Network access

Lightwave, you are correct in that there is much you can do to secure the database but the bottom line is - if the person can access the database file in the folder, he can copy the file and then work on cracking it as his leisure. I look at security more as protecting people from themselves rather than keeping the data from being maliciously compromised or stolen. If the data is that critical, it does not belong in a Jet/ACE database.
 
Still get a invalid use or null error on
sUser = UserId
as well as on
sDom = txtDom
 
Pat Hartman said:
if the person can access the database file in the folder, he can copy the file and then work on cracking it as his leisure.
Click to expand...

I think this is the key key point. Users should NOT have access to the database file. (backend)
 
Lightwave, as you pointed out we work on the razor edge of an oxymoron - granting use to something we want to protect.

I made it a point to only allow people to open the database BE file if they had the proper group identifiers. And they could only copy the FE to their local folders if they had the right group membership as well. As you could infer from that, I had a "native" Access BE file. The department didn't want to spring for the SQL server license and, since this was the government, I wasn't supposed to be a database admin AND a systems admin at the same time. (Sometimes they get paranoid about that rule...) I got away with it because the database in question was internal, not exposed to the general public.

Of course, I agree that protection is needed for both FE and BE. You do the most you can with the system resources available to you. Disable the various bypass keys, force use of an Opening Form that has enough smarts to shut you down for any of several reasons - I had 5 disqualifiers for mine - and enforce access to specific data within the app itself.
 
Gismo said:
Still get a invalid use or null error on
sUser = UserId
as well as on
sDom = txtDom
Click to expand...

A variable declared as a String can't hold Null. You can either declare the variables as Variant, use the Nz() function while setting them, or test for Null and abort the sub if the values are Null.
 
pbaldy said:
A variable declared as a String can't hold Null. You can either declare the variables as Variant, use the Nz() function while setting them, or test for Null and abort the sub if the values are Null.
Click to expand...

But that is what I do not understand, none of the above has null values, the do ain is pre-set and the username is linked. does anyone perhaps have another way or code I use to validate through windows network?
 
1. Make sure that you have Option Explicit set for all modules and as the default for new modules (variable declaration required)
2. Refer to form controls using Me.ControlName. This is more efficient and avoids the possibility of confusion with a local variable.
3. Just to test - change the data type of the variables with the error to Variant to see if null is what is causing the problem.
 
You must log in or register to reply here.

Similar threads

P
No Options in File - Access Runtime 2021
Replies
10
Views
632
Pat Hartman
P
GPGeorge
Preparing your Access Database Application for Deployment — Tools and Tips, with John Colby
Replies
0
Views
191
GPGeorge
GPGeorge
E
Best Practices for User Access Control in Access Databases - Emmanuel Katto Uganda
Replies
3
Views
1,257
Pat Hartman
P
D
Darshan Hiranandani : How to Access a Password-Protected MDB Database with an MDW File and Unknown User Password?
Replies
3
Views
633
Isaac
Isaac
T
Conundrum
Replies
2
Views
294
TheSearcher
T

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Back
Top Bottom