We're looking for a simple way to create a group in Active Directory (called, for example, SQLUsers), then ONLY allow any access to a particular SQL server/instance to that group.
This does not need to be granular, or per-database. Users not in this group should not have any access whatsoever to the SQL server, the instance or any database within it. So I'm not interested in fine-tuning LEVELS of access (that we'll leave to SQL itself and/or the application that uses SQL), this is just for simply allowing (or disallowing) basic connectivity to SQL Server.
Ideas? Thanks all.