Securing an Access Database

  • Thread starter Thread starter D
  • Start date Start date
D

D

If you secure an MSACCESS Database using a Workgroup Information File
WIF and then setting up permissions removing the Admin user from the
its default group, repalce it with another named user, transfer all
the ownership of objects to the new user. Then run the database
security wizard. If after this the mdb file is placed on a different
users PC which is still using the defauult system.mdw file should they
still be able to open the database with full rights and permissions ?


Regards David
 
D said:
If you secure an MSACCESS Database using a Workgroup Information File
WIF and then setting up permissions removing the Admin user from the
its default group, repalce it with another named user, transfer all
the ownership of objects to the new user. Then run the database
security wizard. If after this the mdb file is placed on a different
users PC which is still using the defauult system.mdw file should they
still be able to open the database with full rights and permissions ?

It all depends on *how* you do this. "Transfer all ownership" - if you do this via the security dialogs, then no it won't be secure. If you do this by creating a new database while using your new WIF (and logged in as the 'other named user'), and then import all the objects, then you are sure that 'other named user' actually owns the database object.

The order in which you carry out the steps is important. The order you outlined above would not result in a secure mdb. It's important that you follow the steps outlined in the security FAQ, missing nothing and following the order:

Security FAQ
http://support.microsoft.com/?id=207793

Security Whitepaper
http://support.microsoft.com/?id=148555

I've also outlined the detailed steps at
www.jmwild.com/AccessSecurity.htm
 
Gunny, Quite Right...
However, I dont know where else it was posted to and, as a security question,
it should by rights have been posted and answered here?
(implying, as one interpretation, that it should not have been answered in the
other newsgroup?)
(or, as another interpretation, that it was right to reprint here?)

Not everyone reads, or answers, all newsgroups. It is of course proper to
point the issue out, particularly that it would be better to "cross-post".
There seems no reason to assume that everyone is so familiar, and for all I
can see in this ng and with that knowledge, he may well have been just looking
further afield for further responders. If so, that is acceptable practice!

Regards
Chris

in message ...
 
Back
Top