Ugh! Permissions dilema...

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hello everyone. I'm using A02 on XP. DB is an old A97 that was converted up
to A02. Have a user group with edit rights and they work fine on one form
but not on another. I cannot figure it out! I've checked the permissions
from the DB to tables to queries to forms. If I give someone in the group
admin rights, all is well but I can't do that for everyday permissions. Just
can't figure out what I'm missing. Is there some glitch I'm not aware of?
Must I create a new empty DB and import all my objects? I've been fighting
with this for hours!

Thanks in advance for any advice!
 
What is the specific error message? That usually tells you the object you
need to focus on.

i.e 'you do not have permission to use xxx object...'

What are the permissions on that object? Does that object have any lookup
fields - (yet another reason to avoid them); users need permission on the
lookup table.
 
Hi Joan,

Thanks very much for your inquiry. I get no message. It simply will not
respond. There is no status bar message or dialog box. I can edit as my
all-powerful self but when I log in as one of the RPSAdm group I can edit
some forms and this one I cannot. I place the mouse in the field and there
is no response to my keystrokes.

P.S. What should I do about the reply I got above from 'bad man'? He
doesn't offend me, he's just showing himself to be a twit. Is there any way
for the PTB's to block foul posting addresses from our newsgroups?

Thanks again!
 
Bonnie said:
P.S. What should I do about the reply I got above from 'bad man'?
Click to expand...

You can follow the advice "bad man," AKA Trey Davis, Steve, etc, received in
another thread when he apologized, and then continued his offensive posts:
I WAS WRONG

Everyone including David Cox please accept my apology. I'm the one who was
the troll from the past few days, posting something like: "you cant do that
with access 2003."

This will not happen again, as I am now fearing for my life after the entire
thread started by David Cox: "Passing oneself off as an MVP?"

Again, please accept my sincere apology.
Click to expand...

Since you posted so many offensive messages as "bad man" and Trey Davis this
morning *after* you posted this one, your sincerity is doubtful. I'm very
pleased to inform you that this can easily be fixed by doing all of the
following:

1) Open Outlook Explorer and right click on a message from "bad man" or Trey
Davis. Select Properties | Details and look at the message header:

From: "bad man" <[email protected]>
References: <[email protected]>
Subject: Re: Ugh! Permissions dilema...
Date: Fri, 22 Sep 2006 13:57:50 -0500
Lines: 24
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2900.2869
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
X-RFC2646: Format=Flowed; Original
Message-ID: <[email protected]>
Newsgroups: microsoft.public.access.security
NNTP-Posting-Host: 216.253.202.174
Path: TK2MSFTNGP01.phx.gbl!TK2MSFTNGP04.phx.gbl
Xref: TK2MSFTNGP01.phx.gbl microsoft.public.access.security:71723

2) Copy the IP address for the NNTP-Posting-Host, 216.253.202.174, and paste
it into the text box on this web page:
http://www.melissadata.com/Lookups/iplocation.asp

3) Copy the ISP name and Google for it to find the company's web page.
Follow the link to the company's web site. Click on the city named as the IP
location to find the company's local office phone number and then scroll down
to find the "Contact Us" email address.

4) Send the following email and then call the company to let them know you
sent it:

Please forward this message to your company's HR office. One of your company
employees in the Oklahoma City/Broken Arrow area appears to be intoxicated at
work today, and appears to have been intoxicated on Monday and Thursday, too.
He has been busy every day this week harassing people, sending spam,
providing misinformation while impersonating a Microsoft-designated expert,
and using foul, offensive language, all by transmitting messages from your
company's network to thousands of news servers and web sites worldwide. Your
employee has gotten so carried away that one person suspects your employee
may be cyber-stalking him, mistaking him for some enemy. Since your company
is responsible for the actions of its employees, including his impersonation
of multiple officially-designated Microsoft Most Valuable Professionals, but
especially since his intoxication at work may pose a danger to himself or
others, I know you'll want to address this as soon as possible.

Your employee didn't give his full name, but he gave several clues as to his
identity. The young man's first name is probably Steve. He's been
broadcasting his hundreds of offensive and misleading messages from your
company's proxy server in the Oklahoma City area and started doing most of
his disruptive behavior beginning at about 2:30 PM Central Time on Monday and
Tuesday, which is probably after his boss had gone home for the day or was in
meetings and couldn't closely supervise 'Steve.' Since Wednesday, 'Steve'
has been broadcasting his offensive and disruptive messages from your
company's network all day during business hours, indicating that his boss has
probably been out of town on business or on vacation since Wednesday.

'Steve' was working on a Microsoft Access database last Friday and Monday of
this week, attempting to prevent the graphics filter message from displaying
(like "importing imageName.jpg") whenever loading images into a subform. He
was also trying to determine how to tell whenever a user on another computer
was accessing a particular record in the database.

Anyone can easily trace the originator of these messages and discover that
they are coming from your company's network by Googling any of the messages,
like this one:

http://groups.google.com/group/micr...a55d/0565d692a069564b?&hl=en#0565d692a069564b


Click on "show options" on the second message in the thread, the one from
"bad man." Click on "Show original." A new window opens, showing the
message with its headers, including this line:

NNTP-Posting-Host: 216.253.202.174

Or you can check the first offensive message from Steve:

http://groups.google.com/group/micr...2e1e/3836f6112c81a35a?&hl=en#3836f6112c81a35a


Click on "show options" on the third message in the thread, the one from
"Steve." If you check this message's headers, it includes this line:

NNTP-Posting-Host: 216.253.202.174

The NNTP-Posting-Host is the IP address of the computer used to post that
message. Anyone can find which company this computer uses to connect to the
Internet by checking the public records for Internet Service Providers (ISP).
One such URL for these public records is
http://www.melissadata.com/Lookups/iplocation.asp and I think you'll find
familiar the name of the company it reveals.

'Steve' has been posting his messages as "bad man," Trey Davis, David
Pawloski, Armando Blanco, and George Bateman, and he'll undoubtedly keep
changing the name he posts under as each name is blocked by readers. You can
look at these messages and verify that they've been posted by the same
computer on your company's network:

http://groups.google.com/groups?as_...authors=bad+man&lr=lang_en&as_drrb=q&safe=off


http://groups.google.com/groups?as_...s_usubject=&as_uauthors=Trey+Davis&lr=lang_en


http://groups.google.com/groups/sea...iEiRPI7M2QSjOpuh1pnvFAOUlylOg&scoring=d&hl=en


http://groups.google.com/groups/sea...Qy73Q9_HqZiDvCVswhrZ6TQxKj0ww&scoring=d&hl=en


http://groups.google.com/groups/sea..._WPtP4g9h3i3SmjGmAJbX05nZ-8fQ&scoring=d&hl=en



******************************
Did I actually send this message to your employer? Of course not. I'm
willing to give you a second chance to mend your ways, Steve. But the
question is this: "Are you sure that everyone else is just as willing?"
 
That is odd; I can't think of a reason for this. They obviously have open
permission on the form.

What is the record source for the form? Can you open it directly as one of
the RPSAdm and see any records, or add/edit anything there?

If you can do that, check that there isn't some code behind your form
causing the problem.

As for 'bad man', I suggest you just ignore it.
 
Granny Spitz via AccessMonster.com said:
3) Copy the ISP name and Google for it to find the company's web page.
Follow the link to the company's web site. Click on the city named as the
IP
location to find the company's local office phone number and then scroll
down
to find the "Contact Us" email address.
Click to expand...

Am I missing something here Granny? Does this assume that the offender
works for the ISP?

Thanks.
Keith.
 
Keith said:
Does this assume that the offender
works for the ISP?
Click to expand...

The ISP has been assigned IP addresses that provide Internet services for
other computers. An ISP can sell those Internet services to the general
public (like AOL, Comcast, Earthlink, etc.) or the ISP can use those Internet
services in-house, as most companies do. Since the ISP in question is not in
the business of selling Internet services to the public, we can assume that
it's an in-house computer that connects to the proxy server that connected to
the Internet to post those messages. And since these offenses occurred
during regular business hours, it's likely an employee of that business that
has access to the computer used. In any case, it's that company who is
legally responsible for getting to the bottom of this, whether it's a current
employee, the son of a current employee visiting the company's office, or a
hacker causing mischief. They can start with the assumption that it's their
own employee (who else has access to their computer network?) and go from
there.
 
Granny Spitz via AccessMonster.com said:
The ISP has been assigned IP addresses that provide Internet services for
other computers. An ISP can sell those Internet services to the general
public (like AOL, Comcast, Earthlink, etc.) or the ISP can use those
Internet
services in-house, as most companies do. Since the ISP in question is not
in
the business of selling Internet services to the public, we can assume
that
it's an in-house computer that connects to the proxy server that connected
to
the Internet to post those messages. And since these offenses occurred
during regular business hours, it's likely an employee of that business
that
has access to the computer used. In any case, it's that company who is
legally responsible for getting to the bottom of this, whether it's a
current
employee, the son of a current employee visiting the company's office, or
a
hacker causing mischief. They can start with the assumption that it's
their
own employee (who else has access to their computer network?) and go from
there.
Click to expand...

Understood, thanks for the info.

Keith.
 
Hi Joan,

I have opened the linked table and the query as one of the administrators
and have the same inability to edit. Have deleted the link and relinked it
(tables are in a backend DB).

Should I try to create a new shell DB and import my objects?

Thanks very much for your help.
 
Hi Keith,

Thanks for your efforts to keep the newsgroups 'clean'. And thanks to
'Granny' for the input.
 
Bonnie A said:
Hi Keith,

Thanks for your efforts to keep the newsgroups 'clean'. And thanks to
'Granny' for the input.
Click to expand...

I just didn't quite understand Granny's explanation but do now ... I think
;-) I followed my work IP using Granny's link and it returned the correct
provider (CSC) but the location was way out. Having said that I'm sure CSC
would have no problem in tracing me should the need arise (and I sincerely
hope it doesn't).

Keith.
www.keithwilby.com
 
Keith said:
I followed my work IP using Granny's link and it returned the correct
provider (CSC) but the location was way out.
Click to expand...

The ISP's themselves are responsible for keeping the public records up-to-
date, and many of them don't. Also, IP addresses are issued in *banks* of IP
addresses assigned to the ISP's. Each bank of IP addresses is registered
with a single geographical location where those IP addresses are to be used,
so your location could be 1,000 miles away from headquarters, and your
company's headquarters location could be registered as your IP address
location, not your physical location.
 
That suggests that there is something in the form preventing the edits,
since you can edit the recordsource. check the code behind the form to see
if there is something locking things; also check the properties of the form
(allow edits, etc)
 
Back
Top