I have a secured, split database.  Works fine on my computer.  I have
Admin permissions both with Access DB and with Windows.

Took the database to the user.  Same setup.  User has "PowerUser"
permissions.  Got a "cannot lock file" error message.   Only when the
user got full Windows Admin rights, would things work.Is there a way
to get things to work without full Windows Admin rights?

Using Access 2003, Windows XP, Novell network.  Only 1 user was trying
to use the database.
The database was not at the root of the drive.  The network is
shared.  The database is 5 levels down in the UNC path.

Thanks for all your help.
Nadine

Hi, Nadine.

The Windows Administrator lied to you.  This user has "Crippled User"
permissions.

That's because the user doesn't have create or modify permissions on the
files in that directory.  Access needs to create an LDB (locking database)
file or else set the exclusive lock in the MDB file, but your user can't
write to either of those files without the proper permissions.

The quickest and easiest method is to give Full Control Windows security
permissions on the directory, but your Windows Administrator is likely to
die of a heart attack after he screams, "That's not secure!!!"

Your Access users need read, write, create, modify, and delete permissions
on that directory.  They don't need "List folder contents," but that
permission comes in handy when you think about it.  (Without it, users can't
see the files in the directory or check their permissions, but they can
still exercise any other allowed permissions, such as reading and writing
files.)  And they don't need to create and delete subdirectories and set the
permissions for the current directory and those subdirectories, but even
those advanced permssions come in handy, particularly when the Windows
Administrator can't get it right the first three or four times.  That's all
the permissions that "Full Control" gives the user that the Windows
Administrator is screaming is not secure.

HTH.
Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips and tutorials.
Blogs: www.DataDevilDog.BlogSpot.com, www.DatabaseTips.BlogSpot.com
http://www.Access.QBuilt.com/html/expert_contributors2.html for contact
info.

No, they don't need DELETE permissions. They do need all the others.

Hi, David.

Would you like to have paid $10 to $100 less in U.S. federal taxes every
year for at least the previous ten years (and every year in the future)?
You could have, and every other U.S. taxpayer could have, too, but we
didn't.  The reason we didn't is because of the expensive (and all too
common) work stoppages at U.S. government contractors who are using Access
database applications where the users don't have delete permissions on the
directory.  I know of quite a few Access database applications where each
one to three hour work stoppage costs $10,000 to $20,000+ while the users
wait for a manager or a Windows administrator to come and delete the .LDB
file for them so that they can open the database again to do their jobs.
Only the managers have delete permissions, but unfortunately, the managers
never use the applications, and they are never around to delete the .LDB
file when needed.

I'd say that's an expensive policy, wouldn't you?  Since it's so easy to
give the users delete permissions to avoid such costly work stoppages, the
punishment of $10 to $100 for every taxpayer every year for the luxury of
preventing accidental deletions of the MDB files by a few computer users
doesn't seem worth it.  I hate paying that needless premium, so I always
advocate giving delete permissions to the users.  Non-government
organizations are paying the costs for work stoppages as well, and customers
absorb those costs.  As a customer, I'd rather not pay those costs, either.

When was the last time you accidentally deleted an Access database file and
wished you hadn't been given delete permissions on that directory as the
only solution to the problem?  Never?  You -- and the rest of us -- have
alternative solutions to accidental deletions, rather than prohibiting
delete permissions.

HTH.
Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips and tutorials.
Blogs: www.DataDevilDog.BlogSpot.com, www.DatabaseTips.BlogSpot.com
http://www.Access.QBuilt.com/html/expert_contributors2.html for contact
info.

Show quote

Hide quote

That's bad management, and the solution is not to provide users with
DELETE permission, but to fix the management problem.

I think you're pulling it out of your ass. I've got an app that's
been running since 1998 on servers with no delete permission (5-15
simultaneous users), and it's never caused any problems itself.

Now, there have been cases where the LDB file needed to be manually
deleted, but that was not caused by not giving users delete
permission, but by other issues entirely.

But then you expose the data file to the possibility of accidental
deletion. Given that I'm experienced in running this kind of
scenario and have never seen any problems from it, it seems to me
that it is without cost.

Well, I respectfully disagree.

And you are discussing something different -- you said categorically
that DELETE permission was required. I said it wasn't.

Now you're arguing not that it is required, only that it is
desirable. On that we disagree.

On whether or not it is required, you would be wrong to claim that
it is.

Legal Timestamp in MS Access 2003
Shortcut target path
Workgroup not switching
Password setup showing hisotry of records changed
How can I inhibit the security warning when starting Access with a Shell command?