I need to set up SQL Server 2005 so that people can have read only access for adhoc querying, but when they log into an Access 2003 application they need to also have write permissions. I'm planning to use SQL Server security and write the Access program to change the connection strings of the linked tables to use a username and password that has write access to the tables. When a user does adhoc querying they would log in under a user account that has read-only permissions. Is there a better way to accomplish this? Also, I'm considering having just one account that everyone uses for read only permissions and one account for write permissions for when they are using an Access program. Do you recommend instead that I have an account for each user? If so, why? Does SQL Server track who makes what changes to the database?