Bad user name still allows entry

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi, all!

I'm connecting to a A2K database which is secured with a UID of "Admin" and
a password of "abc". On a form, I have the user input the UID and PWD to
use, then open the database as follows:

Set db = OpenDatabase(Me.jobDatabase, False, True, _
";UID=" & Me.jobUID & ";pwd=" & Me.jobPwd)

In testing, the db opens no matter what value I use for jobUID. (The
assword must be correct.) I even changed the code to ";UI=" ... and it
still opens without an error.

No other users or groups but "Admin" are set up in the db, but that may not
always be the case.

Does Access not check the UID, or is my syntax wrong?

Shouldn't the object db reject the bad parameter and kick back an error?

Thanks,
Bruce
 
BruceS said:
Hi, all!

I'm connecting to a A2K database which is secured with a UID of "Admin"
and
a password of "abc". On a form, I have the user input the UID and PWD to
use, then open the database as follows:

Set db = OpenDatabase(Me.jobDatabase, False, True, _
";UID=" & Me.jobUID & ";pwd=" & Me.jobPwd)

In testing, the db opens no matter what value I use for jobUID. (The
assword must be correct.) I even changed the code to ";UI=" ... and it
still opens without an error.

No other users or groups but "Admin" are set up in the db, but that may
not
always be the case.

Does Access not check the UID, or is my syntax wrong?

Shouldn't the object db reject the bad parameter and kick back an error?

Thanks,
Bruce
Click to expand...

Have you verified that user-level security is applied correctly at the
target file?

Keith.
www.keithwilby.com
 
Keith,

Thanks for replying.

Doesn't look like it. Never played with Access security. Network-level
user security has always handled permissions so I never had to.

Here's where things are, now:

When I posted the first question, I had only 1 user (Admin) set up in the
test database. (Probably why it was ignoring the UID part of the
OpenDatabase command.) When I double-clicked the database to open it
manually, it asked only for the password. When I used VBA to open it, it
opened as long as the pwd was correct.

Since then, I used the wizard to set up a new user (BruceS) and assigned a
pwd (abcd). Now, when I double-click the database to open it manually, it
gives me a 3033 (no permissions) error. It doesn't prompt me for uid or pwd.
I can only open it by clicking on the .ldb file that the wizard created,
where it does ask for both uid & pwd.

Now, however, the VBA OpenDatabase command also fails with 3033, even when
using valid UID/pwd info in the parameter. Just for kicks, I tried pointing
it the .ldb file, instead. It errors saying that it's not a valid database
format.

Obviously, I don't know what I'm doing here. Can you point me in the right
direction?

Thanks,
Bruce
 
BruceS said:
Keith,

Thanks for replying.

Doesn't look like it. Never played with Access security. Network-level
user security has always handled permissions so I never had to.

Here's where things are, now:

When I posted the first question, I had only 1 user (Admin) set up in the
test database. (Probably why it was ignoring the UID part of the
OpenDatabase command.) When I double-clicked the database to open it
manually, it asked only for the password. When I used VBA to open it, it
opened as long as the pwd was correct.

Since then, I used the wizard to set up a new user (BruceS) and assigned a
pwd (abcd). Now, when I double-click the database to open it manually, it
gives me a 3033 (no permissions) error. It doesn't prompt me for uid or
pwd.
I can only open it by clicking on the .ldb file that the wizard created,
where it does ask for both uid & pwd.

Now, however, the VBA OpenDatabase command also fails with 3033, even when
using valid UID/pwd info in the parameter. Just for kicks, I tried
pointing
it the .ldb file, instead. It errors saying that it's not a valid
database
format.

Obviously, I don't know what I'm doing here. Can you point me in the
right
direction?
Click to expand...

Hi Bruce,

Well I misunderstood your first post. It seems you had no user-level
security set up (as I thought you had) but you *did* have a database
password set. Those two entities are completely separate and should not be
confused with each-other. I'm not sure what the answer is but I would
recommend that you don't dabble with user-level security if you're new to
it, you can very easily lock yourself out and it certainly won't solve your
original problem. I especially dislike the wizard because it does things
without telling you and you learn nothing about user-level security to help
you trouble-shoot when things go wrong.

Sorry I can't be of more help but hopefully someone else will jump in ...

Regards,
Keith.
 
Back
Top