Fundamental Access security questions

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

It occurs to me that I've been using .mdw files in a way that is not very
secure. I have the user start Access through a shortcut where the Target of
the shortcut uses the /wrkgrp parameter. Obviously, a user can open the mdb
file directly and circumvent all the security I've specified.

How do I force a user (or machine?) to have membership in a particular
workgroup that I intend to contain the users for this application?

Second, my application has a backend and three front ends. Should I have
three mdw files or just one with the three different sets of permissions
handled with three groups defined in the single mdw file? I suspect that
one mdw file is appropriate.

Thanks much for any help with this.

David
 
It occurs to me that I've been using .mdw files in a way that is not very
secure. I have the user start Access through a shortcut where the Target of
the shortcut uses the /wrkgrp parameter. Obviously, a user can open the mdb
file directly and circumvent all the security I've specified.

If they are opening the file directly (say via Windows Explorer), and they
are joined by default to any workgroup other than your secure mdw, then you
haven't secured it properly. They should *only* be able to open it via the
workgroup you specify. Did you follow every step outlined in the FAQ?
http://support.microsoft.com/?kbid=207793
A common mistake is that the Admin user still owns the database, or the
Users group still has permissions. Neither of these should own or have
permissions.
How do I force a user (or machine?) to have membership in a particular
workgroup that I intend to contain the users for this application?

Second, my application has a backend and three front ends. Should I have
three mdw files or just one with the three different sets of permissions
handled with three groups defined in the single mdw file? I suspect that
one mdw file is appropriate.

One should be sufficient.
 
Back
Top