Synchronizing a database with Active Directory changes (Model Explorer)
Reasons for synchronizing a database
In SQL Server, group memberships are cached on the database. You should update the database with the latest changes made to users and groups in Active Directory and synchronize the database so that the changes are visible to the users. You must synchronize the database (in Model Explorer) for the following reasons:
• When a user belongs to multiple AD groups that has logins, performing a synchronization updates the effective permissions (Owner/Read/Write) of the particular user.
• When a user is added to or deleted from an AD group that has a login in SQL (Modeler), synchronization must be performed to update the user’s permissions.
• When an AD group is added to or removed from a domain, synchronizing updates the database to correctly reflect the permissions or the existence of the affected AD group.
To update the database with the latest permissions: