We are thinking about moving toward OS Authentication for our enterprise geodatabases on SQL Server 17. I'm curious how this will affect data owner ship and the ability of edit schemas/domains. We have two Users set up, Viewer and Modify So in this example, a user with OS Authentication to an SDE creates a feature class and applies the correct privileges to the feature class for the Viewer and Modify users. Can someone else make their own connection to the SDE and make schema changes/edit the domain? Or will that be restricted to the person who originally created the data?
If we go the database authentication route, I'm thinking about creating two 'SDE' accounts: SDE_Admin and SDE_Editor. SDE_Admin would have full rights to the geodatabase but SDE_Editor would only have the ability to create and modify data but not delete. Then put at Admin SDE in a secure location for only the admin while the Editor SDE connection would be in a shared location? Would a setup like this be feasible/make sense?