership of the groups. You also can use the same groups to set permissions on other network resources, such as file shares and printers.

Security

Employees often must belong to security groups that do not fall within the strict organizational plan of the company. For example, administrative staff exists in every branch of the company and requires security permissions regardless of their organizational branch. To support this broader model, the security system in Windows and SQL Server makes it possible for groups to be defined across a hierarchy as well. For example, an administrative staff member can belong to an Administrative group, a department group, and a corporate group.

In This Section

• Security Categories in Workflow Designer for SQL Server
  Understand the types of users and roles, their responsibilities, and permissions.
• Windows 2000 and SQL Server Security
  Create groups of accounts in Microsoft® Windows® 2000 and Microsoft® SQL Server™ that simplify managing the security features.
• Creating Database Roles
  Define a set of roles based on job functions, and assign to each role the permissions that apply to that job.
• Creating Workflow Application Users
  Add users to each workflow application.
• Assigning Users to Database Roles
  Add users and groups to the database roles in your application.
• Defining Permissions for Database Roles
  Specify which permissions are assigned to each role in the application.

Related Sections

• Developing Workflow Applications for SQL Server
  Simplify the task of creating typical workflow applications, such as forms routing/approval, document review/publishing, and issue tracking, by using the workflow engine and specialized workflow modeling tools of the Workflow Designer of SQL Server.
• Workflow Applications Architecture for SQL Server
  Understand how the Workflow Designer for SQL Server and Workflow Services for SQL Server help you build, modify, and add script to workflow applications on a database.
• Planning Workflow Applications for SQL Server
  Review the design considerations for the database schema, security, and other aspects affecting a workflow application.
• Building Workflow Applications for SQL Server
  Build database-driven Web applications that take advantage of integrated row-level security features.
• Developing the User Interface for SQL Server
  Create a web-based form that makes controlled access to the database possible through the workflow process.
• Scripting Workflow Events for SQL Server
  Add script to extend the capability and functionality of your workflow process.
• Creating Templates
  Store a complete workflow application in a reusable, transferable template.
• Troubleshooting Workflow Applications for SQL Server
  Find answers that help avoid or resolve the most common errors and issues you might encounter when using Workflow Designer for SQL Server.