|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Folder security set upWhat is the best way to set up folder security for Access databases. Do we
need only give full rights to the .LDB file and read-only on the .MDB and ..MDE. We are not using user-level security. Is any of this affected if we use data access pages? mscertified wrote:
> What is the best way to set up folder security for Access databases. If your intention is for all users to have read only rights then you can just > Do we need only give full rights to the .LDB file and read-only on > the .MDB and .MDE. We are not using user-level security. Is any of > this affected if we use data access pages? make the MDB and folder be read only for all users. In that case no LDB file is ever created. However; you cannot use network permissions on the file or folder if you only want SOME users to be read only and others to have edit rights (at least not very well). Once a read only user is first to open the file and no LDB file is created then all other subsequent users are forced to read only specifically because no LDB file exists. If a user with edit rights opens the file first then all read only users are locked out entirely because having them open the file would require an edit to the LDB file, something they won't have the permissions to do. -- Rick Brandt, Microsoft Access MVP Email (as appropriate) to... RBrandt at Hunter dot com Thanks for the response.
Maybe I was not clear in my question. All users who have access to the folder will be able to update the database but right now the way the permissions are set up all users can create or delete any file in the folder. I would think this is only needed for the LDB file. Is an LDB file still used if users access the database via Data Access Pages? Show quoteHide quote "Rick Brandt" wrote: > mscertified wrote: > > What is the best way to set up folder security for Access databases. > > Do we need only give full rights to the .LDB file and read-only on > > the .MDB and .MDE. We are not using user-level security. Is any of > > this affected if we use data access pages? > > If your intention is for all users to have read only rights then you can just > make the MDB and folder be read only for all users. In that case no LDB file is > ever created. > > However; you cannot use network permissions on the file or folder if you only > want SOME users to be read only and others to have edit rights (at least not > very well). Once a read only user is first to open the file and no LDB file is > created then all other subsequent users are forced to read only specifically > because no LDB file exists. > > If a user with edit rights opens the file first then all read only users are > locked out entirely because having them open the file would require an edit to > the LDB file, something they won't have the permissions to do. > > -- > Rick Brandt, Microsoft Access MVP > Email (as appropriate) to... > RBrandt at Hunter dot com > > > mscertified wrote:
> Thanks for the response. You could make the permissions on the MDB so that deletion is not allowed, but > Maybe I was not clear in my question. > All users who have access to the folder will be able to update the > database but right now the way the permissions are set up all users > can create or delete any file in the folder. I would think this is > only needed for the LDB file. Is an LDB file still used if users > access the database via Data Access Pages? every time you compact the file you will have to reset that permission since compacting actually creates a new file that inherits the permissions of the folder. The LDB file behavior is a characteristic of the Jet database engine so use of a DAP should not make any difference. -- Rick Brandt, Microsoft Access MVP Email (as appropriate) to... RBrandt at Hunter dot com 
Other interesting topics
|
|||||||||||||||||||||||
