In SQL Server, you can have either accounts based on Windows accounts, or separate, specific SQL accounts. For both variations, you need one account for each user that needs to use your database.

The only exception is the ability to create a SQL Server Login for a Windows security group, e.g. MyAppUsers, and then a user in your database for that login. With this, any Windows account that is member of that security group (in Windows/AD) will also have permissions to see / use your database.

With this approach, you’re also moving the administration of who can use your database out of SQL Server, since it really only depends on membership in a Windows security group.

One login, one user – multiple Windows accounts that get permissions with this. Seems like a winner to me!

Update:

Create a login for a Windows AD group:

CREATE LOGIN [DOMAIN\GroupName] FROM WINDOWS

Create a user in your database based on that login:

USE (your database)

CREATE USER GroupNameUser 
FOR LOGIN [DOMAIN\GroupName]

Connection string for your SQL Server connection:

server=(your server);database=(your database);integrated security=SSPI;

What else can I tell you?

Update #2: the code not using the Windows accounts is this:

Create a login for each user that needs to use your application

CREATE LOGIN (some login name) WITH PASSWORD = 'Top$ecret'

Create a user in your database based on that login – again, once for each user of your app:

USE (your database)

CREATE USER UserName
FOR LOGIN (some login name)

Connection string for your SQL Server connection:

server=(your server);database=(your database);
  user id=UserName;Password=Top$ecret

But again: this requires one login including a password and one user in each database which you need to keep track of and possibly do stuff like “reset password” operations etc. from your database app. Lots more in terms of admin overhead!