Security issues - AARRGGHHH!!!

  • Thread starter Thread starter JimBob
  • Start date Start date
J

JimBob

I have muddled my way through securing my database. It is now
accessable to 20 users, 4 of which have administrative permissions (IE:
Ones that I trust). The rest have only read only access.

When I secured the database, I followed the instructions as laid out in
the August 2001 of ElementK Journals (www.elementkjournals.com/ima).
The first step in securing the database was to create a new work group.
I did so at first storing the .mdw file on my local PC. I then moved
the database to the shared drive and created a test user. I was able
to access using the read only user on my PC. I went to the users PC
and asked him if he would log on but when he atttempted to open the
database, the following error came up: YOU DO NOT HAVE THE NECCESSARY
PERMISSIONS TO USE THE .MDB OBJECT. So I tried again, this time
creating the .mdw file on a shared drive. I then created all the users
with the approriate user levels and went to each PC and joined them to
the new work group. Sucess, all can now access the database with a log
on and an assigned password.

Now the issue is that when ever the attempt to log on to any 2002
database, they are prompted to log on. This includes databases on user
local hard drives and if the users wish to create one. From what I can
see, the users still have the full rights to these.

What it all boils down to is this question: Since I have all the users
joined to a work group on a shared drive, will they have to now log on
when using ACCESS 2002?

Thank you!
 
The trick is to leave all PC's joined to the original system.mdw file. Create a shortcut
which includes a switch to specify the workgroup information file. Have everyone start
the database using the shortcut.

See Item # 19 in the FAQ for Access Security, which you can download at:
http://support.microsoft.com/default.aspx?scid=kb;en-us;165009

Their example includes:
c:\msoffice\access\msaccess.exe /wrkgrp c:\myapp\secacc.mdw

You can specify a network drive for the .mdw file as well (watch for word wrap here):

"C:\Program Files\Office2K\Office\msaccess.exe" "\\Server\Share\DatabaseName.mdb" /wrkgrp
"\\Server\Share\secacc.mdw"

You are limited to 256 characters total, so you may need to place your database in a
higher level directory to avoid excessively long paths, especially on Windows NT/2000
machines. This technique is also useful when you have an unsecured database, but multiple
versions of Access (Access 97, Access 2000, Access 2002, Access 2003) loaded on the same
machine.

How to Use Command-Line Switches in Microsoft Access
http://support.microsoft.com/default.aspx?scid=kb;en-us;209207


If you send me an e-mail message at AOS168 at attbi dot com
I will send you a copy of a Word document that summarizes the shortcut technique.

Tom
____________________________________________


I have muddled my way through securing my database. It is now
accessable to 20 users, 4 of which have administrative permissions (IE:
Ones that I trust). The rest have only read only access.

When I secured the database, I followed the instructions as laid out in
the August 2001 of ElementK Journals (www.elementkjournals.com/ima).
The first step in securing the database was to create a new work group.
I did so at first storing the .mdw file on my local PC. I then moved
the database to the shared drive and created a test user. I was able
to access using the read only user on my PC. I went to the users PC
and asked him if he would log on but when he atttempted to open the
database, the following error came up: YOU DO NOT HAVE THE NECCESSARY
PERMISSIONS TO USE THE .MDB OBJECT. So I tried again, this time
creating the .mdw file on a shared drive. I then created all the users
with the approriate user levels and went to each PC and joined them to
the new work group. Sucess, all can now access the database with a log
on and an assigned password.

Now the issue is that when ever the attempt to log on to any 2002
database, they are prompted to log on. This includes databases on user
local hard drives and if the users wish to create one. From what I can
see, the users still have the full rights to these.

What it all boils down to is this question: Since I have all the users
joined to a work group on a shared drive, will they have to now log on
when using ACCESS 2002?

Thank you!
 
Back
Top