Problem: When we have large number of database servers and multiple users. To onboard users at times we might end up registering each user one by one and provide access to respective server.
One way to overcome is to use AD authentication.
Create Ad group on how you wish to group the users for particular servers.
Use case : if you are managing servers across multiple regions and you wish to give access to users
for servers specific to regions
1) Create AD group based on region
2) Add domain accounts to that group respectively bases on the server group they need to access
3) Configure AD authentication in DPA
4) Add the AD groups to DPA with access to different set of servers
5) When User logs in they would be able to see only their set of servers.
Hope this addresses the query related to group – role management. We are happy to run through a demo to showcase this.