Advice For Security & Question On Built In Access Security
Mar 26, 2007
I've read and gone though quite a few of the scrips and examples for creating logins and security and i'm getting to the stage when i need to have good understanding of the different methods.
Some of the examples whilst create a user login do not really allow for security within the database whilst the build in security wizard would appear to offer that functionality.
I am thinking that I will use the Workgroup file and that method. My question is am i able to utilise the fact that if a person 'AdamA' logs onto the database which is built into the workgroup security file. am I then able to take 'AdamA' to populate a table which records actions by a user? (I can't seem to find any thread or book reference to doing this)
View Replies
ADVERTISEMENT
Jan 20, 2008
Some advice would be appreciated. There seems to be a minefiled of papers, some conflicting, on Access security. I have a standalone access database which I need to protect. I do not want users getting access to anything other than whats on the switchboard. I have disabled the shift key bypass and all menus that can be disabled in the start up options. It seems secure to me now. Can it still be bypassed? Should I be setting passwords etc?
View 1 Replies
View Related
Feb 7, 2006
Hi :)
I'm currently in the process of testing security before shipping my database off. I have read the access security faq, but I'm not sure which option to go for. The main factor that makes me doubt, is that the db will be sent to locations that I will not be able to physically get to myself. I am hoping that some of you have some experience on dealing with remote installations of your databases.
Option 1:
Use one workgroup file
make a user_admin user which is NOT member of the admins group
rename the workgroup file to an mdb, open it and give the user_admin permissions to edit the user and group table
The problem with this approach is that the user_admin can assign any user to the admins group, which basically defeats the whole purpose of this option really.
Option 2:
Use two workgroup files (development/securing and distribution)
make the user_admin a member of the Admins group in the distribution file
As the Admins group is different in the distribution workgroup file, it is impossible to change any database object. The only problem is if something were to go wrong (which I think is highly unlikely :D ) it might be good to be able to manually walk the user through fixing the problem, and to do that it is likely that some database object needs changing, therefore needing an admin login...
comments or suggestions welcome :)
Thanks again :)
View 2 Replies
View Related
Apr 26, 2005
I am new to databases so please bare with me on my question.
Question:
I have two Access databases (db1 and db2). Db1 needs information from certain Db2 fields (i.e. first name, last name). So I created a link table to Db2. I also created a query with the fields that is needed but I want to restrict access to the other fields in Db2 so that the user only has access to certain fields in Db2 such as the first and last name. Is there a way to set security to fields only and restrict the user to have access to those fields? If so, would this prevent them from editing the query that I created and adding those restricted fields?
Thank you,
BishopZ
View 3 Replies
View Related
Jun 8, 2005
I have been successfully using, updating, and programming our Access mailing database for 5 years now. I have made a number of changes over the years to help it run more smoothly. Up until very recently, we were operating Access 2000 on an old computer using the Win98 OS. Guided by the Microsoft Access Security UberFAQ, I had set up user and group permissions such that regular users (my staff of about 8 people) could search, view, and print addresses, labels, and both Access and Word reports connected with the database, but could not make any significant changes to it. A user who was a member of the Admins group (user “Jen”, i.e. me!)) could basically change anything on the database; primarily I updated the addresses, instructions, and forms to maintain accuracy and improve the effectiveness of the system.
In order to insure against any computer crashes and to enable the ‘re-constituting’ of the database in the event we obtained a new computer, we backed-up all the database files onto the TSM backup system on the Mniversity mainframe.
After a long period of nursing along our old computer, my boss provided me with the funds to purchase a new one, which I did. The new system runs WinXP Pro, and is much faster and less prone to seizing. When we set up the new computer I restored the contents of the old computer onto a separate partition on the hard drive, and then copied all the database stuff onto its own little partition on the hard drive. As I expected, I had lost all the security settings in the restore – I had restored the database once before when we had to have the hard drive on our old computer re-imaged, so I knew what would happen. However, instead of resetting to a sort of neutral state in which the “Admin” user could do everything and I could start rebuilding the security from scratch (a lengthy but do-able process), I found myself in a very different situation.
When I open the mailing database, the system:
·does not ask for a password;
·automatically assumes I’m the “Admin” user;
When I open the Tools>Security>User & Group Accounts dialogue box, I discover that the “Admin” user is the only user and is a member of both the Admins and Users groups.
However, when I open the Tools>Security>User & Group Permissions dialogue box, I discover:
·the system will allow the “Admin” user (the only user on the system, now) to view the “Admin” user’s permissions;
·the system will not allow the “Admin” user to change the “Admin” user’s permissions because the “Admin” user does not have Administer permission;
·the “Admin” user is not allowed even to view the permissions of the Groups;
·The “Admin” user has no permissions checked;
·Given that a user’s permissions are the least restrictive of all the groups he/she belongs to, I think that means that the Admins group probably has nothing checked at all (but I can’t find out);
·The owner of all the database items (forms, reports, etc) is set to <Unknown>;
What this means in effect is that I can view the forms, I can view & print the reports so long as they are Access reports, and I can view and print the labels, but I cannot use Access to access (sorry for the pun) the Word reports which up until now have always worked just fine. I can get at the Word reports by manually finding them via the Windows folder system and opening them directly with Word. I cannot Read-Design or format anything. When I print the labels, the formatting is slightly off – it’s as though the system thinks the labels are just slightly vertically larger than they were, so every so often I have to pause printing and re-align the tractor feed to the top of a label, but this may be a result of the interaction of our OS upgrade from Win 98 to Win XP pro with our dot matrix label printer (cheap & effective!). I can’t check the label dimensions because (of course) as the “Admin” user, I have no permissions (grrrrr!). Perhaps most problematically, I cannot update the addresses in the database.
We’ve been limping along with this only-partially-functional-version of the database for about a month and a half now, because I’m also the Reception Supervisor as well as the resident database expert, and I had to train a whole bunch of new staff. We really need to update the database to do our big yearly catalogue mail-out and the University ITS helpdesk doesn’t have anyone with enough expertise to solve this problem. I’m hoping someone out here does!
I believe I have all the WIF info from the previously secured version of the database (pre-TSM-restore), as well as the Security Wizard report. I have the entire contents of the old computer hard drive in a separate partition on my new computer. I tried to write down everything that even seemed like it might be relevant/required should I run into a problem like this. I’m good with computers and have taught myself so pretty complex Access programming. However, I am now officially stumped, and I am throwing out this lifeline in hopes that someone can rescue me. Thank you all in advance for any help anyone can give me!
Jennifer Radford Gibson
:confused:
View 2 Replies
View Related
Jul 29, 2005
is there a way to authenticate user using his/her network username
and password..........
i know i could get network user details
help will be appreciated
View 1 Replies
View Related
Nov 23, 2005
AAAAAAAAAAARGH!!!
I have never used it, and have inherited one that does use it.... Now I know why I dont use it.
What is the short and simple explenation on:
How to Create a user + Password
What I am doing now is:
Creating the user (with a blank password) and assign the groups to which the user is to be assigned using the administrator account.
Then exit the DB & enter again using the new user + blank password.
Then Change the password for that user.
There must be something much easier... *sigh*
Greets
The Mailman
View 3 Replies
View Related
Dec 16, 2005
Ok Guys I now I have been exceedingly dumb, but I appear to have activated Access security (All I can think of is when I got into the wizard I clicked Finish instead of cancel) Now I am locked out of my database.
There appears to be a new db set up called security and a backup BAK file.
Is there anyway I can undo my foul up ? can I restore from the bak file? (if I can , how ?)
Any assistance would be greatly appreciated as I am feeling rather stupid at the moment.....
Cheers
View 3 Replies
View Related
May 31, 2006
OK - I have just completed my first Access database for network use. It will be placed on the network presently. I have split it into front end and back end and everything seems to be working fine.
The database contains five major areas. Each has tables, forms, queries, macros and reports. There will be seven user groups. Some have access to everything, some have access to almost everything with read only in the remaining areas and some have read only to some and no access to the rest. My question:
If I wish to give full access to an area, do I have to go through everything in that area (table, forms, queries, macros and reports) to give access or is there an easier way.
If I'm being obtuse, please reccommend come reading.
View 3 Replies
View Related
Aug 18, 2006
I have managed to avoid MS Access security till now! I have seen all the scare stories, and all of the problems people seem to have with it.
So I have been reading up on it within this site, (Is the site crabby today or is it just me?)
From this post (http://www.access-programmers.co.uk/forums/showthread.php?t=93443) I found the following code:
MsgBox "Current User = " & CurrentUser
I ran it in a blank database on my machine and discovered that I am logged in as "Admin". I have always avoided access security, so my assumption is that access security is always running, everyone is automatically logged in as admin, with a blank password Therefore no one needs to enter password.
Is this assumption correct?
That is my first question! there are more....
Cheers Tony
View 7 Replies
View Related
Nov 27, 2006
http://i144.photobucket.com/albums/r190/slifer666/1pic1.jpg
Hi,
I have the above security settings in place for the account shown, this user should only be able to Read the Database, how is it possible that they are able to edit the database?
Any security suggestions will be appreciated
Regards
View 4 Replies
View Related
Jan 18, 2007
Looking at the security process of ms access it seems easy enough to impliment, but as an novice user, I have felt really miserable with it all. Sometimes it ends up that the security.mdm file just dissapears and sometimes my users created are no where to be seen. Please help, i'd really be thankful if someone can put forward the exact procedure of setting up users and permissions in the database.
Thanks
View 12 Replies
View Related
Jan 28, 2005
I plan to implement some form of security to prevent potential vandals or enthusiasts from gaining access to backoffice objects in Access 2000. So far, I am thinking of group/user level security, and/or create a .mde. If any one of these methods would accomplish the task without the other, I would rather use the one.
Do I need both? What do you recommend?
View 1 Replies
View Related
Jan 13, 2005
How do you set up a security code in Access?
I want that everyone can open the DB and make changes in tables and querys. But that they can't change layout of this tables, forms and reports. It must also be impossible to see the VB code and the Macros.
greetings
Koen
View 4 Replies
View Related
Nov 2, 2004
Hi there,
I have a database which I created for usage of all company people. There is a main menu form which directs users to their own log in form with passwords. The users can only access the form.But as administrator, I want to have full access to the database. How can I manage it?
A second problem is I want to take a precaution for people opening the database by using Shift key. I don`t want users to reach the tables or querys apart from the ones I created for them.
Thanks in advance,
Ilkem
View 4 Replies
View Related
Dec 13, 2006
This seems to be a very common and frustrating problem all around, but here is my situation. I have a database that needs to be shared on a network, but it needs to be secured (with different users having different sets of permissions). I naturally tried the access workgroup user level security, however that doesn't secure other computers accessing the same database, so if anyone could help me find another solution, that would be great!
Thanks in advance.
View 2 Replies
View Related
May 14, 2007
I work in a small library. I want to put my catalog on a terminal in the library. My database is in ACCESS. Using only one terminal how do I keep patrons from clicking Start, Programs, going into ACCESS screwing around with may database and the data? Cab anyone tell me? What is the best book to read regarding this topic? Any help appreciated.
Thanks,
Lorenzo
View 1 Replies
View Related
Oct 26, 2011
Is it possible to do this through vba. If security is setup for all the tables and a user goes in and creates a new table, can that table have security applied to it using code?
So maybe the creator of the table has read/write privileges but everyone else only has read only.
View 3 Replies
View Related
Oct 28, 2005
I see Access has security features, such as creating group accounts with varying levels of permissions....This all works great for my computer, as I want an administrator and read-only user accounts. The problem is that these setting seem only to apply to my machine and are not present when the database is accessed from another terminal. Is there any way to attach these security measures to the database itself as opposed to just the local settings on my machine? Thanks.
View 5 Replies
View Related
May 4, 2006
Hi all,
I've recently taken over a database that a collegue of mine was developing and he has disabled certain functions within the database which I can't enable. Specifically, he has disabled the ability to right click over anthing in design view so you can view the list of options available. Does anyone know how I can re-enable this feature?
Best Regards,
Aaron
View 5 Replies
View Related
Jun 21, 2006
Ok, I'm setting up a new frontend for my DB, as it needs to give some different forms etc to a different person using it. I want to link a couple of the tables that are needed, and I get the message 'blah can't open the file. It is either located outside your local intranet or on an untrustworthy site.. blah blah blah.... won't open file because of possible security issues'
This file is located on a mapped network drive on the local network, and it used to open just fine.... any ideas what has happened and how I can turn off this 'feature'?
View 3 Replies
View Related
Jul 26, 2006
This query is in relation to an Access 97 database.
A problem that we are consistently having is that whenever people are using the database under different user names, it only allows one user at a time to use it. So basically if three of us are on it updating files or enquiring on client details, two of us are locked out leaving only one in. Any help in this matter is greatly appreciated.
View 1 Replies
View Related
Sep 3, 2006
I have an MS Access problem which I am hoping someone can help me with.
I have developed an application using MS Access which includes some table house-keeping functions, and distributed this onto a network running Windows XP. The database is held on a data server machine. The database needs to run from two terminals. The users are logged on automatically when their machines boot up.
No matter which machine I distribute the application from, one particular machine always reports an error when I try to add a customer from a form:
The command or action "Save Record" isn't available now
There are no problems with the other forms.
The machine does have write access to the table (we've tried). The form in question accesses the table directly rather than a query. Only one user is using the database.
I have not implemented any security within the database.
Any suggestions?
John
View 3 Replies
View Related
Jan 17, 2007
Hi there,
I recently used the access security wizard to setup user accounts etc.. and now I want to reset and go back to opening all databases without having to use a username & password.
I cant seem to find out how to do this!!
Can anyone help?? :)
View 3 Replies
View Related
Feb 21, 2007
I have a database which i created in 2007 then saved it as a 2000 format. I then placed this file on a network area so that more than one computer can access it.
I have Access 2000 computers able to access it and use it fine, when i have two user using Access 2002 when they try and open it from the network area it says its not a trusted source and i should copy it the desktop and use it.
I don't want to do that becasue then its not on a centraliesd point. Any tips?
Thanks
Stuart
View 3 Replies
View Related
Mar 6, 2007
User-Level Security Is Gone: The new Access 2007 ACCDB file format does not support user-level security. Your knowledge and techniques for user-level security and ways to assign object permissions is not applicable to ACCDB-based applications. Microsoft feels the improved database password (which is no longer stored within the Access data file) provides sufficient database security for most applications. If more comprehensive security is required to protect individual database objects, Microsoft suggests using the ACCDE file format (the replacement for MDEs) to lock up your forms, reports, and code. Even then, however, the ACCDE format provides no specific security on an application's data.
So how can I secure my database? We are about ready to convert to 2007.
View 8 Replies
View Related
