Securing My DB for global Access user

[Guest]

I want to secure my application such that users globally can run it without
entering
authentication information (I've designed my own scheme), but so that they
can't
make any changes to or view design details about the application.

Will this scenario work:
1. Create a new workgroup file
2. Create a new user, assign it a password, give it Admin group privs
3. Remove admin group from the 'Admin' user
4. Run the security wizard, remove all but data manipulation options
(insert, view, edit etc.) from the User's group
5. Close DB
6. Open the DB and change the DB back to the system.mdw
7. Close the DB and it should be set to allow 'Admin' users to manage the
data but not do database design etc.

Then, when I work on my database I'll use the workgroup file with my admin
info that has access to everything.

-David

 

[Rick B]

Sounds like you don't need to do any of that. Just send them an MDE file
instead of an MDB.

 

[Guest]

Due to the nature of our application, I don't want to use MDE files. We
might for example want all users to be able to create their own reports.

Many of our users will be using different versions of Access, so I don't
want to deal with the issues surrounding proper run-time versions etc.

-David

 

[Joan Wild]

Due to the nature of our application, I don't want to use MDE files. We
might for example want all users to be able to create their own reports.

Many of our users will be using different versions of Access, so I don't
want to deal with the issues surrounding proper run-time versions etc.

Your steps sound OK, but you don't change the mdb back to the system.mdw.
The mdw affects the session, not the database. Have a look at
http://www.jmwild.com/SecureNoLogin.htm
to be sure you don't miss something.

 

[TC]

Ouch! When the user opens the database, Access might want to convert it
to a later version. You'd better check that your scheme will let them
do that! Otherwise, distribute a database in each version (A97, A2k
etc.) & install the right version for that PC.

HTH,
TC

 

[TC]

Further to my other reply, perhaps this is relevant.

Here's a method where you can distribute a normal non-MDE database,
owned by the normal Admin user, which will run with any workgroup file,
/but/, no user can view the design of selected modules. Perhaps a
similar scheme would work with other objects such as tables etc.

http://groups-beta.google.com/group/microsoft.public.access.security/msg/1bb5ff48dd94bc89

HTH,
TC

 

[Guest]

Well, its a 2000 database designed in 2003. I imagine 2002 also allows for
the design of 2000 dbs. 97 isn't supported and as such is a non issue.

David