Each user needs to gain access to Microsoft® SQL Server™ through a login account that establishes the ability to connect (authentication). This login then has to be mapped to a SQL Server user account used to control activities performed in the database (permissions validation). Therefore, a single login is mapped to one user account created in each database the login has to access. If no user account exists in a database, the user cannot access the database even though the user may be able to connect to SQL Server.
The login is created in Microsoft Windows NT® rather than in SQL Server. This login (a Windows NT user or group account) is then granted permission to connect to SQL Server.
The login is created within SQL Server.
The SQL Server user accounts that map to logins (created in Windows NT or SQL Server), and permit access to the database, are always created within each SQL Server database.