I have a teachers database authentication through AD. I need a privilege set so that teachers can only see their data and their data only when they log on with their External authenicated accounts (AD). Trouble is I have a company setting up this security for me and they just aren't getting it. I log on using a user name and password in our AD and they can access the DB but they see everyone else's data. Bad News of course. I'm assuming that the External Authentication is working since they can log in but their privilege set is way to high (or I mean they can access way too many records) They need only read only access to their information. I can send screen shots of the securities pages if needed.