DB to quit immediately (1 Viewer)
- Thread starter JAQ
- Start date
- Local time
- Today, 12:43
- Joined
- Feb 19, 2002
- Messages
- 43,401
How will you determine that an unauthorized person has opened the db? Do you have security set up? Most people who want to limit the database to authorized users, use a login form to capture the user's Login and password and then validate them.
Here's an example that will give you some ideas
Here's an example that will give you some ideas
Switchboard with simple security
This is a custom switchboard. It expands on the Switchboard Items table to add four additional columns to define view/edit/add/delete security levels for switchboard items and forms/reports referenced by them. It includes tables to manage users and also to assign them security levels. The user...
www.access-programmers.co.uk
isladogs
MVP / VIP
- Local time
- Today, 17:43
- Joined
- Jan 14, 2017
- Messages
- 18,253
Some questions / other points:
1. Is it a split database and if so does each user have their own copy of the frontend?
OR does each user SHARE the same copy of the database? If so that is bad news
2. Why should only one user be allowed at a time? If that is important make the default to open exclusively.
3. FYI if you have a startup form that will load & run code BEFORE an autoexec macro runs
1. Is it a split database and if so does each user have their own copy of the frontend?
OR does each user SHARE the same copy of the database? If so that is bad news
2. Why should only one user be allowed at a time? If that is important make the default to open exclusively.
3. FYI if you have a startup form that will load & run code BEFORE an autoexec macro runs
Isaac
Lifelong Learner
- Local time
- Today, 09:43
- Joined
- Mar 14, 2017
- Messages
- 8,829
If you are in a normal corporate environment where any given individual uses ONE and only ONE network login for their sole and exclusive use, then the #1 way - in fact the only way - I would do it is to write code (normally in the Load event of your main startup form) to check who it is.
You can use environ("username"), which is reliable in a normal secure corporate environment, or you can use some other ways too.
another approach
If environ("Username")<>"YourUserName" then
application.quit
End If
Using this approach has many benefits, not the least of which it makes the whole having to maintain your own invented usernames and passwords (very risky without added encryption, which may be complex for you at this stage) unnecessary and redundant. Why reinvent the wheel, if your corporate I.T. department has already taken on the burden of 100% managing and enforcing identity access management.
You can use environ("username"), which is reliable in a normal secure corporate environment, or you can use some other ways too.
another approach
If environ("Username")<>"YourUserName" then
application.quit
End If
Using this approach has many benefits, not the least of which it makes the whole having to maintain your own invented usernames and passwords (very risky without added encryption, which may be complex for you at this stage) unnecessary and redundant. Why reinvent the wheel, if your corporate I.T. department has already taken on the burden of 100% managing and enforcing identity access management.
- Local time
- Today, 11:43
- Joined
- Feb 28, 2001
- Messages
- 27,261
Actually, if this is a "My database and nobody else's" case, then simple protection via file access permissions would work better than anything else you could do inside the app. If you make the access control list (ACL) on the file correctly, nobody will even be able to open it. Just a note of warning: it is a bit tricky to modify an ACL correctly.
In a domain environment, there is usually a set of default permissions inherited by every file. This usually includes SYSTEM, ADMINISTRATOR, and one or more operator classes (e.g. Backup Operator), and your personal ACL would often be last in the list, or 2nd to last with a ValidatedUser option or something like that.
If you right-click on your database file, then follow Properties >> Security you will see the ACL. To keep everyone else away from it, add one more access control entry (ACE), Everybody Deny Access - but that entry MUST be the last entry because ACLs are processed in order of appearance. If you make that file "Everybody Deny" as the 1st ACE then even the system wouldn't be able to deal with it until a ticked-off IT security staffer got around to working some sys-admin magic on it. (Which usually ends up with a visit from that irate security person, who will hope to rub off some of that irritation onto you.)
If we have misunderstood your intent, then please clarify what you want to happen and when.
In a domain environment, there is usually a set of default permissions inherited by every file. This usually includes SYSTEM, ADMINISTRATOR, and one or more operator classes (e.g. Backup Operator), and your personal ACL would often be last in the list, or 2nd to last with a ValidatedUser option or something like that.
If you right-click on your database file, then follow Properties >> Security you will see the ACL. To keep everyone else away from it, add one more access control entry (ACE), Everybody Deny Access - but that entry MUST be the last entry because ACLs are processed in order of appearance. If you make that file "Everybody Deny" as the 1st ACE then even the system wouldn't be able to deal with it until a ticked-off IT security staffer got around to working some sys-admin magic on it. (Which usually ends up with a visit from that irate security person, who will hope to rub off some of that irritation onto you.)
If we have misunderstood your intent, then please clarify what you want to happen and when.
Isaac
Lifelong Learner
- Local time
- Today, 09:43
- Joined
- Mar 14, 2017
- Messages
- 8,829
I've never had much luck even having enough permissions in a corporate environment to effectively modify (wholly as needed) those permissions, there are usually a flurry of entries that I can't remove or deny - I would think this might be an option of last resort except for the most savvy of users (and those who are permissions-laden).
You could also just put a password on the database - I THINK, as I've never used this method myself.
Ultimately, most times I have thought a database was going to be for "my use only", that doesn't end up being the case, so coming up with at least some "user access levels" type scheme, even if it's just a line of VBA code at its simplest inception, is good - but that's just my experience.
You could also just put a password on the database - I THINK, as I've never used this method myself.
Ultimately, most times I have thought a database was going to be for "my use only", that doesn't end up being the case, so coming up with at least some "user access levels" type scheme, even if it's just a line of VBA code at its simplest inception, is good - but that's just my experience.
- Local time
- Today, 12:43
- Joined
- Feb 19, 2002
- Messages
- 43,401
If we are to take this statement literally. The db is YOURS and you are the only user so you want to prevent someone from copying it and running it on their computer, then use the code suggested by Issac in #7 in your startup form.
In addition, you would need to completely lock down the database so that the shift key can't be bypassed. I think Colin might have a good thread on that.
PS - before you lock down your application, make yourself an unsecured backup and zip it and put it some place save. Otherwise, you would need to pay someone to crack your database so you can get back into it if you forgot your password.
Similar threads
