From the Books Online:
<Excerpt href="architec.chm::/8_ar_cs_79kj.htm">
A login ID only enables you to connect to an instance of SQL Server.
Permissions within specific databases are controlled by user accounts. The
database administrator maps your login account to a user account in any
database you are authorized to access.
</Excerpt>
Below is a brief summary. I suggest you peruse the Books Online for a
thorough description.
There are 2 basic types of logins: SQL accounts and Windows accounts. SQL
authenticated logins are managed entirely within SQL Server and it is SQL
Server that checks the login password to validate login identity. You
create a new SQL Login using sp_addlogin or using Enterprise Manager.
In contrast, Windows accounts (both local computer and domain accounts) are
managed by Windows so it is Windows that validates the identity of those
logins. You grant an existing Windows user or group account permissions to
connect to a SQL server instance with sp_grantlogin or using Enterprise
Manager.
A login initially has limited permissions; only those databases with the
guest user enabled (e.g. master and tempdb) can be accessed. You can grant
a login permissions to access other databases with sp_grantdbaccess,
sp_adduser or Enterprise Manager. When database access is granted, a
database user is created that is used as the security context within that
database. You can then grant permissions to the user, or better yet, add
the user to roles so that you can manage permissions via role database
membership.
--
Hope this helps.
Dan Guzman
SQL Server MVP
"David McGeorge" <so**********@yahoo.com> wrote in message
news:bc**************************@posting.google.c om...
I am confused about windows account, win dimain account, sql login
accoun and sql database user account.... can you give me a fresh
example to show the exact relationship between them and how they work
together?