https://community.esri.com/t5/data-management-questions/role-based-permissions-at-dataset-level/m-p/557768#M31624 <HTML><HEAD></HEAD><BODY><SPAN>Roles are the way to go.</SPAN><BR /><BR /><SPAN>Now is anyone mapping windows groups to roles rather than adding the users to the database and assigning the database user to roles?&nbsp; </SPAN><BR /><BR /><SPAN>For example</SPAN><BR /><SPAN>Windows group Parcels --&gt; SQL role Parcels</SPAN><BR /><SPAN>&nbsp; instead of</SPAN><BR /><SPAN>SQL users Joe, Ted and Max ---&gt; SQL role Parcels</SPAN><BR /><BR /><SPAN>Our business IT group is going that way so I'm going alway with it.&nbsp; But when I added all my windows users to SQL I could bring up their userid and see all the roles that user was a member of my database.&nbsp; With windows groups I have to query active directory which generates a list of all groups the userid is a member of.&nbsp; These include email groups, project groups etc.&nbsp; It just isn't very clean.</SPAN></BODY></HTML> Thu, 17 Mar 2011 19:03:16 GMT RandyKreuziger 2011-03-17T19:03:16Z https://community.esri.com/t5/data-management-questions/role-based-permissions-at-dataset-level/m-p/557765#M31621 <HTML><HEAD></HEAD><BODY><SPAN>Does anyone know if it is possible to grant permissions at the DataSet level based on a role instead of individual users?</SPAN><BR /><BR /><SPAN>Thanks,</SPAN><BR /><SPAN>Jeff</SPAN></BODY></HTML> Wed, 09 Mar 2011 19:47:04 GMT https://community.esri.com/t5/data-management-questions/role-based-permissions-at-dataset-level/m-p/557765#M31621 JeffGriggs1 2011-03-09T19:47:04Z https://community.esri.com/t5/data-management-questions/role-based-permissions-at-dataset-level/m-p/557766#M31622 <HTML><HEAD></HEAD><BODY><SPAN>The grant and revoke API functions accept roles in the "user" parameter.&nbsp; </SPAN><BR /><SPAN>I </SPAN><STRONG>always</STRONG><SPAN> grant access through roles.</SPAN><BR /><SPAN> </SPAN><BR /><SPAN>- V</SPAN></BODY></HTML> Wed, 09 Mar 2011 21:44:46 GMT https://community.esri.com/t5/data-management-questions/role-based-permissions-at-dataset-level/m-p/557766#M31622 VinceAngelo 2011-03-09T21:44:46Z https://community.esri.com/t5/data-management-questions/role-based-permissions-at-dataset-level/m-p/557767#M31623 <HTML><HEAD></HEAD><BODY><SPAN>Thanks Vince!</SPAN></BODY></HTML> Wed, 16 Mar 2011 19:17:17 GMT https://community.esri.com/t5/data-management-questions/role-based-permissions-at-dataset-level/m-p/557767#M31623 JeffGriggs2 2011-03-16T19:17:17Z https://community.esri.com/t5/data-management-questions/role-based-permissions-at-dataset-level/m-p/557768#M31624 <HTML><HEAD></HEAD><BODY><SPAN>Roles are the way to go.</SPAN><BR /><BR /><SPAN>Now is anyone mapping windows groups to roles rather than adding the users to the database and assigning the database user to roles?&nbsp; </SPAN><BR /><BR /><SPAN>For example</SPAN><BR /><SPAN>Windows group Parcels --&gt; SQL role Parcels</SPAN><BR /><SPAN>&nbsp; instead of</SPAN><BR /><SPAN>SQL users Joe, Ted and Max ---&gt; SQL role Parcels</SPAN><BR /><BR /><SPAN>Our business IT group is going that way so I'm going alway with it.&nbsp; But when I added all my windows users to SQL I could bring up their userid and see all the roles that user was a member of my database.&nbsp; With windows groups I have to query active directory which generates a list of all groups the userid is a member of.&nbsp; These include email groups, project groups etc.&nbsp; It just isn't very clean.</SPAN></BODY></HTML> Thu, 17 Mar 2011 19:03:16 GMT https://community.esri.com/t5/data-management-questions/role-based-permissions-at-dataset-level/m-p/557768#M31624 RandyKreuziger 2011-03-17T19:03:16Z https://community.esri.com/t5/data-management-questions/role-based-permissions-at-dataset-level/m-p/557769#M31625 <HTML><HEAD></HEAD><BODY><SPAN>Yes, I map domain groups to DB roles in my publication GDB (read-only).</SPAN></BODY></HTML> Thu, 17 Mar 2011 23:39:25 GMT https://community.esri.com/t5/data-management-questions/role-based-permissions-at-dataset-level/m-p/557769#M31625 RobertHu 2011-03-17T23:39:25Z