Database over network with user permissions and passwords

[Sam_Bur]

Hi guys,

I have very nearly completed designing and making a database for stock control for my company, and am now a little concerned on how it is going to be implemented. It is going to be done over a network, with only a handful of users. The idea is to have every user log in but with each person having different permissions. i.e onl;y being able to access maybe one or two forms, but also having an administrator that can view every form. Now, i am aware of the security settings in the tools menu, would this be the appropriate way, or would i have to creat an empl;yee table and set permissions thropugh vb? This is the first database i have constructed and need a little help!

The second problem is that the database will be over a network. Would i have to put the backend in one place and then have the front end installed on all the pc s and just access the backend when i its needed? Forgive me if this sounds a bit stupid but as i have said this is new to me..

Your thoughts would be greatly appreciated.

 

[The_Doc_Man]

1. For FE/BE split, put the FE and the BE in the same place, let users copy the FE to their local machines.

2. Put the Workgroup security file in the same place as the BE.

3. Use the forum's SEARCH feature to find articles on Workgroup security.

4. While there are many folks who "roll their own" security with VBA, you have stated that you are new to Access. Accordingly, and only for that reason, I would counsel against trying to use anything other than Access Workgroup Security features. When you gain enough confidence with the environment, your imagination is the limit. (Unless your imagination is so vast that the speed of your disk is the limit...)

5. You will read this in the forms, but I will repeat this much for emphasis. NEVER EVER give anyone permissions in the database. Analyze/define some roles that people can perform. Each role becomes a group. Now, when you define your users, give permissions to the groups and assign the users to the appropriate groups. NEVER give indivdual users special permissions. Even if they are a group of one, always do this by groups.

6. Remember that in a shared environment, your system security guy has to get involved. Your users must have permissions in the MODIFY class (for basic permissions) for that folder and all files in it. This explicitly includes advanced permissions CREATE and DELETE (files) as well as the other normal read, write, browse, passthrough permissions.

7. Structurally, the deeper your MDB directory (in terms of the number of hops in the path), the worse off you are. Put the files in a top-level or second-level folder if at all possible.

 

[Sam_Bur]

Thank you Doc_Man,

You seem to be the man with all the advice. I greatly appreaciate it. Have a great christmas.