Access Versus Windows NT Permissions

  • Thread starter Thread starter Larry R Harrison Jr
  • Start date Start date
L

Larry R Harrison Jr

I have designed an Access 97 database on an NT 4 platform. (Yes, it's
ancient.) I have an issue that I suppose is a long-standing issue covered
before--granting proper Windows security versus Access security.

The problem is that you apparently have to give full read-write WINDOWS
permissions to the folder where the database is located for a user to even
open it, else you get an "already in use" error. Problem is, in doing this,
you leave open the risk that someone could outright delete the files.

Is there any resolution to this--making it where a user can't delete those
files yet they can open the database (AND have full editing permissions also
for other users)? If not, do newer versions of Access have a resolution?

LRH
 
Larry,

AFAIK, full permissions to the folder in which the database is located is
still the rule.

However, a large client of mine with many Access databases (using Windows
2000 client and server) successfully eliminated the risk of a user deleting
the shared file on the server by using Group policies to prevent users from
using Windows Explorer to navigate to server folders and files, eliminating
the capability to map drives and use the cmd prompt, and other settings.
(I'm not a network admin, so I can't give you all of the details.) Access
front-ends used the full UNC to link to tables in the back-ends and with
full permissions set to the appropriate folders, users could open and run
their databases but were not able to "get to" the back-ends.

hth,
 
You could hide the share where the backend is.

\\server\share$ rather than \\server\share

It'll be hidden in windows explorer, but savvy users can still get to it
*if* they know the path.

In addtion you can remove delete permission on the mdb file itself.
However, keep in mind that when you compact the mdb, it creates a new file
in the process which inherits the permissions of the folder. You can
reapply the permissions after a compact. More information at
http://www.trigeminal.com/lang/1033/codes.asp?ItemID=-1#25
 
Back
Top