>In today's quest of IT/DBA guys to lock everything down to a ridiculous point how do they handle an application that has lots ( maybe hundreds ) of users that all are on local machines with a local databases that need to connect to a server instance of SQL Server for replication purposes? Do these DBA's create a login for every user that might replicate his/her local machine or do they create a couple generic users connections that they use? Not being familiar with Web stuff I assume that latter is the way they handle all the hits they get from web clients.
>
>Of the DBA's I know they are very reluctant to give that many access points into the server.
>
>Reason I ask is that in our re-write to a client/server backend I am leaning toward only writing for local database access ( which all of our users have since we still mainly depend on disconnected data sources ) and letting the IT/DBA people worry about the replication scheme ( setting up and implementing ) as we cannot seem to get more than one or two of over a hundred to ever agree on how things need to be done to make them happy.

In all Web applications I have been involved in, there is one connection string and everyone is using the same authentication to the database. As far as security and roles, we do it at the application level. I am now saying this is a perfect world. I am sure there are other schemes of implementation of security for Web applications that many would prefer. It also goes with the client's request.