permissions for secured database in access 2002

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

We have a split FE/BE database I have taken over as the developer, one aspect
was to introduce user level security.

We run access 2002. However the database was of access 2000 format, so first
it was converted to 2002 format before being secured. Then I found you could
still access with the system.mdw with no password or login required. So, I
created a new database (it defaults to create a file in 2000 format so I
immediately converted the empty database into 2002, then imported all the
objects to the new database and this closed the loophole with system.mdw and
the database is secure.

However now it appears whatever permissions I assign, that other users
cannot run macros. I even tried giving them administrative rights on macros,
but for example running a macro that runs a make table query, it halts saying
there is insufficient permissions on the table object in question. (Users
have everything apart from administrative and modify design rights for all
objects so I cannot see the problem.)

What is the problem? Can anyone help?

All I need to satisfy our internal audit, is separate logins on opening
access such that users are unable to edit hard coding, and certain users are
prevent from running certain queries/macros and entering certain forms...any
help is greatly appreciated.
 
1 Are you able to open the database by clicking the file name?
2 Which workgroup was in use when you created the database?
3 Are you using a shortcut pointing to a new workgroup to open the database?
 
Thanks for replying, here are the answers to your questions..

1. No they cannot access the database by simply clicking the filename.
They must use a shortcut with the target locating the correct workgroup to
open the database. They can then sign in and open the database.

2. The workgroup they need to sign into the database is the same as that in
use when I created it.

3. Yes, as above.

Just to clarify, there is no problem in them being granted access to the
database, it is with running make table queries, the warning says something
like
"Could not create, no modify design permission on XXXXXXX table or query
object"

I have now given them modify design rights on all tables and administer
rights on new tables and queries, and it still wont work.

Any further help much appreciated, this is very frustrating...
 
My feeling, with all due respect, is that you are trying things fairly
much at random. If you secured the database, but then found you could
still access it with the normal workgroup file, this clearly shows that
you missed some fundamental steps. Proceeding onwards, from an
incorrect initial state, will not necessarily fix the problems for you.

I suggest that you create a new, /unsecured/ database; import your
partially-secured database's objects into that; then start again, this
time following a written list of explicit instructions, adding &
omitting nothing. That's the only way to get it right. Try the Access
Security FAQ, often referenced in this newsgroup.

HTH,
TC
 
Thanks for the response. I have now resolved the issue and wanted to clarify.
My method wasn't random, although my posting was poorly worded.

Essentially I encountered two bugs residing in Access 2002 itself, which I
have since found referenced elsewhere on this forum.

The first is, a database created in 2000 is not secure if converted to 2002
and then "secured" using the wizard - you can still access it within
system.mdw. You must first import all the objects into a new database file
(of 2002 format) first and secure that. (I cant remember where I found this
information, apologies)

The second is that if access to a database converted from 2000 and imported
as above is secured using the wizard, the permissions assigned to /custom/
groups do not seem to be recognised (using the default named groups is fine).
You either need to stick to the default named groups, or like I did simply
secure your database without touching the wizard, which personally I found
just as user friendly. (As in the following thread "Could not create; no
modify design permissions" (Joan Wild's responses) in this forum).

From experience I would say TC is right follow explicit steps to first
secure the database, much follow a set which explains how to do this without
using the wizard if you are securing a converted file.

Thanks again for your input.
Mike
 
Back
Top