I have been tasked with investigating the possibilites of configuring SQL Server security for users in an application programmatically on the fly. This would be quite new to me and I would like to get some counsel on the possibilities here, the pitfalls, etc. I'd appreciate input from anyone who has experience and/or is knowledgable on this issue.

Thanks,
Bill