Copying System.mdw

  • Thread starter Thread starter Natalie
  • Start date Start date
N

Natalie

Hello All,

I have just been on a training course that taught me
about security.

I went back to the office and set up users and groups
with the various permissions for each group and user.

However, I've don't know how to get these permissions
onto the other users computer. Also, I've now been told
that I needed to create a new system file at the
beginning.

....thanks for bearing with me ...

I've looked at help and figured that I need to do the
following:

1. Copy the default system.mdw and paste it as
mysystem.mdw

2. Copy this file and the database to a shared folder.

3. Get each user to open wrkgadm.exe and get them to
choose to join the mysystem.mdw

Is this the right way to go before I start messing it up??

Thanks in advance

Natalie
 
1. You shouldn't be using the default system.mdw file to secure your
database. You should, instead, use a custom workgroup file that you create.
The easiest way to do this is to simply run the Security Wizard in your
application. This will build a new security file for you, create users (if
you specify) and allow you some measure of implementing object permissions
(you'll certainly have to tweak these after the wizard finishes). The
system.mdw file is identical for all installs of the same version of Access,
thus if you use system.mdw to secure your database (even if you rename it),
a malicious user can simply replace your file with a clean version and they
would instantly have full access to the application. Matter of fact, in
2000+, if you delete the default system.mdw file, Access will rebuild it for
you!!

2. Users don't necessarily have to join your workgroup file permenantly, and
usually that's not a good idea since users would then not be able to open
any other Access applications. In general, it's better to have a shortcut
(desktop, start menu, etc) that opens your database with the correct
security file. To do that, build a new desktop shortcut and set the Target
value to this:

"Full path to MSAccess.exe" "Full path to your database" /wrkgrp "Full path
to your workgroup file"

Once you've built your workgroup file, you would place this in a publicly
available area (like a server). Most often this file is placed in the same
directory as the backend data tables. Note that your paths can be UNC paths
(//Server1/DBFolder/MyDatabase.mdb), and that the path to msaccess.exe is
the local path (i.e. the path on the workstation).

Object Permissions travel with the database; User and Group account and
Group Memberships travel with the workgroup file. Therefore, you'd have to
distribute your Access application and provide access to your .mdw file in
order for users to get into your database (and obviously provide appropriate
username/password for each user).

Did your course instructor show you the methods used to actually implement
security on your database? IMO, the best place to start is with the MS
SEcurity FAQ:

http://support.microsoft.com/Defaul...crosoft.com/support/access/content/secfaq.asp

This takes you through step-by-step instructions regarding security and is
required reading.
 
Back
Top