|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Changes To Group Permissions Don't WorkI have a secured Workgroup on the network that I setup a while ago based on the suggestions in the book, "Real World Microsoft Access Database Protection and Security" by Garry Robinson. Per his recommendation I removed the Admin from the Admin group and do not allow access to my database backends on the network to the User group. I created three groups when I made this workgroup; 1. Developer; 2. Writers and 3. Viewers with the obvious associated permissions. All of my other databases work fine with this workgroup as it was setup. Well, I just created a new database and placed the backend on the network with the permissions set appropriately, and MDE frontends for the users. When I rolled out the frontend on one users PC (who had only Viewer group rights), I realized that I needed to add them to the Writers group so they could read, update, insert and delete data. I went into Access on my PC and using the User and Group Accounts window added them to the Writers group. I then tried to execute some commands in the frontend on their PC and got obvious security errors. I went back into the database backend and opened the User and Group Permissions window to make sure the Writer group had the ability to read, update, insert and delete data, which the group did. However when I changed the List view from Groups to Users and looked at the permissions for the user in question (who was now added to the Writers group) all of the permissions were unchecked. I checked a few more users in the Writer group and all of them too had the permissions that I had setup for this group unchecked. I verified the same thing by using the Access 2002 Security Manager add-in. What am I doing wrong here? I was always taught to make changes to permissions to the Group and not the User. Why won't the permissions set to a group of which a user is a member show up correctly here? Is there a easier, better and simpler way to manage all of this than the built in Microsoft Access security tools? Any help, advice or guidance would be greatly appreciated. Thanks in advance. Roger Tregelles Quality Assurance Engineer The security dialogs (Tools, Security, Permissions) only show you explicit
permissions. I other words, if you assign permissions to Groups (recommended), they will show up for the group. A user that is a member of that Group, will inherit the permissions of the Group, however they won't show on the dialog for the 'User' as these are 'implicit' permissions. -- Show quoteHide quoteJoan Wild Microsoft Access MVP Roger Tregelles wrote: > Hi Folks, > > I have a secured Workgroup on the network that I setup a while ago > based on the suggestions in the book, "Real World Microsoft Access > Database Protection and Security" by Garry Robinson. Per his > recommendation I removed the Admin from the Admin group and do not > allow access to my database backends on the network to the User > group. I created three groups when I made this workgroup; 1. > Developer; 2. Writers and 3. Viewers with the obvious associated > permissions. All of my other databases work fine with this workgroup > as it was setup. Well, I just created a new database and placed the > backend on the network with the permissions set appropriately, and > MDE frontends for the users. When I rolled out the frontend on one > users PC (who had only Viewer group rights), I realized that I needed > to add them to the Writers group so they could read, update, insert > and delete data. I went into Access on my PC and using the User and > Group Accounts window added them to the Writers group. I then tried > to execute some commands in the frontend on their PC and got obvious > security errors. I went back into the database backend and opened the > User and Group Permissions window to make sure the Writer group had > the ability to read, update, insert and delete data, which the group > did. However when I changed the List view from Groups to Users and > looked at the permissions for the user in question (who was now added > to the Writers group) all of the permissions were unchecked. I > checked a few more users in the Writer group and all of them too had > the permissions that I had setup for this group unchecked. I verified > the same thing by using the Access 2002 Security Manager add-in. What > am I doing wrong here? I was always taught to make changes to > permissions to the Group and not the User. Why won't the permissions > set to a group of which a user is a member show up correctly here? Is > there a easier, better and simpler way to manage all of this than the > built in Microsoft Access security tools? Any help, advice or > guidance would be greatly appreciated. Thanks in advance. > > Roger Tregelles > Quality Assurance Engineer Joan,
Thanks for that information, it does makes sense. Do you know of any easier way to manage Users, Groups and Permissions that the default tools in Access 2003? It's a pain to have to select one item at a time (tables, queries, forms, reports, macros, etc.) and click Apply rather than selecting an entire group and clicking apply only once. I was thinking of getting the Access Workbench from Garry Robinson (www.vb123.com) but I don't believe you can change the security settings using this program either. Thanks again for your help with this. Roger Tregelles Quality Assurance Engineer "Roger Tregelles" <roger.tregel***@respironics.com> wrote in message You can select all (for example) queries by holding the shift key.news:Oau81GMhGHA.1276@TK2MSFTNGP03.phx.gbl... > Do you know of any easier > way to manage Users, Groups and Permissions that the default tools in > Access > 2003? It's a pain to have to select one item at a time (tables, queries, > forms, reports, macros, etc.) and click Apply rather than selecting an > entire group and clicking apply only once. HTH - Keith. www.keithwilby.com The object list box is a multi-select one - ctrl-click or shift-click and
you can select multiple objects and then the permissions/apply. -- Show quoteHide quoteJoan Wild Microsoft Access MVP Roger Tregelles wrote: > Joan, > > Thanks for that information, it does makes sense. Do you know of any > easier way to manage Users, Groups and Permissions that the default > tools in Access 2003? It's a pain to have to select one item at a > time (tables, queries, forms, reports, macros, etc.) and click Apply > rather than selecting an entire group and clicking apply only once. I > was thinking of getting the Access Workbench from Garry Robinson > (www.vb123.com) but I don't believe you can change the security > settings using this program either. Thanks again for your help with > this. > > Roger Tregelles > Quality Assurance Engineer 
Other interesting topics
Link to a RW database from a RO database?
stolen ownership, round 2, isnt this illegal? switchboard w/ 2007 beta? Cleared 'Admin' Password now can't open database Linked tables and network security details Password protection on a specific button? Access Security Disallow viewing of hidden objects VSS and objects permissions |
|||||||||||||||||||||||
