Unfortunately, that wizard isn't so good.
I've had another go today, sans wizard and got on much better.
I'd go as far as saying the wizard in Access 2000 is worse than useless,
since it doesn't do the job right, but the user is mislead by it.
I'd write in large letters "do not use the security wizard in Access
2000".
Sorry to have misled you. It is quite workable (I emphasized about
opening with the default mdw because most often that is the setup that
people really need/want). You can certainly setup your database so
that it is secure and still allow the standard system.mdw to be used
by some/all users.
I've got on much better than this since dispensing with the wizard,
suddenly it all makes sense and behaves the way I expect.
That suggests that Admin owned the table - the owner can always
administer regardless of the permissions.
I wrote some DAO to dump out all the user groups and table permissions to
a file. Admin was left with rights to a whole heap of hidden system
objects and tables. Which seems to coincide quite neatly with the new
Admins not seeming to have full control (e.g. not being able to take
ownership of all objects).
I understand your frustration. In the end you will find some minute
detail that you overlooked.
I suspect it was the rather large detail of using the wizard. Importing
the tables into a clean DB is clearly the way to go. Though I suspect the
FAQ doesn't mention encrypting it first, which I think is the only other
(intended) function on the wizard.
That sounds like a good idea. Unhide all your objects, don't even
touch/display any of the Msys objects.
I checked up on this, it was all the hidden tables. I dread to think what
the wizard is doing that makes it go wrong for hidden tables.
In 2000, you shouldn't use the wizard, as I understand it left a
gaping hole. The wizard doesn't do anything that you can't do
yourself.
Gaping hardly seems the word. Somone using System.mdw often seemed to
have more access than members of the Admins in the secured mdw, because
not all the ownerships had been transferred.
Follow each step (each phrase) in the FAQ, but don't run the wizard.
I'm glad that FAQ's there. Shame about all the misleading documentation
in the Access help files, it would be better off just pointing you there.
No that suggests to me that you started by creating a new mdw to be
your secure workgroup, and you made it the default one to use. Then
you ran the wizard and chose to modify the existing mdw (thus it was
previously created).
Not sure, not sure it matters. I am curious about the built-in nature of
the Users and Admins groups though.
The Admins group is the one entity that is *not* the same in any other
mdw. But Users Group and Admin user are the same in every one.
What is it that makes it different? The WID ? or do Admins groups in
different MDWs have different PIDs?
Since you can get back in my knowing the WID I guess the Admins group PID
is WID-mangled and the Users isn't ?
Paul