Re: Naming Standard conventions for NT Groups

From: Bottomless Pit (
Date: 05/30/03

  • Next message: Jobi: "Re: How to share or transfer user ID and password between 2 SQL server?"
    Date: Fri, 30 May 2003 06:19:52 +0100

    Most clients use peoples names either as [firstname, surname] or [surname,
    firstname]. There dosnt seem to be a problem with either, providing you
    start with enough of a name qualifier to allow the company to expand from a
    few dozen where [Fred] or [Fred D] might be ok, but when you have several
    Freds you wish you had started from full names.

    One of my clients has several separated networks administered differently.
    Some use Full names, and some use the persons national insurance number.

    A few issues have arisen for me;

    1. The National Insurance number is a unique key, and so i can code up
    applications that work from a persons log in to establish exactly who they
    are. This works until the system administrators have oddball accounts that
    dont include the NI Number. Users disnt initially like this and unions spent
    a lot of time talking about it, but it generally works fine. Only works of
    course where all users have to have a National Insurance number!

    2. Most users prefer First name, Surname because it's friendlier. From a
    programmers and sysadmins point of view surname, first name is better when
    you are listing peoples names for a selection.

    3. Often the names get ported into exchange, and this could raise a security
    issue is so far as if you have several people with the same name it is easy
    to send email to the wrong account, which could be a problem if one of them
    is in HR and deals with personal details.

    4. Creating groups is primarily mapping peoples roles on the database and
    elsewhere on the network. If i am building a system there are typically two
    ot three groups with different types of access; The primary users of the
    system who update the system through my programs / stored procs etc and have
    read -only access to certain views for reporting purposes, system admins who
    have god like access, and others who have read-only access through reports /
    views. It is handy if groups relating to a system have the same prefix, e.g.

    5. It might be useful the name groups with the same prefix. It can be tricky
    identifying the group name in a list of a few thousand users and a few dozen
    groups. When the groups are listed together you can better see which groups

    Just my personal take...

    Paul Durdin
    "John Oberkehr" <> wrote in message
    > Hi,
    > We are implemnting Windows NT Authentication only in our
    > SQL environment.  As part of this implementation, we will
    > be creating windows nt groups for the SQL Server access.
    > I was wondering what types of naming conventions other
    > companies might have implemented, dealing with the NT
    > Groups.
    > Any insight on this would be greatly appreciated.
    > John

  • Next message: Jobi: "Re: How to share or transfer user ID and password between 2 SQL server?"