If you have not read my blog entitled "How to prevent access to the sage database" you may want to do that first before proceeding.  In that blog we setup a user in Sage 500 who could only access the data from the Sage 500 application. In this blog we will look at creating a user who only has access to data from Sage 500 AND read access from applications outside Sage 500.

There may be occasions where you need to restrict users access outside of Sage 500 to read only.  You can set this up from the Maintain Users task. From within Sage 500, navigate to System Manager, Maintenance, Maintain Users. From there lets create "bUser " , add to appropriate Default Security Group, and Task Menu.  Then, make sure you place a checkmark next to both Use Application Role and Allow Read Access.  When done click the Save or Finish icon.

Now, if bUser has access to using SQL Server Management Studio, they can login, switch the database context to the Sage 500 application database and run a SELECT query for example

But lets say the user tried to delete one of the vendor records directly from SQL Server Management Studio.  The ApplicationRole would prevent bUser from completing that delete statement and it would generate an error.

This would also work if bUser was running custom Crystal Reports or a 3rd party application that retrieve data from the Sage 500 application database.