|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Securing the Back-Endsecured just fine thanks to the Security FAQ. However, I need a little help with the back-end. The workgroup information file that I am using is stored on the network. I have all of the computers on the network joined to that workgroup file. Because of this, the front-end is secured (no one can edit the forms - they can only enter/edit data) and is safe from people copying it and editing it at home. Hurrah. What is more important than the front-end, however, is the back-end. All of the data that they enter into this fortified glorified collection of forms & queries is being put into a linked table, which just happens to be in the unsecured back-end. Anyone who is using the default workgroup file will be able to just open up the back-end database and look at the information in the tables. I have already read throught the Security FAQ, and it isn't very helpful when it comes to split databases. I tried to secure the back-end the same way that I secured the front-end, but the groups "Full Data Users" and "Read-Only Users" (both are groups that can be created by the security wizard) cannot use the linked tables. When any form tries to reference the tables when logged into one of these groups, I get the following error message: "You do not have the necessary permissions to use the 'm:\mvc\data.mdb' object. Have your system administrator or the person who created this object establish the appropriate permisions for you." Which is just weird, becuause the front-end and the back-end use the same workgroup information file, and the usernames and passwords for both databases are exactly the same. If you are logged in as an administrator, this is not a problem. However, I can't make everyone administrators, as that would completely defeat the purpose of having security. I have tried the Security>Encrypt/Decypt Database tool, thinkig that might secure other computers from accessing the file, but it's no good either. Anyone have a solution for securing the back-end? I'm running out of ideas. Thanks, Nick Hi Nick,
Tatakau wrote: > The workgroup information file that I am using is stored on the That really isn't a good idea. That will require that they log in to all > network. I have all of the computers on the network joined to that > workgroup file. databases, secured or not. It is better to leave them joined to their default system.mdw and give them a desktop shortcut to launch your secure frontend. The target would look like: "path to msaccess.exe" "path to frontend" /wrkgrp "path to secure.mdw" > Anyone who is using You can secure the backend.> the default workgroup file will be able to just open up the back-end > database and look at the information in the tables. > I tried to secure the The key is to use the same workgroup file to secure the backend. Just open > back-end the same way that I secured the front-end, your frontend and log in, then close the database, but keep Access open (this will ensure you are using your secure.mdw). Open the backend and proceed to secure it. > but the groups Did you give these groups permission to open the backend database (the > "Full Data Users" and "Read-Only Users" (both are groups that can be > created by the security wizard) cannot use the linked tables. > > "You do not have the necessary permissions to use the > 'm:\mvc\data.mdb' object. Have your system administrator or the > person who created this object establish the appropriate permisions > for you." database object)? By the way did you run the wizard on the backend, or just assign permissions? > As I said earlier, open the frontend, then open the backend and run the > Anyone have a solution for securing the back-end? I'm running out of > ideas. security wizard on it (I'm assuming you are using 2003?) -- Joan Wild Microsoft Access MVP Thanks Joan! Especially about the workgroup information file tip - I was
wondering if there was any way around that one. After that though, a little more fiddling around somehow turned out okay. Not quite sure why it didn't work before... voodoo I suppose. Thanks again! Nick Show quoteHide quote "Joan Wild" wrote: > Hi Nick, > > Tatakau wrote: > > The workgroup information file that I am using is stored on the > > network. I have all of the computers on the network joined to that > > workgroup file. > > That really isn't a good idea. That will require that they log in to all > databases, secured or not. It is better to leave them joined to their > default system.mdw and give them a desktop shortcut to launch your secure > frontend. The target would look like: > "path to msaccess.exe" "path to frontend" /wrkgrp "path to secure.mdw" > > > Anyone who is using > > the default workgroup file will be able to just open up the back-end > > database and look at the information in the tables. > > You can secure the backend. > > > I tried to secure the > > back-end the same way that I secured the front-end, > > The key is to use the same workgroup file to secure the backend. Just open > your frontend and log in, then close the database, but keep Access open > (this will ensure you are using your secure.mdw). Open the backend and > proceed to secure it. > > > but the groups > > "Full Data Users" and "Read-Only Users" (both are groups that can be > > created by the security wizard) cannot use the linked tables. > > > > "You do not have the necessary permissions to use the > > 'm:\mvc\data.mdb' object. Have your system administrator or the > > person who created this object establish the appropriate permisions > > for you." > > Did you give these groups permission to open the backend database (the > database object)? By the way did you run the wizard on the backend, or just > assign permissions? > > > > > Anyone have a solution for securing the back-end? I'm running out of > > ideas. > > As I said earlier, open the frontend, then open the backend and run the > security wizard on it (I'm assuming you are using 2003?) > > -- > Joan Wild > Microsoft Access MVP > > > Tatakau:
If you're just learning about Access security, and have already read the FAQ, then you might find the article and Permissions Explorer tool at my site helpful. http://grahamwideman.com/gw/tech/access/accesssec/index.htm http://grahamwideman.com/gw/tech/access/permexpl/index.htm Graham 
Other interesting topics
Security change takes effect only locally, not on server
TC - New security model Share Workgroup Information File Access Security When called from .NET You do not have Exclusive acces to the database at this time????? Relink tables in a secured DB - create table permission required? Database on network , but if 1 user logs in others are locked out Export or Import Objects from One Secured Database to Another Locked out of all Access DBs Re: Overall Security??? |
|||||||||||||||||||||||
