Search results

That's why Windows Authentication with no service accounts is the preferred method for connecting to SQL Server, Oracle, PostgreSQL, and other db servers. If you can't pinpoint the culprit, then you have to detain all users and hang them upside down by their toe nails until someone confesses.

You can grant them DBA privileges and the db will still be safe because none of the authorized users would know how to, or would dare mess around with something they're not supposed to touch. The db audit log would reveal who did what, when, and they would lose their jobs and face criminal charges.

Well, container types are not really applicable to what you're looking for since container collection and container objects are part of the DAO object model. The names Microsoft chose for container collection and container objects is ambiguous, confusing, and poorly documented. Nothing new with...

Have you tried using the object browser? You can also query the Name field in the MsysObjects table for Types 1 and 3 objects: SELECT vTbl.ObjectType, Count(vTbl.ID) AS CountOfID FROM (SELECT Switch(Type=-32768,"Forms" ,Type=-32766,"Macros"...

@DakotaRidge's rationale is to provide his users with hardwired forms, customized for a single specific purpose, e.g. a form for food bought at Wamart, another form for recalled food, another form for recalled medications, and so on. He doesn't want a generic form for all cases, all vendors, all...

... and that's why SQL Server role based permissions can be setup for Active Directory groups. Even the healthcare applications I work with at major hospitals, which are HIPAA regulated, use Windows Authentication.

That implies a person who already has Windows login credentials, and enough knowledge to set that up. I have yet to hear about a case where someone who is authorized to login to a workstation has perpetrated a SQL Server hack using that method. If you can't trust your own users, then what's the...

Please explain how exactly that's possible. There are many enterprises that use Windows Authentication for SQL Server connections. If what you say is true, no one would use that method.

Why not use Windows Authentication, which leverages existing Active Directory credentials? That eliminates the need to manage separate logins and passwords for SQL Server.

Agreed, I did mention that towards the end of this post. If I were the OP, I would defend the current Access app for all the merits mentioned in this thread.

I've already cashed in on several settlements. Makes me want to put more of my personal info out there so I can have another source of steady income 🙂

An online app is automatically less secure than an on premise app. Then you also have to worry about the outfit that's hosting your data. No thanks.

You're being cynical. If you feel Access is so insecure, then why do you develop with it, or even use it?

Hey All, it would take an experienced Access developer to do all those hacks you mentioned. How many of those do you have at your company? Your average Access user is not going to know that. If you can't trust your own workers, then how can you operate? and I said "sufficiently secure", not...

I disagree. If setup correctly, an Access application can be sufficiently secure. The setup your company uses is not correct.

Although what you mention is true, a hacker would need to login as one of the users in the AD group that has permission to access the directory where the backend lives. If SQL Server is used, then there's an additional layer of security.

The native Access backend can be secured with Active Directory. The frontends with Windows Authentication. If additional security is wanted for the data, use SQL Server. I also prefer having the data on premise versus in the cloud, hosted by third parties.

So document your Access app well, including technical and end user documentation, and bring another Access developer, or firm, on board. Explain to management the pros of your Access app, and the cons of COTS software. You can also integrate instruments with your Access app.

Well, I know he still receives emails of our posts. He'll be back... How many other Access apps with similar design do you think exist?.. Millions! I've come across several, all built with macros, tons of tables, queries, forms, reports. Why do they build apps like that?... They're using...

I'm pretty sure he has repeated fields scattered across several tables, and specific fields, like WalmartItemName, MedicationName1, Name2, etc.