In a sql server 2008 database, the person that has dba access thinks the user security rights are controlled by the active directory. The .net application and database was written by contractors that are no longer with the company. There is no documentation for the application.
Thus we are trying to determine how the security is setup. I stepped through the .net 2012 code and found what active directory values were setup. However with sql server 2008, I do not know how to tell how the security is setup via active directory contols.
Thus can you tell me and/or point me to a reference that will tell me how to accomplish my goal?