>>I've had this conversation with my boss and he wants to go NT auth. and I prefer using SQLs. The idea is that by using NT authentication (if you are a heavy microsoft shop like we are) you keep all of the permissions management in one place. A simple front line support person can manage the rights rather then the SQL administator having to do it.
>
>I almost agree with you here. It is true that all permissions are co-located but, regarding SQL Server, those permissions are limited to accessing the server or not. Permission within the database must still be managed from within SQL Server and not the domain.
>
>-Mike

Yes and no. If you grant a role permission to SQL objects, then put an NT Domain group in that role, then anyone can be added to the role view the Domain User Manager and in effect they are managing who can get to the database.