HiveBrain v1.2.0
Get Started
← Back to all entries
patternsqlMinor

Why would you give a database user a different name than the sql login it's mapped to?

Submitted by: @import:stackexchange-dba··
0
Viewed 0 times
mappedwhytheyousqluserthanlogingivedatabase

Problem

Assuming you're creating a database user mapped to a SQL login, is there any valid reason to ever assign the user a different name than the login?

I'm not really asking this from the perspective of "oh, it's silly that they make me type the same name twice in the ssms gui when creating a database user", but from the perspective that there may actually be a legitimate use case scenario and I'd like to know what it is if so.

Solution

No good reason, going forward. In ancient versions of SQL Server it was allowed to map multiple Logins to the same Database User. But database roles, introduced in SQL Server 7 are better, so the functionality was deprecated and removed.

But

  • There's no good practical reason to have different names.



  • It's common practice to reuse the Login name for the User.



  • It's obscure functionality likely to cause confusion, which for security-related stuff is especially bad.

Context

StackExchange Database Administrators Q#300766, answer score: 5

Revisions (0)

No revisions yet.