how to secure a new db with an existing .mdw

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hello,
two short questions:
a) if I choose file>new> new blank database from a secured database, will
the new database use the same .mdw file that is used from the secured
database?
I don't think so, because if then I use the new database while joining the
default .mdw (system.mdw), the owner of objects in the new database is
*unknown*, but 90% of the times i'm wrong with these security things.

b) In any case, what is the best way to go to secure a new database with an
existing .mdw file?

Thanks
Rocco
 
rocco said:
Hello,
two short questions:
a) if I choose file>new> new blank database from a secured database, will
the new database use the same .mdw file that is used from the secured
database?
Click to expand...

Yes. The mdw remains for the entire session of Access.
I don't think so, because if then I use the new database while joining the
default .mdw (system.mdw), the owner of objects in the new database is
*unknown*, but 90% of the times i'm wrong with these security things.
Click to expand...

That makes perfect sense. The system.mdw does not contain the username that
you were logged in as under the secure mdw session. Therefore it lists
'unknown' as the owner, since the owner is unknown to the system.mdw file.
b) In any case, what is the best way to go to secure a new database with
an
existing .mdw file?
Click to expand...

As per a)
 
You solved any problems. As usual.
Thanks
Rocco

Joan Wild said:
Yes. The mdw remains for the entire session of Access.


That makes perfect sense. The system.mdw does not contain the username that
you were logged in as under the secure mdw session. Therefore it lists
'unknown' as the owner, since the owner is unknown to the system.mdw file.


As per a)
Click to expand...
 
Hi Joan,
I have already thank you for the answers, but...
I have one more question:
If the new database will use the same .mdw file that is used for the secured
database, since i'm currently joined throguh the system.mdw file (1) why it
doesn't ask me for the user ID and password?

I can open the db without any problem. It seems it is not secured at all.
"Admin" in file (1) has no permission to do anything.
 
rocco said:
Hi Joan,
I have already thank you for the answers, but...
I have one more question:
If the new database will use the same .mdw file that is used for the
secured
database, since i'm currently joined throguh the system.mdw file (1) why
it
doesn't ask me for the user ID and password?
Click to expand...

That's contradictory. If you open your secure mdb, then you are joined (for
that session) to your secure mdw, not the system.mdw. Once you create a new
database, you then have to go through the process of securing it.
Permissions are stored in the mdb file, not the mdw.
 
uhm...let me better explain what I did:
I have never changed my default mdw: I always use shortcuts to manage
secured database.
So I opened a secured database through shortcuts.
From within this database I clicked file>new>new blank database. Than I
saved it on my desktop. I thought this way the new Db should be secured as
well, and that it needs to use the same mdw file as the secured DB.
This new database doesn’t have a shortcut, so when I open it should ask for
user id and password to log in. That’s if it was secured. Right?
Besides, the mdw file used for the secured DB has very strict permission
rules: Admin is in the Users Group only and this group doesn’t have any
permission.
Instead, what is happened is that I’m able to open the new Db while joined
the system.mdw (as I told you I’m always joined to the system.mdw since I use
shortcut to manage the mdw files I create to secure databases).
Hope it is more clear.
 
in message:
uhm...let me better explain what I did:
I have never changed my default mdw: I always use shortcuts to manage
secured database.
So I opened a secured database through shortcuts.
From within this database I clicked file>new>new blank database. Than I
saved it on my desktop. I thought this way the new Db should be secured as
well, and that it needs to use the same mdw file as the secured DB.
This new database doesn't have a shortcut, so when I open it should ask for
user id and password to log in. That's if it was secured. Right?
Besides, the mdw file used for the secured DB has very strict permission
rules: Admin is in the Users Group only and this group doesn't have any
permission.
Instead, what is happened is that I'm able to open the new Db while joined
the system.mdw (as I told you I'm always joined to the system.mdw since I use
shortcut to manage the mdw files I create to secure databases).
Hope it is more clear.
Click to expand...

Hi Rocco,

Hope you don't mind me stepping in.

I think I see where you are going with this. You might be under the assumption that following your
exact steps above will "magically" properly *secure* the entire new database file that you just
created. Not quite, you still need to take some additional steps on this file. Perhaps an
illustration will help.

1. Using your custom shortcut, log into your secured database file with your custom workgroup file.
2. Go to File | Close so this database will close, but Access will remain open. You should still be
using (but not joined) to the custom workgroup file.
3. Go to File | New and create a new database. Create one quick dummy form and save it. Now close
the database and Access all together.
4. Now double click on this new database file. By doing it this way, Access will log you in as Admin
using the system.mdw file. You will of course notice that you can get into the database and not be
presented with a login screen.

So why does this happen you say?

Well, you must remember that *permissions* are stored within the database file itself and
Users/Groups and their passwords are stored within the workgroup file. When you create a new
database file there are certain things that Access does by default. To see some of these defaults,
follow these steps below.

1. Using your custom shortcut, log into your secured database file with your custom workgroup file.
2. Go to File | Close so this database will close, but Access will remain open. You should still be
using (but not joined) to the custom workgroup file.
3. Go to File | Open and open that new database.
4. Now go to Tools | Security | User And Group Permissions. Take a look at what the Permissions are
for the **Database** object itself. You will notice that the Users *Group* has full permissions to
the Database object. That is why you can, for now, log into this database using the system.mdw.
Access logs you in as Admin who is a member of the Users Group in **both** the custom workgroup file
AND the system.mdw file. Since the Users Group has full permissions (at the moment), you can open
the database file and not get prompted for a login. Ahhhh haaaa!

Does that make sense? For ALL new databases you will still need to do some securing of the various
database objects. Access by default will always give full permissions to the Database object for any
new databases. You will always need to remove this permission.

Hope that helps,
 
Back
Top