Stuart McLachlan
stuart at lexacorp.com.pg
Wed Mar 19 17:28:01 CST 2003
I have "futzed" it in the past by using folders :-) Set up a series of sub-folders below your application directory, each one containing a simple text file. Apply group rights to each folder. In Access, try to read the file in each folder. If you can, you are a member of the group. You can then use that information to control access to various parts of your access application. > Network security basically works at the folder level, so whatever > permissions one has applies to all objects in the Access app and any > other apps in the folder. If you want to use NT security at a finer > granularity, then you need SQL Server. > > Charles Wortz > Software Development Division > Texas Education Agency > 1701 N. Congress Ave > Austin, TX 78701-1494 > 512-463-9493 > CWortz at tea.state.tx.us > > > > -----Original Message----- > From: Porter, Mark [mailto:MPorter at acsalaska.com] > Sent: Wednesday 2003 Mar 19 12:27 > To: 'accessd at databaseadvisors.com' > Subject: RE: [AccessD] Access security integration with NT security > groups > > > Thanks for the response Charles. I guess I worded my question > incorrectly. > > > I do realize that Access security does not integrate directly with NT > security, and I do assign my permissions by group. Doing this purely > with Access security would just be too easy, and is sparking some ideas > :) > > I'm looking to accomplish 1) centralized Access application security by > the network admins and 2) remove the need for a logon by the users for > Access. > > The vision I have is for the Network Admin to simply have to add users > to the NT group. When the Access app is opened by a user, the user is > authenticated through code (their NT groups are evaluated), and are > given access based on these NT group associations. > > The Administrator would not have to individually add personnel to each > Access app, and the users would not have to have a separate logons for > each app. > > For this app and environment it's a no-brainer, I'll do straight Access > security. They have 25 static users, 3 user groups and only one Access > app. However I've been in environments with dozens of secured Access > apps across the enterprise (and each user may use 5 or more) where this > type of security schema would be very handy. > > Doable? Feasible? Any ideas on how to implement? > > Mark > > > -----Original Message----- > From: Wortz, Charles [mailto:CWortz at tea.state.tx.us] > Sent: Wednesday, March 19, 2003 4:18 AM > To: accessd at databaseadvisors.com > Subject: RE: [AccessD] Access security integration with NT security > groups > > > Mark, > > Access does not use NT Security, it has its own security. Access > security came into being long before M$ developed WinNT and WinNT > Security. It would be nice if a future version of Access did allow > integration with NT Security, or whatever version of Windows Security is > in place then. > > If you read the Access Security FAQ > http://support.microsoft.com/default.aspx?scid=%2Fsupport%2Faccess%2Fcon > tent%2Fsecfaq%2Easp (watch for line wrap) > you will see it is recommended that you set up security for groups and > then assign individuals to groups. Thus you, or whoever you appoint as > security administrator of the application, only has to add and delete > individuals from groups. > > Charles Wortz > Software Development Division > Texas Education Agency > 1701 N. Congress Ave > Austin, TX 78701-1494 > 512-463-9493 > CWortz at tea.state.tx.us > > > > -----Original Message----- > From: Porter, Mark [mailto:MPorter at acsalaska.com] > Sent: Tuesday 2003 Mar 18 16:40 > To: 'accessd at databaseadvisors.com' > Subject: [AccessD] Access security integration with NT security groups > > > An old client would like to secure their mdb and I'm wondering how easy > it would be to integrate Access security with NT security (ala SQL > Server). I'd like to focus on security groups, not individuals. > > Does anyone have experience with this and can point me in the right > direction? Or is it more trouble than it's worth? > > (Win2k server, Win2K Pro desktops and Access 2000 mdb files.) > > Thanks, > > Mark Porter > _______________________________________________ > AccessD mailing list > AccessD at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/accessd > Website: http://www.databaseadvisors.com -- Lexacorp Ltd http://www.lexacorp.com.pg Information Technology Consultancy, Software Development,System Support.