Re: Naming Standard conventions for NT Groups
From: Bottomless Pit (pdurdin_at_nospam_hotmail.com)
Date: 05/30/03
- Previous message: Marsha Foss-Krumrey: "error 8198 from DTS packages"
- In reply to: John Oberkehr: "Naming Standard conventions for NT Groups"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 30 May 2003 06:19:52 +0100
Most clients use peoples names either as [firstname, surname] or [surname,
firstname]. There dosnt seem to be a problem with either, providing you
start with enough of a name qualifier to allow the company to expand from a
few dozen where [Fred] or [Fred D] might be ok, but when you have several
Freds you wish you had started from full names.
One of my clients has several separated networks administered differently.
Some use Full names, and some use the persons national insurance number.
A few issues have arisen for me;
1. The National Insurance number is a unique key, and so i can code up
applications that work from a persons log in to establish exactly who they
are. This works until the system administrators have oddball accounts that
dont include the NI Number. Users disnt initially like this and unions spent
a lot of time talking about it, but it generally works fine. Only works of
course where all users have to have a National Insurance number!
2. Most users prefer First name, Surname because it's friendlier. From a
programmers and sysadmins point of view surname, first name is better when
you are listing peoples names for a selection.
3. Often the names get ported into exchange, and this could raise a security
issue is so far as if you have several people with the same name it is easy
to send email to the wrong account, which could be a problem if one of them
is in HR and deals with personal details.
4. Creating groups is primarily mapping peoples roles on the database and
elsewhere on the network. If i am building a system there are typically two
ot three groups with different types of access; The primary users of the
system who update the system through my programs / stored procs etc and have
read -only access to certain views for reporting purposes, system admins who
have god like access, and others who have read-only access through reports /
views. It is handy if groups relating to a system have the same prefix, e.g.
HR_ADMINS, HR_EDITORS, HR_REPORTERS
5. It might be useful the name groups with the same prefix. It can be tricky
identifying the group name in a list of a few thousand users and a few dozen
groups. When the groups are listed together you can better see which groups
exist.
Just my personal take...
-- regards, Paul Durdin "John Oberkehr" <jobie61@yahoo.com> wrote in message news:579b01c3261f$3b6b5f40$a301280a@phx.gbl... > Hi, > > We are implemnting Windows NT Authentication only in our > SQL environment. As part of this implementation, we will > be creating windows nt groups for the SQL Server access. > > I was wondering what types of naming conventions other > companies might have implemented, dealing with the NT > Groups. > > Any insight on this would be greatly appreciated. > > John
- Previous message: Marsha Foss-Krumrey: "error 8198 from DTS packages"
- In reply to: John Oberkehr: "Naming Standard conventions for NT Groups"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
