|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Workgroup file in Network drive and Local computerI have a MS Access application, which is secured by creating user
groups accounts (AppAdmins and AppUsers) and permissions. Both the application MDB and the workgroup file .mdw are going to be in the shared network drive. Can someone copy the .mdw file to the local computer and consequently join to the local .mdw? A user may initially have Administrative rights and may be changed to normal user group by the DB administrator (This change is effective in the network wrkgrp file). But, if the user is still joined to his local workgroup file, it won't take effect and the security is lost. Is my understanding correct, or am I missing something here? Your understanding is correct.
To avoid the problem, you could assign permissions to Users, rather than Groups. Permissions reside in the mdb, so this would work however it'd be tedious to manage security by Users. I suppose another possibility is to check the path to the current mdw in use. If it isn't the server path, you could throw up a message and close the mdb. You can check the mdw in use by using DBEngine.SystemDB -- Show quoteHide quoteJoan Wild Microsoft Access MVP PadmaBhas***@gmail.com wrote: > I have a MS Access application, which is secured by creating user > groups accounts (AppAdmins and AppUsers) and permissions. Both the > application MDB and the workgroup file .mdw are going to be in the > shared network drive. > > Can someone copy the .mdw file to the local computer and consequently > join to the local .mdw? A user may initially have Administrative > rights and may be changed to normal user group by the DB > administrator (This change is effective in the network wrkgrp file). > But, if the user is still joined to his local workgroup file, it > won't take effect and the security is lost. > > Is my understanding correct, or am I missing something here? Thanks Joan, it was very helpful!
Joan Wild wrote: Show quoteHide quote > Your understanding is correct. > > To avoid the problem, you could assign permissions to Users, rather than > Groups. Permissions reside in the mdb, so this would work however it'd be > tedious to manage security by Users. > > I suppose another possibility is to check the path to the current mdw in > use. If it isn't the server path, you could throw up a message and close > the mdb. > > You can check the mdw in use by using > DBEngine.SystemDB > > > -- > Joan Wild > Microsoft Access MVP > > PadmaBhas***@gmail.com wrote: > > I have a MS Access application, which is secured by creating user > > groups accounts (AppAdmins and AppUsers) and permissions. Both the > > application MDB and the workgroup file .mdw are going to be in the > > shared network drive. > > > > Can someone copy the .mdw file to the local computer and consequently > > join to the local .mdw? A user may initially have Administrative > > rights and may be changed to normal user group by the DB > > administrator (This change is effective in the network wrkgrp file). > > But, if the user is still joined to his local workgroup file, it > > won't take effect and the security is lost. > > > > Is my understanding correct, or am I missing something here? 
Other interesting topics
Security in fields
Re: User and Workgroup was screwed User and Workgroup was screwed Access 2003: Help As the administrator on home pc I can no longer login. What 2do? Converting ".mdw" file to access 2003 Creating a workgroup Detecting user with blank password? Exclusive Access Message......... Two DataBases, One Secure and One Not |
|||||||||||||||||||||||
