petermaddin (7/14/2015)
When one creates a login that uses window authentication, does one then add (by convention) the same user account as a user for each database that that that user needs access to.
Yes, otherwise the person will not have any access to any DB. It's a security hierarchy. Logins allow you to connect to the server. Database users allow you to access a specific database. Permissions given to the user define what that person can do.
By default a user gets public access to a database. What does public actually give you?
Nothing by default. Ideally never anything. Public shouldn't have any permissions added to it.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability