|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Group Permisssion Inheritanceat runtime I have created an 'All_Users' security group. All forms except this one have 'Read Only' rights; The above form also has 'Modify' rights. When I assign Users to the 'All_Users' security group I find that they are not getting the modify rights to this form. If I give the users these rights individually it works fine. I thought that by combining access permisssions into groups and allocating groups to users, users got the 'highest level' of access permitted by the combination of groups allocated to them. Why are my users not inheriting the correct permissions based on the groups allocated to them? Any help appreciated. -- Peter Schmidt Ross-on-Wye, UK You are correct that a user in a group will get the highest permissions
given to that user and that group (unioned together, as it were). So, if a user 'x' does not have access 'y' to an object 'z' - but, user 'x' is a member of a group which has been granted access 'y' to object 'z' - then, user 'x' /will/ have access 'y' to object 'z'. Notice I mention the user (or the group) /and/ the access type /and/ the object, when talking about permissions. It is the unique combination of those three things, which has the permission. So you must be mistaken about what permissions you have assigned to which groups in regard to what objects! Here's how to find out what permissions user 'x' has to, for example, a table 'y': (untested) with dbengine(0)(0).tabledefs![y] .username = 'x' debug.print .permissions ' user permissions (ignoring his groups); debug.print .allpermissions ' all permissions (including his groups) end with Use similar code for forms & reports etc. Check out the [All]Permissions properties for more information. HTH, TC 
Other interesting topics
|
|||||||||||||||||||||||
