Question access 2007 security help

S

sunset1215

Registered User.
Local time
Tomorrow, 06:39
Joined
Apr 7, 2011
Messages
46
hi all, i have almost completed my database and is now considering how to implement security. i created my database using 2007, so i don't think i should convert to 2003 just to use the user-level security.

actually, for this database, i am going to be the only user who is updating the data. however, there are going to be a few users viewing the database occasionally. how can i make it so that other users can only view forms and reports(read-only status)?

i've split the database into BE and FE for now, and the BE is residing in our shared drive. i find that my FE lags heavily, is that a problem with my laptop or the server?

if anyone could give some ideas or provide links that could help. many thanks in advance.


EDIT: i just got another idea.

is it enough if i just edit the settings in 'current database' and disable the nav pane and other stuff? does this allow me to limit my other users to just read-only? however, i have created a few forms to filter reports. will my users be unable to interact with the form? i just want my users to not be able to update the data.
 
Last edited:
Here's a few things I'd do (far from a definitive listing)
  1. Hide the database window
  2. Perhaps even consider issuing the frontend file under a FREE Runtime 2007 licence (this will protect all the objects so long as the user doesn't have a full licence of Access loaded on their PC)
  3. Lock all Form fields (making the data viewable but uneditable) except drop-down lists that drive/filter Reports
    • If you're really clever you can write some code based on Network signon ID's that makes the forms editable for you alone
  4. Park the backend file in a secure folder that your users cannot access
 
PaulO said:
Here's a few things I'd do (far from a definitive listing)
  1. Hide the database window
  2. Perhaps even consider issuing the frontend file under a FREE Runtime 2007 licence (this will protect all the objects so long as the user doesn't have a full licence of Access loaded on their PC)
  3. Lock all Form fields (making the data viewable but uneditable) except drop-down lists that drive/filter Reports
    • If you're really clever you can write some code based on Network signon ID's that makes the forms editable for you alone
  4. Park the backend file in a secure folder that your users cannot access
Click to expand...

it would be best to create user groups with different access levels, but i would seriously need a step by step guide to help me on that.

i've set a password for the BE file, so i think it's ok for it to be in the shared drive.

about the FREE Runtime 2007 license, i guess it's an external program? how does it protect all the objects?
 
Microsoft Access Runtime 2007 (free download) gives a user all the functionality and features of Access 2007 but without

1) Access to the objects (database window is automatically hidden)
2) Right-click button is disabled ... again restricting users' access to objects
3) You don't have to buy a full licence of Access
 
Create a login form with an option for guest login. If you login, everything can function normally. If the guest logs in, every form can be opened in a read-only mode.
 
speakers_86 said:
Create a login form with an option for guest login. If you login, everything can function normally. If the guest logs in, every form can be opened in a read-only mode.
Click to expand...

how can i create this? is there a sample i can download or website that helps with this? if you would tell me what i would need, i could create it myself.
 
Make a blank form with controls for username and password. Create a submit button that validates your entries. If successfully validated, continue to the main form, leaving the login form open, but hidden. Otherwise, do nothing. Create another button for guest entry. Upon selection, continue to the main form, closing the login form. In the on open event of every form, check to see if the login form is open. If it is, open normally. If not, set allow edits/additions/etc to no.

This may not be the most fool proof way, but I think it may work for you, especially since it is so simple. Of course, there are other variations of what I am telling you, but thats just what came out! :D
 
oh! haha! yes, it sounds really simple. for the validation of username and password, i have to create a table that holds the usernames and passwords?

a side question:
i've splitted my database to BE and FE. if and when i have to create more tables, i have to go to the BE and create them?
 
sunset1215 said:
oh! haha! yes, it sounds really simple. for the validation of username and password, i have to create a table that holds the usernames and passwords?
Click to expand...

Yes. These fields should fit nicely in your employees table, assuming you have one.

edit- you could hold the credentials inside vba, but I don't recommend hard-coding things like that. Makes it more difficult to change your password, or to issue new credentials to other users.

a side question:
i've splitted my database to BE and FE. if and when i have to create more tables, i have to go to the BE and create them?
Click to expand...

Yes.
 
actually, my database only deals with info on clients. it's a small database. thanks for your suggestion! i'm really grateful for the help! :)
 
speakers_86 said:
Yes. These fields should fit nicely in your employees table, assuming you have one.

edit- you could hold the credentials inside vba, but I don't recommend hard-coding things like that. Makes it more difficult to change your password, or to issue new credentials to other users.
Click to expand...

i just saw your edit. by holding the credentials inside vba, do you mean like below?

EDIT- ah, i just realised that you meant i should not code it in vba. my bad. so it's good to create a table after all, right?

Code: 
dim user1 as string
dim pass1 as string
 
user1 = username
pass1 = password
 
then validate with 
if frmLog!control = user1 and frmLog!control2 = pass1 then
code here...
end if
 
Last edited:
hi speakers, i wonder if you could help me again? i followed your suggestion and have started making the changes to my database. the setting of allow edits/additions to false works, however, 2 of my forms have a combo box filter. setting the allow edits to false makes me unable to select values in the combo box.

do u think i should create a separate form filter in this case? or is there a workaround?
 
Controls can be locked individually. You dont have to lock the whole form.
 
You must log in or register to reply here.

Similar threads

The_Doc_Man
Important Security Guidelines
2
Replies
24
Views
726
The_Doc_Man
The_Doc_Man
A
Solved Access Security Notice
Replies
17
Views
907
Isaac
Isaac
J
How to see the UN and PC Name of locked Records
Replies
14
Views
384
jmark@stayintouch.us
J
J
Read Only Message
Replies
6
Views
264
Gasman
Gasman
D
Darshan Hiranandani : How to Access a Password-Protected MDB Database with an MDW File and Unknown User Password?
Replies
3
Views
472
Isaac
Isaac

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Back
Top Bottom