[AccessD] Access security integration with NT security groups

Wortz, Charles CWortz at tea.state.tx.us
Wed Mar 19 12:42:00 CST 2003


Network security basically works at the folder level, so whatever
permissions one has applies to all objects in the Access app and any
other apps in the folder.  If you want to use NT security at a finer
granularity, then you need SQL Server.

Charles Wortz
Software Development Division
Texas Education Agency
1701 N. Congress Ave
Austin, TX 78701-1494
512-463-9493
CWortz at tea.state.tx.us



-----Original Message-----
From: Porter, Mark [mailto:MPorter at acsalaska.com] 
Sent: Wednesday 2003 Mar 19 12:27
To: 'accessd at databaseadvisors.com'
Subject: RE: [AccessD] Access security integration with NT security
groups


Thanks for the response Charles.  I guess I worded my question
incorrectly.


I do realize that Access security does not integrate directly with NT
security, and I do assign my permissions by group.  Doing this purely
with Access security would just be too easy, and is sparking some ideas
:)

I'm looking to accomplish 1) centralized Access application security by
the network admins and 2) remove the need for a logon by the users for
Access.

The vision I have is for the Network Admin to simply have to add users
to the NT group.  When the Access app is opened by a user, the user is
authenticated through code (their NT groups are evaluated), and are
given access based on these NT group associations.  

The Administrator would not have to individually add personnel to each
Access app, and the users would not have to have a separate logons for
each app.  

For this app and environment it's a no-brainer, I'll do straight Access
security.  They have 25 static users, 3 user groups and only one Access
app. However I've been in environments with dozens of secured Access
apps across the enterprise (and each user may use 5 or more) where this
type of security schema would be very handy.

Doable?  Feasible?  Any ideas on how to implement?

Mark


-----Original Message-----
From: Wortz, Charles [mailto:CWortz at tea.state.tx.us]
Sent: Wednesday, March 19, 2003 4:18 AM
To: accessd at databaseadvisors.com
Subject: RE: [AccessD] Access security integration with NT security
groups


Mark,

Access does not use NT Security, it has its own security.  Access
security came into being long before M$ developed WinNT and WinNT
Security.  It would be nice if a future version of Access did allow
integration with NT Security, or whatever version of Windows Security is
in place then.

If you read the Access Security FAQ 
http://support.microsoft.com/default.aspx?scid=%2Fsupport%2Faccess%2Fcon
tent%2Fsecfaq%2Easp (watch for line wrap)
you will see it is recommended that you set up security for groups and
then assign individuals to groups.  Thus you, or whoever you appoint as
security administrator of the application, only has to add and delete
individuals from groups.

Charles Wortz
Software Development Division
Texas Education Agency
1701 N. Congress Ave
Austin, TX 78701-1494
512-463-9493
CWortz at tea.state.tx.us



-----Original Message-----
From: Porter, Mark [mailto:MPorter at acsalaska.com] 
Sent: Tuesday 2003 Mar 18 16:40
To: 'accessd at databaseadvisors.com'
Subject: [AccessD] Access security integration with NT security groups


An old client would like to secure their mdb and I'm wondering how easy
it would be to integrate Access security with NT security (ala SQL
Server). I'd like to focus on security groups, not individuals.

Does anyone have experience with this and can point me in the right
direction?  Or is it more trouble than it's worth?

(Win2k server, Win2K Pro desktops and Access 2000 mdb files.)

Thanks,

Mark Porter



More information about the AccessD mailing list