Configuring Users and Roles in an Advanced SQL Server Bound Book
1) Open SQL Server Microsoft Management Studio. Note: SQL Server Management Studio is not
installed by EZ Arms Keeper. It is however installed by the Microsoft SQL Server 2014 install.
2) Login into the Microsoft SQL Server Instance.
3) You are now connected to the Server Instance.
4) Find the Bound Book database that you are going to be adding users to. Expand out the
Databases node. For this example we going to work with the bound book “Advanced Bound
Book”.
5) First we need to add a login. There are two types of Logins (Windows Authentication and SQL
Server Authentication).
Windows Authentication logins can be used to associate with you existing Domain Users. This
way you don’t have to maintain an additional username / password.
SQL Server Authentication logins are a separate username / password only applicable for this
Microsoft SQL Server instance.
First we are going to add a SQL Server Authentication login as this is the simplest type of login.
Login Name: SqlServerLogin
Password: **********
Confirm password: **********
Default database: master (DO NOT CHANGE the logins default database from master)
6) Select the User Mapping. User Mappings allow us to add the Login to have access to a specific
bound book.
Add the login to the “Advanced Bound Book” database by checking the box.
Specify the Logins Role within the database.
Application Roles
1)
2)
3)
Administrators – A user that is a member of this role has access to all commands /
features in EZ Arms Keeper. The only thing that the Administrator role does not have
the ability to do is upgrade the Bound Book database. This requires the user be a
member of the server role “db_owner”.
Acquisitioners – A user that is a member of this role has access to creating new
acquisitions and new contacts. Users of this role cannot edit acquisitions or contacts.
Dispositioners –A user that is a member of this role has access to creating new
dispositions, new contacts and filling out an e4473 form. Users of this role cannot edit
dispositions, contacts, or e4473s.
4)
5)
SettingsMangers – A user that is a member of this role as access to change the EZ
Arms Keeper options.
TransactionManagers – A user that is a member of this role has access to everything
in the Acquisitioners and Dispositioners roles as well as the ability to Edit Acquisitions,
Contacts, Dispositions, and e4473s. It also has access to Void Firearms and
Dispositions.
Server Roles:
6)
public – By default all users are members of this role. DO NOT REMOVE users from
the public role or parts of EZ Arms Keeper may not function properly when this user is
logged in.
Note: A user can be a member of multiple roles. The result with be an accumulation of
permissions from each role.
For this example we are going to choose to add the user to the “Acquisitions” role.
7) Open EZ Arms Keeper
8) Open the SQL Bound Book.
Note: That after opening the bound book you can’t see the Disposition menu option because
the SqlServerLogin we created is not a member of a role that has access to this feature.
This user does not have access to change settings, create new bound books, open new bound
books, etc.
This user does not have the ability to Edit Acquisitions after they are created. This requires the
“Transaction Manager” role.
9) Now let’s create a Windows Authentication user in SQL Management Studio.
10) Enter / Select a valid Windows login for your domain. You domain may be the local computer or
a network domain.
11) Add the login to the “Advanced Bound Book” database by checking the box.
12) Add the user to the application roles.
13) Not only can you add individual Windows Users but you can also add a Windows Group as a
Login and configure it like a user. The advantage of doing this is as soon as you add a new user
to the Windows Group it will pick up the permissions in the database that you have already
configured the Windows group to have. This can make maintaining users roles much easier.