UI for SQL Server User managment

I am building a solution for a small business without any in house IT staff.

The central datastore is SQL SERVER (express2008)

I would like to leverage SQLs built in security (certain views for certain classes of employees).

However the boss (the one who needs the control to say who sees what and who can edit) is overwhelmed by Management Studio.

No I know that in just 16-20 hours I could put together a nice interface that uses SQL to manage the users.

It just seems silly for me to reinvent the wheel for what seams like it must be a common problem and must have been solved many times before. but searching on the web has not turned anything up.

I would rather something that I could package with my app (WPF/C#/Linq2Sql) but if it was stand alone it would also be great as long as it was dummy proof.

While I开发者_如何学Go am on the topic. How do users usually change their sql passwords (when you are forced to used mixed authentication)?

Thanks

From Scott Guthrie's weblog:

If you haven’t watched this great online video yet you absolutely should. It walks through how to add Forms Authentication (using the <asp:login> control) with a secure Membership Credential Store + Role Based Security to a site, then implement pages that enable Registration (using the <asp:createuserwizard> control) + Change Password (using the <asp:changepassword> control) + Reset Password (using the <asp:recoverypassword> control), and then authorize page access and hide menu navigation links using the role groupings of the authenticated user. The video shows how to-do all of this from scratch in only 17 minutes. You can watch it here. You can also find other great ASP.NET “how to” videos here.

Easiest way to implement this kind of functionality, in my opinion, assuming you're building an ASP.NET front-end.

Edit:
Even though you're delivering a desktop app, I'd still build a web app, stick it on their intranet and then there's one place to go for user account stuff. It's just too easy.

Edit Again:
Look into the stored procedures that are called from the <asp:changepassword> and the <asp:createuserwizard> controls and replicate them from in your admin section.

The answer you're looking for:
Again, Scott Guthrie comes to the rescue:

Peter Kellner has a good article on the new ASP.NET 2.0 Membership and Roles Features, and then put together a very useful sample that demonstrates how to implement a set of admin data-pages on top of the ASP.NET 2.0 Membership and Role Management system to allow you to remotely administer your users and roles. His sample is available to download in source format -- so you can integrate it within your applications to provide a remote management experience for users/roles that works well in a hosting environment.

Update: Check out Juval's article and sample code on how to accomplish the same thing using a Windows Forms front-end and web-services. Very slick!

Updated: Juval has updated his code again to support three options:

1) The version mentioned in the magazine

2) A WCF (Indigo) version hosted in IIS

3) A WCF (Indigo) version with a custom server host in case IIS isn't an option

You can download all three versions here: http://www.idesign.net/idesign/temp/CredentialsManager.zip

Hope this helps,

Scott