I manually created a bunch of users based on our AD structure, but I did the work within the run-time application.  Now, I want flesh out the permissions, but the same security window will not allow me to add permissions.  So, I read the documentation.  It says that permissions can only be added through the design-time interface.  Whoa!  Am I stuck, now?  I have users on the server and not on the local.  I need to add permissions, but they will only go on the local.  What do I do to synchronize these databases?

Thanks,
Bill

You need to deploy the database. Data can be deployed along with schema changes. You pretty much have to do this to deploy new permissions.

Greg nailed it   The DDT even has a menu item that will import the Security project into your DDT profile for you.  If you do this, you can select your Security project, then package up your DDT profile and deploy it.  This is how it was intended to be used and is the same thing that we do with our medical software.

The DDT is still somewhat of a mystery to me; however, I did use it initially to deploy the security database to the server.  Once the DB got to the server, I updated the users within that DB, not my local.  So, my question is, if I re-deploy the DB from my local with all of sparkling new permissions that I will design, will the scores of users on the server be overwritten by the measly two that are in my local security DB?  That is where my confusion comes in.  I want to overwrite permissions, but not users.  Any additional thoughts?

No.  There are a number of options when deploying the data.  You can overwrite, which just overwrites any record with the same pk...good for static data.  You can merge, which will leave any existing records in tact and add the news ones.  And you can Ignore, which will only add records for PKs that do not have exist in the database.  In this example, you probably want to actually overwrite the permissions (as you could make a change and you want it to be reflected) and Merge the users.  So you can do a combination of both.  This is the same process that we use for our medical software...we distribute a "default" user, but always deploy all permissions, groups, etc. on an update.  Hope that makes sense

Thanks for the confidence booster!  I used 'ignore' for the users and 'overwrite' for everything else.  25 seconds later, all of my sparkling new permissions were available to the application.  No users were lost in the shuffle.

It's a beautiful thing! 

Thanks a ton!!
Bill

No problem