Problem with Windows authentication on SQL-database

If the user is an administrator then they have "full'ish" rights to the database. For non-admins we DENY some tables & fields.

As with any Client-Server type applications if you use Integrated SQL Authentication or SQL Authentication there is not much you can do to prevent users from accessing the database directly and changing the raw data. RDM protects you as best it can with encryption of the underlying data but not all is encrypted.

So you have two choices. The first is the use the "Custom (Devolutions)" login type (see: https://help.remotedesktopmanager.com/index.html?administration_usermanagement.htm). This login type only works with RDM, users can't use those credentials in SSMS for example, putting an extra layer of security between the user and the database. Warning! If the user is an administrator of the network then the user might still have rights by virtue of Windows Groups and such. Your second option is to use DPS (Devolutions Password Server) as data source which offers an even better security model.

Hello,

Sorry to jump in, but we have a blog on this subject that I think will interest you
https://blog.devolutions.net/2019/06/sql-server-with-integrated-security-thats-so-2015

On a side note, maybe the data report entry type could accomplish what you are looking for
https://help.remotedesktopmanager.com/sessions_datareport.htm


Best regards,