[AccessD] Database Needs Password Protection

Rocky Smolin rockysmolin at bchacc.com
Mon Apr 26 12:58:23 CDT 2010


Sounds like some serious rewrite of the app - lots of direct access to
tables through DAO.

Rocky


-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Jim Dettman
Sent: Monday, April 26, 2010 10:38 AM
To: 'Access Developers discussion and problem solving'
Subject: Re: [AccessD] Database Needs Password Protection

Rocky,

  Yes, you can do that, but it's a lot of work.  What you need to do is
setup one user (or group) with full access to the tables and take all
ownership of everything. 

 Then create another user (or group) with no access.

 All data access must then occur through queries with the "Run with owner
permissions" set to true.

 Your users can then use the application normally (by using the queries you
defined), but cannot link, import, or open the BE directly and get anything.

 This setup is covered in the security FAQ on Microsoft's web site.

Jim.

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Rocky Smolin
Sent: Monday, April 26, 2010 11:25 AM
To: 'Access Developers discussion and problem solving'
Subject: Re: [AccessD] Database Needs Password Protection

The basic problem is that the user need to be able to access the back end
through the front end but not be able to open the back end directly.  Would
User Level Security provide that capability?

R
 

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Drew Wutka
Sent: Monday, April 26, 2010 8:07 AM
To: Access Developers discussion and problem solving
Subject: Re: [AccessD] Database Needs Password Protection

Access User Level security would be faster and easier, though it may be more
of a learning curve for you.  In a way, it's a lot like NT security (but far
less secure), so it's second nature to me.  

If you would like some details on how to implement it, let me know.

Drew

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Rocky Smolin
Sent: Sunday, April 25, 2010 2:28 PM
To: 'Access Developers discussion and problem solving'
Subject: [AccessD] Database Needs Password Protection

Dear List:

In my manufacturing software users log in with a password that gives them 1)
read only, 2) read write, 3) administrator access.  But the back end is wide
open. So far this has not been a problem.  Everywhere the system is
installed people 'play by the rules'.  

Now comes a client who wants access to the back end restricted.  So I'm
trying to think of way to do that with the least disruption to the system
which BTW supports multiple back ends - the user can open a different back
end through an 'Open a Database' utility.

In the code, of course, I'd have to change all occurrence of 

set db = CurrentDb to 

Set db = DBEngine.OpenDatabase(gstrDB, False, False, ";pwd=" & gstrPWD)


where the password would be in gstrPWD.

Then I would have to add a utility accessible only by someone with admin
rights, to 1) set, 2) remove, and 3) change the password on the currently
linked back end.  Don't know what that code looks like but I suppose I can
figure it out.

Question is - is this the shortest distance between the two points?  Or is
there another approach which would be faster/better/easier?

 

MTIA

Rocky Smolin

Beach Access Software

858-259-4334

www.e-z-mrp.com <http://www.e-z-mrp.com/> 

www.bchacc.com <http://www.bchacc.com/> 

 

 

 

The information contained in this transmission is intended only for the
person or entity to which it is addressed and may contain II-VI Proprietary
and/or II-VI Business Sensitive material. If you are not the intended
recipient, please contact the sender immediately and destroy the material in
its entirety, whether electronic or hard copy. 
You are notified that any review, retransmission, copying, disclosure,
dissemination, or other use of, or taking of any action in reliance upon
this information by persons or entities other than the intended recipient is
prohibited.


--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com




More information about the AccessD mailing list