Changing Current User

  • Thread starter Thread starter Security Stuck
  • Start date Start date
S

Security Stuck

I have read serveral postings about finding the network
user ID. I am trying to find a way where I could use that
code to change the current user. What I would like to
happen is have a user log in to the database as "admin"
and then run some code (magic happens here...) that logs
out "admin" and logs in "joe_smith", or whatever the
network ID is for the current user. This would allow me
to limit what they can and can not see, keep the database
secure, and not require the user to use the login window.
By doing this I would have to make the assuption that only
one user uses a logged in PC at a time, which I am ready
to do. Does anyone have any ideas?
 
I have read serveral postings about finding the network
user ID. I am trying to find a way where I could use that
code to change the current user. What I would like to
happen is have a user log in to the database as "admin"
and then run some code (magic happens here...) that logs
out "admin" and logs in "joe_smith", or whatever the
network ID is for the current user. This would allow me
to limit what they can and can not see, keep the database
secure, and not require the user to use the login window.
By doing this I would have to make the assuption that only
one user uses a logged in PC at a time, which I am ready
to do. Does anyone have any ideas?

The login occurs before Access even *opens* the database and you can't change
users while the database is open, so that approach is really not an option.
Besides, if a user is "logging in" as "admin" without providing a password, then
your database is not properly secured. If you haven't already, you should
download and read the Access Security FAQ for more information on properly
securing your database. It's available at:

http://support.microsoft.com/default.aspx?kbid=207793
 
My thought was that I could give "admin" rights to only
run this code, and keep the database secure that way, but
it does not seem like this is worth further research.

Thanks
 
My thought was that I could give "admin" rights to only
run this code, and keep the database secure that way, but
it does not seem like this is worth further research.

If your database *is* secured using Access user-level security and you need only
to run some code to manage data that is outside the limits of the current user's
permissions, there are ways you can do that without concern for the permission
level of the current user. In DAO, you can open a secured database in code as
another user with administrative permissions by using the PrivDBEngine (as
opposed to CurrentDb or DBEngine), setting the new database object's SystemDb to
the relevant workgroup file and set the username and password that will give
that session full administrative privileges to perform the actions that you
require. "PrivDBEngine" is undocumented, so you might need to Google for threads
in "groups" in order to find code that might be useful.
 
Back
Top