|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Why can't I delete a user?I have just used the User-Level Security Wizard for the first time in Access
2000 and rapidly realised that this is not a trivial topic (as evidenced by the 47 numbered sections in the MS Access Security FAQ!). My first surprise was that it was not just the MDB file that I processed via the Wizard that was affected. Now I have to logon to every one of my Access databases, but I guess I can live with that if it is unavoidable. I initially created some users before I found out that there is a 14-character limit. I now want to delete these users and recreate them using a more compact format. My problem is that the Wizard has greyed out the 'Delete User from List' button, even though I have logged on as Administrator. The FAQ does not seem to address this issue. So how do I delete a user? "David Anderson" <DavidAnder***@discussions.microsoft.com> wrote in message news:718EC3DB-8EEF-47E3-8D96-30D6C5D34B69@microsoft.com... The wizard is flawed in 2000, so you should secure it manually.>I have just used the User-Level Security Wizard for the first time in Access > 2000 and rapidly realised that this is not a trivial topic (as evidenced by > the 47 numbered sections in the MS Access Security FAQ!). > My first surprise was that it was not just the MDB file that I processed via Every session of Access uses a mdw file. By default, it uses system.mdw out of the box. The wizard decided that your new secure mdw should be set as the default. Use Start, Run, wrkgadm.exe and you'll see the path to the current default mdw. Click on Join, and rejoin the standard system.mdw that ships with Access (search for it first, so you know where it is)> the Wizard that was affected. Now I have to logon to every one of my Access > databases, but I guess I can live with that if it is unavoidable. > I initially created some users before I found out that there is a You need to select the user first, and then Delete User. You may be trying to delete the 'Admin' user, which isn't possible.> 14-character limit. I now want to delete these users and recreate them using > a more compact format. My problem is that the Wizard has greyed out the > 'Delete User from List' button, even though I have logged on as > Administrator. The FAQ does not seem to address this issue. -- Joan Wild Microsoft Access MVP Thanks for your assistance, Joan. I'll try to change the default mdw as per
your instructions. However, I'm still stuck on the user deletion issue. As I said in my original post, I was trying to delete users I had created myself (in a previous User-Level Security Wizard session), not standard users such as Admin. Each user name I was trying to delete was indeed selected at the time, but the 'Delete User from List' button was greyed out. I exited Access and tried again more than once but it was the same every time. The only users I have ever been able to delete were ones I had just created in the current Wizard session. What else might I be doing wrong? David Show quote "Joan Wild" wrote: > "David Anderson" <DavidAnder***@discussions.microsoft.com> wrote in message news:718EC3DB-8EEF-47E3-8D96-30D6C5D34B69@microsoft.com... > >I have just used the User-Level Security Wizard for the first time in Access > > 2000 and rapidly realised that this is not a trivial topic (as evidenced by > > the 47 numbered sections in the MS Access Security FAQ!). > > The wizard is flawed in 2000, so you should secure it manually. > > > My first surprise was that it was not just the MDB file that I processed via > > the Wizard that was affected. Now I have to logon to every one of my Access > > databases, but I guess I can live with that if it is unavoidable. > > Every session of Access uses a mdw file. By default, it uses system.mdw out of the box. The wizard decided that your new secure mdw should be set as the default. Use Start, Run, wrkgadm.exe and you'll see the path to the current default mdw. Click on Join, and rejoin the standard system.mdw that ships with Access (search for it first, so you know where it is) > > > I initially created some users before I found out that there is a > > 14-character limit. I now want to delete these users and recreate them using > > a more compact format. My problem is that the Wizard has greyed out the > > 'Delete User from List' button, even though I have logged on as > > Administrator. The FAQ does not seem to address this issue. > > You need to select the user first, and then Delete User. You may be trying to delete the 'Admin' user, which isn't possible. > > > -- > Joan Wild > Microsoft Access MVP > Are you logging in as a member of the Admins Group?
-- Joan Wild Microsoft Access MVP Show quote "David Anderson" <DavidAnder***@discussions.microsoft.com> wrote in message news:9328BEDF-FF8A-40B5-8A12-7DEE7A84DCDC@microsoft.com... > Thanks for your assistance, Joan. I'll try to change the default mdw as per > your instructions. However, I'm still stuck on the user deletion issue. As I > said in my original post, I was trying to delete users I had created myself > (in a previous User-Level Security Wizard session), not standard users such > as Admin. Each user name I was trying to delete was indeed selected at the > time, but the 'Delete User from List' button was greyed out. I exited Access > and tried again more than once but it was the same every time. The only users > I have ever been able to delete were ones I had just created in the current > Wizard session. > > What else might I be doing wrong? > > David > > > "Joan Wild" wrote: > >> "David Anderson" <DavidAnder***@discussions.microsoft.com> wrote in message news:718EC3DB-8EEF-47E3-8D96-30D6C5D34B69@microsoft.com... >> >I have just used the User-Level Security Wizard for the first time in Access >> > 2000 and rapidly realised that this is not a trivial topic (as evidenced by >> > the 47 numbered sections in the MS Access Security FAQ!). >> >> The wizard is flawed in 2000, so you should secure it manually. >> >> > My first surprise was that it was not just the MDB file that I processed via >> > the Wizard that was affected. Now I have to logon to every one of my Access >> > databases, but I guess I can live with that if it is unavoidable. >> >> Every session of Access uses a mdw file. By default, it uses system.mdw out of the box. The wizard decided that your new secure mdw should be set as the default. Use Start, Run, wrkgadm.exe and you'll see the path to the current default mdw. Click on Join, and rejoin the standard system.mdw that ships with Access (search for it first, so you know where it is) >> >> > I initially created some users before I found out that there is a >> > 14-character limit. I now want to delete these users and recreate them using >> > a more compact format. My problem is that the Wizard has greyed out the >> > 'Delete User from List' button, even though I have logged on as >> > Administrator. The FAQ does not seem to address this issue. >> >> You need to select the user first, and then Delete User. You may be trying to delete the 'Admin' user, which isn't possible. >> >> >> -- >> Joan Wild >> Microsoft Access MVP >> I am logging on as Administrator and my 'One-Step Security Wizard Report'
tells me that Administrator is a member of the Admins group, so the answer to your question is yes. I also tried logging on as Admin, but the result was just the same. David Show quote "Joan Wild" wrote: > Are you logging in as a member of the Admins Group? > > -- > Joan Wild > Microsoft Access MVP I'm at a loss, based on what you've told us. You should be able to delete a user.
-- Joan Wild Microsoft Access MVP Show quote "David Anderson" <DavidAnder***@discussions.microsoft.com> wrote in message news:1653CD4E-A131-4C42-A95A-9B8500762622@microsoft.com... >I am logging on as Administrator and my 'One-Step Security Wizard Report' > tells me that Administrator is a member of the Admins group, so the answer to > your question is yes. I also tried logging on as Admin, but the result was > just the same. > > David > > > "Joan Wild" wrote: > >> Are you logging in as a member of the Admins Group? >> >> -- >> Joan Wild >> Microsoft Access MVP Joan,
I have taken your advice to 'rejoin' the standard system.mdw file so that my unsecured apps no longer ask for a password. However, my secured database now gives me an error message instead of the logon screen. I checked Section 19 of the Security FAQ ('How do I work with a security-enabled application and an unsecured application at the same time?'), which seems to address this issue, but was unable to implement the suggested solution. The FAQ tells me to create a desktop shortcut for my secured Access 2000 application, with something like the following "directly on the command line of the icon". c:\msoffice\access\msaccess.exe /wrkgrp c:\myapp\secacc.mdw I have tried creating a shortcut, where the "Target" field of the Properties box contains my version of the above command, but as soon as I try to save it I get a 'The name .... specified in the Target box is not valid' error. There is nothing called a command line in the shortcut properties box. Have I misunderstood something? David "Joan Wild" <jwild@nospamtyenet.com> wrote in message The wizard is flawed in 2000, so you should secure it manually.news:uwkz0VDEIHA.4228@TK2MSFTNGP02.phx.gbl... "David Anderson" <DavidAnder***@discussions.microsoft.com> wrote in message news:718EC3DB-8EEF-47E3-8D96-30D6C5D34B69@microsoft.com... >I have just used the User-Level Security Wizard for the first time in >Access > 2000 and rapidly realised that this is not a trivial topic (as evidenced > by > the 47 numbered sections in the MS Access Security FAQ!). > My first surprise was that it was not just the MDB file that I processed Every session of Access uses a mdw file. By default, it uses system.mdw out > via > the Wizard that was affected. Now I have to logon to every one of my > Access > databases, but I guess I can live with that if it is unavoidable. of the box. The wizard decided that your new secure mdw should be set as the default. Use Start, Run, wrkgadm.exe and you'll see the path to the current default mdw. Click on Join, and rejoin the standard system.mdw that ships with Access (search for it first, so you know where it is) > I initially created some users before I found out that there is a You need to select the user first, and then Delete User. You may be trying > 14-character limit. I now want to delete these users and recreate them > using > a more compact format. My problem is that the Wizard has greyed out the > 'Delete User from List' button, even though I have logged on as > Administrator. The FAQ does not seem to address this issue. to delete the 'Admin' user, which isn't possible. -- Joan Wild Microsoft Access MVP The target of the shortcut would have the following in it (your sample seems odd to me - i.e. the path to msaccess.exe)
"path to msaccess.exe" /wrkgrp "path to secure mdw" If you want to open a specific database then use: "path to msaccess.exe" "path to secure mdb" /wrkgrp "path to secure.mdw" Do a search for msaccess.exe to ensure you get the correct path; and also enclose the path in double quotes, as above; they are needed when any path has spaces in it. -- Joan Wild Microsoft Access MVP Show quote "David Anderson" <dcanderso***@hotmail.com> wrote in message news:OUeaTZPEIHA.3332@TK2MSFTNGP04.phx.gbl... > Joan, > I have taken your advice to 'rejoin' the standard system.mdw file so that my > unsecured apps no longer ask for a password. However, my secured database > now gives me an error message instead of the logon screen. I checked Section > 19 of the Security FAQ ('How do I work with a security-enabled application > and an unsecured application at the same time?'), which seems to address > this issue, but was unable to implement the suggested solution. > > The FAQ tells me to create a desktop shortcut for my secured Access 2000 > application, with something like the following "directly on the command line > of the icon". > > c:\msoffice\access\msaccess.exe /wrkgrp c:\myapp\secacc.mdw > > I have tried creating a shortcut, where the "Target" field of the Properties > box contains my version of the above command, but as soon as I try to save > it I get a 'The name .... specified in the Target box is not valid' error. > There is nothing called a command line in the shortcut properties box. > > Have I misunderstood something? > > David > > > > > > "Joan Wild" <jwild@nospamtyenet.com> wrote in message > news:uwkz0VDEIHA.4228@TK2MSFTNGP02.phx.gbl... > "David Anderson" <DavidAnder***@discussions.microsoft.com> wrote in message > news:718EC3DB-8EEF-47E3-8D96-30D6C5D34B69@microsoft.com... >>I have just used the User-Level Security Wizard for the first time in >>Access >> 2000 and rapidly realised that this is not a trivial topic (as evidenced >> by >> the 47 numbered sections in the MS Access Security FAQ!). > > The wizard is flawed in 2000, so you should secure it manually. > >> My first surprise was that it was not just the MDB file that I processed >> via >> the Wizard that was affected. Now I have to logon to every one of my >> Access >> databases, but I guess I can live with that if it is unavoidable. > > Every session of Access uses a mdw file. By default, it uses system.mdw out > of the box. The wizard decided that your new secure mdw should be set as > the default. Use Start, Run, wrkgadm.exe and you'll see the path to the > current default mdw. Click on Join, and rejoin the standard system.mdw that > ships with Access (search for it first, so you know where it is) > >> I initially created some users before I found out that there is a >> 14-character limit. I now want to delete these users and recreate them >> using >> a more compact format. My problem is that the Wizard has greyed out the >> 'Delete User from List' button, even though I have logged on as >> Administrator. The FAQ does not seem to address this issue. > > You need to select the user first, and then Delete User. You may be trying > to delete the 'Admin' user, which isn't possible. > > > -- > Joan Wild > Microsoft Access MVP > > Joan,
That wasn't my sample; it was an exact quote from the FAQ. Your sample text solved the problem. I had everything held within one set of double quotes, while your sample made it clear that the /wrkgrp switch had to be outside the quotes. Thanks again for your assistance. David "Joan Wild" <jwild@nospamtyenet.com> wrote in message The target of the shortcut would have the following in it (your sample seems news:%23ELzYePEIHA.1208@TK2MSFTNGP05.phx.gbl... odd to me - i.e. the path to msaccess.exe) "path to msaccess.exe" /wrkgrp "path to secure mdw" If you want to open a specific database then use: "path to msaccess.exe" "path to secure mdb" /wrkgrp "path to secure.mdw" Do a search for msaccess.exe to ensure you get the correct path; and also enclose the path in double quotes, as above; they are needed when any path has spaces in it. -- Joan Wild Microsoft Access MVP Show quote "David Anderson" <dcanderso***@hotmail.com> wrote in message news:OUeaTZPEIHA.3332@TK2MSFTNGP04.phx.gbl... > Joan, > I have taken your advice to 'rejoin' the standard system.mdw file so that > my > unsecured apps no longer ask for a password. However, my secured database > now gives me an error message instead of the logon screen. I checked > Section > 19 of the Security FAQ ('How do I work with a security-enabled application > and an unsecured application at the same time?'), which seems to address > this issue, but was unable to implement the suggested solution. > > The FAQ tells me to create a desktop shortcut for my secured Access 2000 > application, with something like the following "directly on the command > line > of the icon". > > c:\msoffice\access\msaccess.exe /wrkgrp c:\myapp\secacc.mdw > > I have tried creating a shortcut, where the "Target" field of the > Properties > box contains my version of the above command, but as soon as I try to save > it I get a 'The name .... specified in the Target box is not valid' error. > There is nothing called a command line in the shortcut properties box. > > Have I misunderstood something? > > David > > > > > > "Joan Wild" <jwild@nospamtyenet.com> wrote in message > news:uwkz0VDEIHA.4228@TK2MSFTNGP02.phx.gbl... > "David Anderson" <DavidAnder***@discussions.microsoft.com> wrote in > message > news:718EC3DB-8EEF-47E3-8D96-30D6C5D34B69@microsoft.com... >>I have just used the User-Level Security Wizard for the first time in >>Access >> 2000 and rapidly realised that this is not a trivial topic (as evidenced >> by >> the 47 numbered sections in the MS Access Security FAQ!). > > The wizard is flawed in 2000, so you should secure it manually. > >> My first surprise was that it was not just the MDB file that I processed >> via >> the Wizard that was affected. Now I have to logon to every one of my >> Access >> databases, but I guess I can live with that if it is unavoidable. > > Every session of Access uses a mdw file. By default, it uses system.mdw > out > of the box. The wizard decided that your new secure mdw should be set as > the default. Use Start, Run, wrkgadm.exe and you'll see the path to the > current default mdw. Click on Join, and rejoin the standard system.mdw > that > ships with Access (search for it first, so you know where it is) > >> I initially created some users before I found out that there is a >> 14-character limit. I now want to delete these users and recreate them >> using >> a more compact format. My problem is that the Wizard has greyed out the >> 'Delete User from List' button, even though I have logged on as >> Administrator. The FAQ does not seem to address this issue. > > You need to select the user first, and then Delete User. You may be > trying > to delete the 'Admin' user, which isn't possible. > > > -- > Joan Wild > Microsoft Access MVP > > I think the quotes are necessary if there are spaces in any of the folder or
file names in the path. Jack MacDonald's paper has a detailed description of how to use various types of shortcuts. http://www.geocities.com/jacksonmacd/ Click on the "Security paper by Jack MacDonald" link; I used the link above because the page contains an assortment of other useful links. Joan's page has a similar collection of links, as I recall. Many of the others do, too. Show quote "David Anderson" <dcanderso***@hotmail.com> wrote in message news:OyTYTzPEIHA.5976@TK2MSFTNGP02.phx.gbl... > Joan, > That wasn't my sample; it was an exact quote from the FAQ. > > Your sample text solved the problem. I had everything held within one set > of double quotes, while your sample made it clear that the /wrkgrp switch > had to be outside the quotes. > > Thanks again for your assistance. > > David > > > > > "Joan Wild" <jwild@nospamtyenet.com> wrote in message > news:%23ELzYePEIHA.1208@TK2MSFTNGP05.phx.gbl... > The target of the shortcut would have the following in it (your sample > seems odd to me - i.e. the path to msaccess.exe) > "path to msaccess.exe" /wrkgrp "path to secure mdw" > > If you want to open a specific database then use: > "path to msaccess.exe" "path to secure mdb" /wrkgrp "path to secure.mdw" > > Do a search for msaccess.exe to ensure you get the correct path; and also > enclose the path in double quotes, as above; they are needed when any path > has spaces in it. > -- > Joan Wild > Microsoft Access MVP > "David Anderson" <dcanderso***@hotmail.com> wrote in message > news:OUeaTZPEIHA.3332@TK2MSFTNGP04.phx.gbl... >> Joan, >> I have taken your advice to 'rejoin' the standard system.mdw file so that >> my >> unsecured apps no longer ask for a password. However, my secured database >> now gives me an error message instead of the logon screen. I checked >> Section >> 19 of the Security FAQ ('How do I work with a security-enabled >> application >> and an unsecured application at the same time?'), which seems to address >> this issue, but was unable to implement the suggested solution. >> >> The FAQ tells me to create a desktop shortcut for my secured Access 2000 >> application, with something like the following "directly on the command >> line >> of the icon". >> >> c:\msoffice\access\msaccess.exe /wrkgrp c:\myapp\secacc.mdw >> >> I have tried creating a shortcut, where the "Target" field of the >> Properties >> box contains my version of the above command, but as soon as I try to >> save >> it I get a 'The name .... specified in the Target box is not valid' >> error. >> There is nothing called a command line in the shortcut properties box. >> >> Have I misunderstood something? >> >> David >> >> >> >> >> >> "Joan Wild" <jwild@nospamtyenet.com> wrote in message >> news:uwkz0VDEIHA.4228@TK2MSFTNGP02.phx.gbl... >> "David Anderson" <DavidAnder***@discussions.microsoft.com> wrote in >> message >> news:718EC3DB-8EEF-47E3-8D96-30D6C5D34B69@microsoft.com... >>>I have just used the User-Level Security Wizard for the first time in >>>Access >>> 2000 and rapidly realised that this is not a trivial topic (as evidenced >>> by >>> the 47 numbered sections in the MS Access Security FAQ!). >> >> The wizard is flawed in 2000, so you should secure it manually. >> >>> My first surprise was that it was not just the MDB file that I processed >>> via >>> the Wizard that was affected. Now I have to logon to every one of my >>> Access >>> databases, but I guess I can live with that if it is unavoidable. >> >> Every session of Access uses a mdw file. By default, it uses system.mdw >> out >> of the box. The wizard decided that your new secure mdw should be set as >> the default. Use Start, Run, wrkgadm.exe and you'll see the path to the >> current default mdw. Click on Join, and rejoin the standard system.mdw >> that >> ships with Access (search for it first, so you know where it is) >> >>> I initially created some users before I found out that there is a >>> 14-character limit. I now want to delete these users and recreate them >>> using >>> a more compact format. My problem is that the Wizard has greyed out the >>> 'Delete User from List' button, even though I have logged on as >>> Administrator. The FAQ does not seem to address this issue. >> >> You need to select the user first, and then Delete User. You may be >> trying >> to delete the 'Admin' user, which isn't possible. >> >> >> -- >> Joan Wild >> Microsoft Access MVP >> >> > > Joan,
I would appreciate it if you would expand a little on the flaws of the User-Level Security Wizard in Access 2000. I have already used the wizard to secure my database. Are there some good reasons why I should now unsecure this database and then resecure it manually? My only problem so far has been the inability to delete an existing user. David BTW, If necessary, I would use the helpful procedures you have put on your website for unsecuring a database and securing it manually. Thanks for those. "Joan Wild" <jwild@nospamtyenet.com> wrote in message The wizard is flawed in 2000, so you should secure it manually.news:uwkz0VDEIHA.4228@TK2MSFTNGP02.phx.gbl... "David Anderson" <DavidAnder***@discussions.microsoft.com> wrote in message news:718EC3DB-8EEF-47E3-8D96-30D6C5D34B69@microsoft.com... >I have just used the User-Level Security Wizard for the first time in >Access > 2000 and rapidly realised that this is not a trivial topic (as evidenced > by > the 47 numbered sections in the MS Access Security FAQ!). The open permissions are not removed from the Users Group, even they appear to be.
The wizard (actually any wizard) doesn't do anything that you can't do yourself; it only saves a bit of time. You might also want to study the security FAQ: http://support.microsoft.com/?id 7793 -- Joan Wild Microsoft Access MVP Show quote "David Anderson" <PLSdcanderson88@REMOVEhotmail.FIRSTcom> wrote in message news:uVCyNjlEIHA.3980@TK2MSFTNGP03.phx.gbl... > Joan, > I would appreciate it if you would expand a little on the flaws of the > User-Level Security Wizard in Access 2000. I have already used the wizard to > secure my database. Are there some good reasons why I should now unsecure > this database and then resecure it manually? My only problem so far has been > the inability to delete an existing user. > > David > > BTW, If necessary, I would use the helpful procedures you have put on your > website for unsecuring a database and securing it manually. Thanks for > those. > > > > "Joan Wild" <jwild@nospamtyenet.com> wrote in message > news:uwkz0VDEIHA.4228@TK2MSFTNGP02.phx.gbl... > "David Anderson" <DavidAnder***@discussions.microsoft.com> wrote in message > news:718EC3DB-8EEF-47E3-8D96-30D6C5D34B69@microsoft.com... >>I have just used the User-Level Security Wizard for the first time in >>Access >> 2000 and rapidly realised that this is not a trivial topic (as evidenced >> by >> the 47 numbered sections in the MS Access Security FAQ!). > > The wizard is flawed in 2000, so you should secure it manually. > >  |
|||||||||||||||||||||||
Other interesting topics