I use Windows authentication on my SS 2005 Vehicles database. There is a login called "Service" which is mapped to user "Service" for the Vehicles database. There is another login called "Sales" which is mapped to user "Sales" for the Vehicles database.
There are Windows groups for both "Service" and "Sales". Windows account "Ralph" is a member of both. Ralph does not have an individual SQL Server login, but Ralph can connect to Vehicles, nonetheless, because of his group membership.
Once connected, I presume Ralph gets the collective server permissions of both groups. Is that correct? But what is Ralph's user context at the database level? Does he run as "Service" or does he run as "Sales"? And, does he get the collective database permissions of both users or just the permissions of one user context?
Please don't answer: do "Select USER" to find out. I'm interested in understanding HOW SS 2205 resolves the database user when different group logins map to different users.