Sql Login Domain Group
Aside from pushing for sql authentication adding your machine to the remote domain or making your local domain trusted there are two approaches commonly used to get around this problem.
Sql login domain group. Open active directory users and computers and click users. However when a different ad group is added as a login like domain group users from this group can successfully log into sql server. Create a new group and give it a name right click and click new. In all 3 cases i ve created a sql login server principal for a domain group say domain sqladmins.
Create user bob for login domain bob grant select on table to domain group. A login is the identity of the person or process that is connecting to an instance of sql server. To add a windows authenticated login or group to microsoft sql server you first create a domain or local login or group add it to the sql server instance add a user to each database that the user needs to access and map the login to it. I have a sql server that is part of a domain.
Additionally create a schema for the database user if the user will own data. A login is a security principal or an entity that can be authenticated by a secure system. It seems that adding any other group even groups from a different domain grants successful authentication as i would expect except the ad group domain admins. I want to allow select permissions to anyone within a particular group on the domain.
I grant it the sysadmin fixed server role for example. Login as either administrator or anyone or yourself who is a domain admin in the domain controller. Right now i have to add a sql user for every domain user i m sure there is a better way. Users need a login to connect to sql server.
As a dba you can create a login based upon a windows group rather than a windows login. Both work equally well for management studio visual studio ssdt excel and many other applications that support passing windows credentials. You can create a login based on a windows principal such as a domain user or a windows domain. The domain has many many users.
Windows groups are logical constructs at the domain level that organize individual domain logins into distinct entities.