interesting choice to use ADP's seeing as they are now depracated, and will be dropped in future versions of Access
in the Access environment I'd always recommend using the network logon rather than the Acces workgroup ID... its harder to fake. however it has limitations (you need to be on a site where you have one userID to one user mapping.. so you cannot use generic userid's or shared userid's
Im in favour of storing those userid's in a workgroup file and requesting what clearances that userid has. you can use that technique irrespective of what back end data store you use.
SQL Server has its own set of permissions and user authentication.... and to use SQL server properly you shoudl make use of that security schema. Using the network logon may take you there (assuming you are certain that no user wil log on to the network and then leave their PC vacant and allow others to use that workstation). most companies Ive worked at have an instaban / instant disciplinary on that
use the Dev Ashish code, or I think PKStormy has contributed somehtign similar in the code bank to get the network userid. if you are getting involved in auditing them also consider recording te computer and the time so if you need to hold a witchhunt you can identfy who, what and where the crime was committed.
I'd rather be riding on the Tiger 800 or the Norton