Different user permissions

[Guest]

Struggling with security/user permissions. Not a programmer or anything, but
have kind of intermediate access skills I guess. Wondering if anyone has the
patience to walk me through how to dea with this?!

I have a new database that I just made with a whole load of fields in about
different clients.

We need all this info for management purposes/access.

We also need the sales staff to have access to some of the info in this main
database, but not all of it.

Every line of client info has a sales persons name next to it. So I want,
ideally, a series of other databases/queries one for each sales person, with
just their client info in. These mini databases also don't want all the
fields in, just some that I have selected.

what's the best way to go about it?

Thanks!

 

[Rick B]

You don't need one query per person, just include a filter in your query to
only pull up records for the person signed on.

[Owner] = CurrentUser()

or similar.


For more details, please read the hundreds of previous posts on the topic.
Look for "secure own records" or "lock other records" or "lock some records"
or similar.

 

[Rick B]

Oops - for the second part of your questions (only some fields) just include
the fields you want the salespeople to have on their forms and queries.

If you follow the advise listed in the previous posts, the user will not
have any access to the actual table, so they will only be able to see/change
the fields that you include in their forms. YOUR forms (management) would
still include all the fields.

 

[jacksonmacd]

You will need to implement user-level security. Then you will
implement Read With Owners Permissions queries that use the
CurrentUser() function as part of their selection criteria. Finally
you will deny Read permission to the base tables to all users, and
allow them to use the data only through the RWOP queries.


Access user security is not to be taken lightly, so read very
carefully and thoroughly, practice on a COPY of your database, and
don't skip any steps in the process.

Here are a number of links about security:

http://home.bendbroadband.com/conradsystems/accessjunkie/resources.html#Security

Struggling with security/user permissions. Not a programmer or anything, but
have kind of intermediate access skills I guess. Wondering if anyone has the
patience to walk me through how to dea with this?!

I have a new database that I just made with a whole load of fields in about
different clients.

We need all this info for management purposes/access.

We also need the sales staff to have access to some of the info in this main
database, but not all of it.

Every line of client info has a sales persons name next to it. So I want,
ideally, a series of other databases/queries one for each sales person, with
just their client info in. These mini databases also don't want all the
fields in, just some that I have selected.

what's the best way to go about it?

Thanks!

**********************[email protected]
remove uppercase letters for true email
http://www.geocities.com/jacksonmacd/ for info on MS Access security

 

[Keith Wilby]

Struggling with security/user permissions. Not a programmer or anything,
but
have kind of intermediate access skills I guess. Wondering if anyone has
the
patience to walk me through how to dea with this?!

I have a new database that I just made with a whole load of fields in
about
different clients.

We need all this info for management purposes/access.

We also need the sales staff to have access to some of the info in this
main
database, but not all of it.

Every line of client info has a sales persons name next to it. So I want,
ideally, a series of other databases/queries one for each sales person,
with
just their client info in. These mini databases also don't want all the
fields in, just some that I have selected.

what's the best way to go about it?

Thanks!

There are various approaches. One could be to give each user their own
front end with their own query filtered on their name (easy but easily
defeated). Another could be to implement user-level security and only allow
access to records bearing their account name (difficult but a lot more
secure).

There are probably other approaches but you'd need to do a risk assessment
to decide whether it's worth your time in learning how to implement security
(there's a link to the MS FAQ on my web site if you're interested).

Regards,
Keith.
www.keithwilby.com

 

[Guest]

Thanks for all the hekp guys.

I'm trying to get my head round the security stuff.