Select to view content in your preferred language

Role based permissions at DataSet level

1411
4
03-09-2011 11:47 AM
JeffGriggs1
New Contributor
Does anyone know if it is possible to grant permissions at the DataSet level based on a role instead of individual users?

Thanks,
Jeff
0 Kudos
4 Replies
VinceAngelo
Esri Esteemed Contributor
The grant and revoke API functions accept roles in the "user" parameter. 
I always grant access through roles.

- V
0 Kudos
JeffGriggs2
New Contributor
Thanks Vince!
0 Kudos
RandyKreuziger
Frequent Contributor
Roles are the way to go.

Now is anyone mapping windows groups to roles rather than adding the users to the database and assigning the database user to roles? 

For example
Windows group Parcels --> SQL role Parcels
  instead of
SQL users Joe, Ted and Max ---> SQL role Parcels

Our business IT group is going that way so I'm going alway with it.  But when I added all my windows users to SQL I could bring up their userid and see all the roles that user was a member of my database.  With windows groups I have to query active directory which generates a list of all groups the userid is a member of.  These include email groups, project groups etc.  It just isn't very clean.
0 Kudos
RobertHu
Emerging Contributor
Yes, I map domain groups to DB roles in my publication GDB (read-only).
0 Kudos