We have nightly restores to DEV environments, weekly to Test and Integration and on demand for Regression testing. There are crazy amounts of restore jobs running every day pulling from last night's backups.
We have DBAdmin database created with some necessary scripts and work tables. We run the security scripting script as a step before the actual restore and save the data in work table. After the rstore step runs, we rerun teh security from step1. Production always have tighter security so only thing we do is to grant additional access that is not there in prod ( like db_owner to developers or read/write to QA).
I was revieing Warren's script and there are few good features that we will be adopting from his scripts.
Idera SQL Permission is ok when you have one or two instance and you don't mind doing lot of manual work. This kind of scripting is necessary for Enterprise environment when you are dealing with 100s and 1000s of instances and have no time for manual work.
Thanks for the good script.