[AccessD] Invalid Password

Drew Wutka DWUTKA at Marlow.com
Tue Oct 6 10:56:54 CDT 2009


Just saw it.  Looks like a good solution.  Just as an FYI, if multiple
people go into this Front end, when the password changes, it will lock
the users out when one person goes in.  (I'm about 90% certain, because
this process will probably require exclusive access to the front
end....)

Drew

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Rocky Smolin
Sent: Tuesday, October 06, 2009 10:23 AM
To: 'Access Developers discussion and problem solving'
Subject: Re: [AccessD] Invalid Password

Drew:

Thanks for the reply.  Did you see A.D.'s solution.  I think that will
work.
They're using 2003 and actually the primary machine is still on A2K
which
causes reference problems.  He's on the IT list for an upgrade.  Has
been
for about 2 years.  

R 

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Drew Wutka
Sent: Tuesday, October 06, 2009 8:00 AM
To: Access Developers discussion and problem solving
Subject: Re: [AccessD] Invalid Password

Sorry for the delay in replying Rocky, but the problem is you are using
a
database password.  That information is being stored in the link
information
(in the table defs), not in the database itself.  So if you change the
password on the backend, you will have to delete the links, recreate
them
with a new password, and probably close and reopen the front end.  That
last
part (closing and reopening the front end), is probably due to Access's
habit of caching credentials.  An example of this, is we use Oracle for
our
Production database.  We have a few Access .mdb's that are used as
reporting
engines, that have linked tables to the Oracle database.  If you open
ONE
table, and put in the correct credentials, you will not be prompted for
any
more tables while the Access database is open.  Access is caching the
credentials. (Or maintaining a link to the Oracle database).  Probably
something very similar is happening with your situation.

A possibly better solution would be to use Access User Level security
(which
will not be an option if you are using the 2007 native format).
If your goal is to prevent unauthorized access to the backend, there are
a
few ways to do this:

Option 1: Implement ULS (User Level Security) on the back end.  By
default,
the login name is Admin (with a blank password).  IF YOU ARE NOT
CONCERNED
about accessing tables in the backend through a linked table, then
simply
create a new 'admin' user (with a different name) and a password.  Leave
the
Admin account permissions the same, however, have some startup code that
just closes the database when it is opened (If the current user is
Admin).
Disable the Bypass startup key.  By doing this, anyone that tries to
just
open the back end will be dumped out immediately.  However, access to
the
tables linked in the FE will not be affected (only users directly
opening
the back end).  Then to open the backend for an admin user, provide them
a
shortcut, that uses your 'new'
.mdw file, to open the backend as a different user.  Now they can change
the
password on that user (which is really changing it in the .mdw) as much
as
they want, and the front end doesn't get affected at all.

Option 2:  Implement ULS on both the front end and the back end
database.
This would provide a higher level of security, but would be more
involved.
You could still prevent a non-admin user from directly opening the
backend
too.  You can also protect various tables from editing, or even viewing
to
non-admin users.

Drew

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Rocky Smolin
Sent: Friday, October 02, 2009 9:41 AM
To: 'Access Developers discussion and problem solving'
Subject: [AccessD] Invalid Password

Dear List:

I have an app FE/BE with the BE password protected.  I prompt for the
password when the front end opens.  Been running fine.

Now the client asks to change the password every month or so, so I show
him
how to open the back end exclusive, unset the password, reset the
password.
That works.

But when I open the front end, give the password, now trying to open one
of
the linked tables gives 'Invalid password' message.  None of the queries
which reference a linked table work - 'invalid password'. 

If I manually delete the links and manually relink it almost works.  If,
after the manual relink, I close and reopen, it works.  

What am I missing here?

 

MTIA,

 

Rocky

 

The information contained in this transmission is intended only for the
person or entity to which it is addressed and may contain II-VI
Proprietary
and/or II-VI Business Sensitive material. If you are not the intended
recipient, please contact the sender immediately and destroy the
material in
its entirety, whether electronic or hard copy. 
You are notified that any review, retransmission, copying, disclosure,
dissemination, or other use of, or taking of any action in reliance upon
this information by persons or entities other than the intended
recipient is
prohibited.


--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com
The information contained in this transmission is intended only for the person or entity 
to which it is addressed and may contain II-VI Proprietary and/or II-VI Business 
Sensitive material. If you are not the intended recipient, please contact the sender 
immediately and destroy the material in its entirety, whether electronic or hard copy. 
You are notified that any review, retransmission, copying, disclosure, dissemination, 
or other use of, or taking of any action in reliance upon this information by persons 
or entities other than the intended recipient is prohibited.





More information about the AccessD mailing list