Front/Back end db security question...

[Brad Pears]

We had a Customer DB application that we split into a front and back end. We
are using a system file to control user access to tables, quieries, forms
etc... and in this application, we even control which users have access to
which fields in teh Customer master table.

However, now that we have gone to a front/back-end, any savvy user can
simply browse to where the back-end.mdb file is, double click it and gain
full access to the data!!! They don't even have to log on as it appears
that all of that is bypassed when opening up the back end iundividually! The
system file isn't even looked at - only when they trying to open the front
end up.

Is there something I can do to prevent access to the back end or should I
put the DB back together as one if I want to keep the security tight on it?

Obviously I can't change any file security options at the OS level as these
users need to be able to add/modify data in the .mdb file.

Thanks,

Brad

 

[Lynn Trapp]

You need to secure the back end using the same .mdw file that you used to
secure the front end.

--
Lynn Trapp
MS Access MVP
www.ltcomputerdesigns.com
Access Security: www.ltcomputerdesigns.com/Security.htm
Security FAQ: http://support.microsoft.com/support/access/content/secfaq.asp

 

[GaryB]

This is the conclusion I came to but cannot find out how to
do this. If you simply join the workgroup then all access
db's on your pc have to use that wgp. Also, any savvy user
can rejoin the system.mdw to gain access to the _be.mdb.
I'm using Access 2003 and haven't had this problem in
previous versions (maybe I did but didn't spot it...)
Any help would be greatly appreciated.

 

[Guest]

Give the users read/write access to the folder where the front end and be files are located. Go now under the be file it self and give them the permissions as necessary.

They will be able to open the file even separately (not using the fe) (run select queries, reports ...) but won't be able to change it's content if not so specified.