So I do a simple fe/be. Put the BE on the server. Does it do any good to make the BE an .mde? Are there any things to be done to try and make the BE secure so that only the calling front end can open, get in it, etc. In an idea world only the calling FE could get to any of the data.

fyi- I really don't want to use any of the built in Access security...

???
ken

Never make the Back End on the Server an mde file - it can not be modified.

There is nothing but Data on the Server no Forms or Reports

This forum contains a number of threads regarding security, my personal view is to secure the frontiers first and then consider your options. Backups are essential, put a copy of the Front End up on the Server so that too gets backed up.

Simon

Never make the Back End on the Server an mde file - it can not be modified.

But that's kind of the idea, isn't it?

Being a bit more specific, if I have set the database password on the BE, is there a way to include this password when I connect (or reconnect) to it? I was thinking there may be a way to include the password as an additional argument in the following line of code that I use to connect:

tbfCurrent.Connect = ";database=" & strDBLocation

???
ken

I'm sorry I can't help with the actual database security. Don't think that I'm being lax but this site has a web presence and my primary concern is to make the environment secure from a threat from the outside.

There a point where personally, you have to trust your users and there have been times where users access the monthly backups to determine when an event occurred. This is probably not the best approach.

Simon

Ken I just found this thread while looking for info on an always open form to speed up fe/be performance. Looks interesting
Cheers Barry

http://www.access-programmers.co.uk/forums/showthread.php?t=44008&highlight=front+back

Never make the Back End on the Server an mde file - it can not be modified.


Just an FYI - users (if they have a full version of Access) CAN MODIFY the TABLES and QUERIES in an MDE file. Yes, I'll say it again. You can modify tables and queries in an mde file.

So, making a BE an mde won't do a thing for you because the tables could still be modified and there shouldn't be anything to compile (no forms, reports, or code) anyway.

Thanks Barry - Looks like I'll have to do a version of what Treason did...

Much obliged :)

Ken

Thanks Simon and Bob...

I didn't think of trying to modifiy a mde's tables...

What do you think of Treasons approach?

:)
ken

ah...

So here is the deal so far; If you password protect a BE .mdb (with tools->security->set database password), and then manually link to one of it's tables from a separate FE .mdb, Access will prompt you for the password once. From then on with that FE you will not have to enter the BE password.

My issue was that I was trying to establish a new link to the password protected BE with code. The code would run but the link would fail.

So... All I was missing was the ';PWD=password' part in my connection string:

tbfCurrent.Connect = ";PWD=password;database=" & strDBLocation

(In this example 'password' is my password)

This will accommodate 90% of my issues:
1. You cannot get into the BE with out the password
2. You cannot link into the BE from a third party .mdb

The only major issue I can think of now is if a user deletes or moves the BE file from the server. And of course an astute hacker could hack the db password but I can't do anything about that...:)

Thanks for the input,
:)
ken