It has nothing wrong for a user to access SQL Server using a domain account if the server is not a production server. You can set permission to his/her account according to your security policy.
Normally, a user can only be a member of application role in a production server.
In either case, a user shoiuld not have SA. Otherwise, our DBAs will lose our jobs.
:hehe: