I excluded myself from administrators of a db

  • Thread starter Thread starter sipiatti
  • Start date Start date
S

sipiatti

I made a mistake when I changed the workgroup and user access of an ms access
db what I currently develop.

The software is not quite finished, but it is usable, and my users need it,
so I decided to release it with a workgroup file with restrictions.
To avoid unauthorized modification I excluded the Admin user from the db
administrators and take away all of its rights.
Unfortunatelly I forget to check my user if I have all access, it was the
end of the shift at friday afternoon
This morning I experienced the truth: I excluded myself so I cannot continue
the developing I have one week worktime in it already, it will be hard to
start it again due to this idiot mistake.

Is there a way to give the admin rights back? It is impossible with the
normal way from the menu
 
There must always be at least one member of the Admins Group - Access won't
let you remove all users from that group. So login as each user (maybe even
the Admin User) until you find the one that is a member of the Admins Group.
 
admin group has users, but they do not have access for modifying objects :)

but I managed to solve:
- I had read access onto every objects
- I opened a new empty database
- Copied all objects and pasted them into this empty db one by one gaving
the same name to them what it was in the original
- finally I had a new db with all objects and same behavior

That's the trick.
 
sipiatti said:
admin group has users, but they do not have access for modifying objects
:)

but I managed to solve:
- I had read access onto every objects
- I opened a new empty database
- Copied all objects and pasted them into this empty db one by one gaving
the same name to them what it was in the original
- finally I had a new db with all objects and same behavior

That's the trick.

My idea of "the trick" is to keep regular back-ups, especially before
embarking on a radical change.
 
I think it worked because the original file was not properly secured;
otherwise security could be circumvented simply by copying into a new
database as you have done.

There is an Admin user, who is the default user, and who is by default a
member of the Users group and the Admins group. Both groups have full
permissions by default, but only members of the Admins group may create and
delete users/groups, change user/group permissions, etc. If you do not set
up user-level security Access logs you on silently as the Admin user.
Joan's point was that Access will not let you remove all users from the
Admins group. Further, the Admins group cannot be denied administrative
rights, including working with users and groups. Somebody *has to* be a
member of the group. Once that user is located you can log in as that user
and restore your permissions.

It is possible, I suppose, to set up that user with a password, then forget
who it is and what password was assigned. However, you still should be able
to view group membership, and at least have a chance of getting in.

Another point about user-level security is that all users belong to the
Users group, so unless that group is denied most or all permissions you
really have no security at all.

Again, remove the Admin user from all groups except the Users group (after
assigning another user to the Admins group), and remove all permissions for
the Users group (unless you want to allow read-only). You did not do this,
so you were able to recover by using the method you described, but you did
not have effective security.
 
On Tue, 18 Nov 2008 00:00:01 -0800, sipiatti

Use precise language. Joan was talking about the Admins group.

You fiddled with security without first downloading, studying, and
fully understanding the security faq from microsoft.com. Your
ignorance worked in your favor, this time.

Workgroup security has been removed from Access 2007 accdb. Hint,
hint.

-Tom.
Microsoft Access MVP
 
Back
Top