T
TC
We all know that a workgroup file is just a database with certain special
tables and queries.
Some recent questions made me remember an old question of my own, that I
never got around to answering: "If you created a database with the same
tables & queries as a workgroup file, would Jet agree to use it as a
workgroup file?"
The simple answer is, No.
If you try to create certain MSys* table names in a new, blank, unsecured
database, this is allowed. (For example: MSysxyz.) But if you try to create
the critical names, eg. MSysGroups, this is NOT allowed. The error is
something like, "Can not find table or query <whatever>". The error seems
wrong, becauser you are trying to create the table - not read from it. But
if you read the Help proposed for the error, it says that another cause of
that error is, that you are using an illegal name.
So, Jet will let you create *some* MSys names, but not the ones you actually
need! The tables in question do not already exists in the database, so it is
not a matter of "table already exists". There must be special-case code
within DAO, or Jet, to enforce this restriction.
I did these tests from the Access UI. I have not tested it from code, or
using queries to fake the table names, but I imagine the same result occur.
Of course, even if you could do this, and Jet did accept the resultant
database as a workgroup file, it would not be acceptable, anyway. The
objects would not be owned by the system users (Engine etc.), and they would
not have the various system flags & bits set. The only way to secure them
against unauthorized tampering, would be to use user-level security - Catch
22!
TC
tables and queries.
Some recent questions made me remember an old question of my own, that I
never got around to answering: "If you created a database with the same
tables & queries as a workgroup file, would Jet agree to use it as a
workgroup file?"
The simple answer is, No.
If you try to create certain MSys* table names in a new, blank, unsecured
database, this is allowed. (For example: MSysxyz.) But if you try to create
the critical names, eg. MSysGroups, this is NOT allowed. The error is
something like, "Can not find table or query <whatever>". The error seems
wrong, becauser you are trying to create the table - not read from it. But
if you read the Help proposed for the error, it says that another cause of
that error is, that you are using an illegal name.
So, Jet will let you create *some* MSys names, but not the ones you actually
need! The tables in question do not already exists in the database, so it is
not a matter of "table already exists". There must be special-case code
within DAO, or Jet, to enforce this restriction.
I did these tests from the Access UI. I have not tested it from code, or
using queries to fake the table names, but I imagine the same result occur.
Of course, even if you could do this, and Jet did accept the resultant
database as a workgroup file, it would not be acceptable, anyway. The
objects would not be owned by the system users (Engine etc.), and they would
not have the various system flags & bits set. The only way to secure them
against unauthorized tampering, would be to use user-level security - Catch
22!
TC