database security

[Guest]

I have created a database that I want to implement in an office environment
and the database will have several users. I want to put the database on the
office network, giving access to the other users, but I want to restrict
their access so that they can't change the design of any of the tables,
forms, etc. The users' access to the database will be for inputting records
and viewing reports. Basically, I want to create a group account for them but
have their user accounts correspond to their Windows user accounts through
our network, so that they don't have to type in a user name and a password
every time they use the database. Can I make it so the database just knows
who they are when they open it on the network from their own computers and
gives them the proper permissions that I choose? Thanks.

 

[Arvin Meyer [MVP]]

You want to split the database and put the tables on the server, I keep a
copy of the forms, reports, etc (Front-end) on the server, and one on each
workstation. If you do that, they can change the forms on their copy, but no
other and you can easily replace their copy, overwriting their changes.

Users need to have complete access to the back-end for editing, but only
need read-only for reading reports. That's enforced by the network. You can
create and MDE for the front-end and keep them from making changes to the
forms or reports. But to keep them from making table changes on the
back-end, you need to make the folder read=only, or implement Access
user-level security.

 

[germaine.oliver]

Another way to do it would be to use the windows username (do a search
for fOSUserName). But make sure that each person is working on a
different front end, or you're going to get some funky errors.
Splitting a multi-user database is really the only way to go, and if
you want different users to do different things, or have easy access
to different stuff, you have to MAKE SURE they are all using different
front ends..

Let me know if that helped...

 

[Guest]

Maybe I'm wrong, but I don't think I need to split the database. Basically,
I just want to put the whole database into a public folder so other users can
access it, but restrict them from being able to change designs. Similar to
giving certain permissions when creating a user account for the database.
Forms do not need to be changed for each user. Thanks.

 

[Guest]

Maybe I'm wrong, but I don't think I need to split the database. Basically,
I just want to put the whole database into a public folder so other users can
access it, but restrict them from being able to change designs. Similar to
giving certain permissions when creating a user account for the database.
Forms do not need to be changed for each user. Thanks.

 

[Arvin Meyer [MVP]]

If you have more than 1 user, you ALWAYS have to split the database. Having
multiple people running code in multiple instances of the same form is an
invitation to corruption. See:

Splitting the database:
http://www.granite.ab.ca/access/splitapp/overview.htm

It's also never a good idea for anyone to access a front-end on the server
unless it's a Terminal Server. Even then, you use separate front-end files
for each user.

Creating an MDE will protect your designs, except for table and query
designs. Only user level security can protect them.
--
Arvin Meyer, MCP, MVP
http://www.datastrat.com
http://www.mvps.org/access
http://www.accessmvp.com