SQL Server 2008 - Security Help

You mean you're creating the indbusers group on the client machines? That won't work, that group is on the server. You need to add the users to the group on the server. Not replicate the groups on the client machines. I'm guessing you guys are on a domain server?

No, that's the problem. There is no domain at all. Just the default workgroup in the client machines. But all client computers have a local windows group called "INDBUSERS" to which usernames are added. The IT unit manages user names and local groups in the machines and members of the group have very limited power. What I need now, given the scenario, to let members of the group connect to the database. I hope you are following me.

Well, if you don't have a domain, you will still need to add the users to the group on the server, not the other way around. Either that or create SQL Server logins instead.

So basically, i have to say:

PC1\USERGROUP
PC2\USERGROUP

ETC?

No. I don't believe you understand what is being said.

The SQL Server machine has Groups that are being used for security within SQL Server. Specifically ACCOUNTINGSERVE R\INDBUSERS. This Security Group, on this particular server, needs each of the users added to it individually for this to work. Each user account added must be the exact one from the machine they are running from. This means that if users move from one PC to another, and/or all users accounts are set up on all PCs, then you have to set them up for each PC they may need to use.

Clearly this is a horrible mess, but SQL Server was never designed to run as a Domain without a Domain.

If users are all members of Groups on the PCs then these Groups may themselves be added instead. This will only work if they are Local Groups on the PCs though.