Access 2007 User level Security Articles (1 Viewer)

[KeithG]

Has anyone seen any good links to explain why Microsoft discontinued User Level Security in Access 2007? If so can you post the links. There is a debate at my work and I want to get all the infomation possible. It is my understanding that the beefed up the encryption on the standard password so the did away with ULS.

 

[boblarson]

Keith:

You probably already saw this, but just in case you hadn't (don't know if it will help but here you go):

http://office.microsoft.com/en-us/access/HA012301871033.aspx

 

[KeithG]

Yeah I saw that but thanks. It is a challange explaining to the project group why they got ride of ULS. I agrue that honestly since Access is a file server db your data is not truely safe anyways becuase the users need access to the file. So if someone knows what they are doing its only a matter of time until the can crack the security because they can copy the file with all the data. Don't get me wrong I love Access it just not as secure as they think if you run into someone who knows what they are doing. I keep telling them that you can still use ULS if you keep your db in the 2003 format but they keeps saying the older version of Access will not be supported with Access 2007. I know thats a erroneous. I just love the project management group, if you dont know the answer make something up.

 

[AccessJunkie]

How about this?

http://blogs.msdn.com/access/archive/2005/10/19/access-12-security-model.aspx

--------------------
Jeff Conrad - Access Junkie - MVP Alumni
SDET - XAS Services - Microsoft Corporation

Co-author - Microsoft Office Access 2007 Inside Out
Presenter - Microsoft Access 2007 Essentials
http://www.accessmvp.com/JConrad/accessjunkie.html
Access 2007 Info: http://www.AccessJunkie.com

----------
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.mspx
----------

 

[Darth Vodka]

out of interest what are people doing with the death of the MDW?

building users tables that work off the NTIDs?

 

[PaulWilson]

I saw the blog at:
http://blogs.office.com/b/microsoft-access/archive/2005/10/19/access-12-security-model.aspx

but got little out of it. I finally tried to parse it manually.
Here's the result for the operative paragraph (I still get little out of it).

User level security - old version
Since JET is a file based database system where users need physical access to the file to operate on their data, the concept of user level security in Jet to assign different levels of user access to the data within the same file was not recommended. To have multiple people use the database but with different data access privileges, the recommended practice was to move this data to a centralized service like SQL server or SharePoint lists. However, Jet has had this feature for some time and it has worked OK for usability and custom navigation scenarios but isn’t recommended for actual security. To help promote using truly secure user-level security, ACE will no longer support the JET concept of user level security for new file formats (for backwards compatibility reasons ACE will continue to support JET user level security for old file formats). To help maintain the scenarios around custom navigation the Access UI (including the NavPane) will allow solution creators to completely customize the navigation experience.
We believe that the security work in Access 12 will both make the product more secure through things like the improved encryption and clearer user-level security, and will make security easier to manage through the new trust model and “safe” macros. In the next post, I’ll start talking about the feature changes we’ve made to the product by describing how report design has changed.

User level security - new version
Access is file based. Users need access to the file to use it. The old user level security concept in Jet allowed the database developer to assign permisson levels to users. That was hard to implement, so developers were starting to drop Access in favor of SQL server. Access allowed the developer to engineer custom navigation scenarios for each user, but not implement true security. Newer versions of Access will still allow solution creators to completely customize the navigation experience. We added improved encryption and a new trust model with “safe” macros.