We, a group of programmers, are developing an ASP.NET app. The application's connection string attaches an .MDF file that is in the App_Data directory. This works nicely so that the app can be checked out and run without each developer having to manually attach the database to the local SQL server instance.
However, the attached database needs to be very restrictive with permissions. The user account accessing the database should only be granted permissions to stored procedures, not tables, etc. We have setup a SQL Server user account with the appropriate restrictive permissions. We want to use SQL Server Authentication in the connection string, referencing the aforementioned SQL server user account, when attaching the database, but this doesn't work; we get permissions errors.
I think this is because the SQL user account has so few permissions it cannot even attach the database. I'm also wondering if it is even possible to attach a database using the connection string and SQL server authentication?