Security problem with Access 2002 & Access 2000

  • Thread starter Thread starter Mark Barley
  • Start date Start date
M

Mark Barley

I have an Access 2002 database on our network that I have
placed security on and is accessed through a shortcut on
the user's desktop. The shortcut points to the location
of the mdw file on the network. Some of our users only
have Access 2000 on their desktops. The users that have
Access 2000 can bypass the security if they open the
database from the most current list of databases displayed
within Access instead of using the shortcut placed on the
desktop. Users that have Access 2002 can't do this.

Have I done something wrong? Is this a bug? Is there a
fix other than upgrading all users on the network to
Access 2002 (then anyone that wanted total access to the
data would only need to get a copy of an older version of
Access)?

Thanks in advance for your help!

Mark
 
Mark Barley said:
I have an Access 2002 database on our network that I have
placed security on and is accessed through a shortcut on
the user's desktop. The shortcut points to the location
of the mdw file on the network. Some of our users only
have Access 2000 on their desktops. The users that have
Access 2000 can bypass the security if they open the
database from the most current list of databases displayed
within Access instead of using the shortcut placed on the
desktop. Users that have Access 2002 can't do this.

Have I done something wrong? Is this a bug? Is there a
fix other than upgrading all users on the network to
Access 2002 (then anyone that wanted total access to the
data would only need to get a copy of an older version of
Access)?

You didn't apply security properly if the file can be opened with any mdw file other
than the one you used to create it. One of the most basic steps when applying
security is to attempt to open the file with the default System.mdw and make sure you
cannot get in. If you can then you need to check the following (at a minimum).

Default user "Admin" is removed from the Admins group and has zero permissions to the
database and all objects.

Default group "Users" has zero permissions to the database and all objects.

Default user "Admin" is not listed as the owner of the database or any objects.

The last one is very often missed.
 
Back
Top