Bob,

>Shouldn't security be enforced in the business layer rather than the UI layer? I would have to have to duplicate the secuirty set up for each UI that I build?

I understand what you're saying, but our end users LOVE how easy it is to configure security in their MM VFP applications via the user interface. If they have rights, they can go into security setup mode, right-click a control and set permissions on the spot. This is much easier than sending them to a separate user/role form where they set security.

>PS: Also, isn't the industry term 'roles' rather than groups these days?

Good point...I'm actually using this terminology in the MM .NET security code I'm working on right now, and I'll update the Dev Guide accordingly.

Regards,