>>>Hi,
>>>
>>>within an hour of me letting my user at the beta version of my application they've managed to remove the administrator rights from all users. Short of restoring an backup of the database, is there any way to change a user to add them back into the admin group? I guess I would have to update the tables directly?
>>
>>I am guessing you are letting them into the admin pages as well.
>>
>>Yes, Frank just add to the tables. How exactly was the users able to do this? Maybe a user in the table for yourself that can't be removed if you have users that are admins and don't know enough about that process.
>>Tim
>
>Yes, I gave their IT guy the mm username so that he could set up users and so on. I guess somewhere along the line he either messed up or told someone else what to do and they messed up.
>
>I've looked at the UserRoles table and see what I need to change (unless they changed the RoleSecurity too!).
>
>How could I add a user that cannot be changed?

You could add another bit field to the table and set it to false by default. Add your admin user and set it to true, then change the stored procedure to only delete if the persist bit is false. I can't remember if in your user table we added the IsAdmin flag that prevents any user from getting to the Admin pages if that bit isn't true.
Tim