I have a split payroll db. Both front end and back end are passworded. Works fine. Now, I have created an input only db as a .accde with all menus, etc. hidden, but which adds their input data to the passworded backend. I don't want these users to know the password for the full program. Is it possible to use a different pw for the front end (or preferably no password)?
Password issue
- Thread starter ellenr
- Start date
Ranman256
Well-known member
- Local time
- Today, 11:09
- Joined
- Apr 9, 2015
- Messages
- 4,352
I let the users use their Windows login id/pass to get in the frontend.
I also have a table in the db with their userID.
1.they must be in the table to get in the db.
2. they must have a legal windows login to get in the FE.
the db is hidden, except a login form for userID,password,domain if needed:
I also have a table in the db with their userID.
1.they must be in the table to get in the db.
2. they must have a legal windows login to get in the FE.
the db is hidden, except a login form for userID,password,domain if needed:
Code:
SUB btnLogin_Click()
Dim sUser As String, sPass As String, sDom As String
sUser = txtUser
sPass = txtPass
sDom = "CoDomain"
If WindowsLogin(sUser, sPass, sDom) Then
mbSafe = True
DoCmd.OpenForm "frmMainMenu"
DoCmd.OpenForm "frmLogin"
DoCmd.Close
Else
MsgBox "LOGIN INCORRECT", vbCritical, "Bad userid or password"
End If
end sub
'-----------------
Public Function WindowsLogin(ByVal strUserName As String, ByVal strpassword As String, ByVal strDomain As String) As Boolean
'-----------------
'Authenticates user and password entered with Active Directory.
On Error GoTo IncorrectPassword
Dim oADsObject, oADsNamespace As Object
Dim strADsPath As String
strADsPath = "WinNT://" & strDomain
Set oADsObject = GetObject(strADsPath)
Set oADsNamespace = GetObject("WinNT:")
Set oADsObject = oADsNamespace.OpenDSObject(strADsPath, strDomain & "\" & strUserName, strpassword, 0)
WindowsLogin = True 'ACCESS GRANTED
ExitSub:
Exit Function
IncorrectPassword:
WindowsLogin = False 'ACCESS DENIED
Resume ExitSub
End Function
Frothingslosh
Premier Pale Stale Ale
- Local time
- Today, 11:09
- Joined
- Oct 17, 2012
- Messages
- 3,276
My apps are generally built with a Users table where I enter folks' logins. (Where I work, we log in with our badge numbers, so we never have to worry about names.)
When the apps are started, the app checks the user's login info (I pull from the Widows API, but Environ("USERNAME") works fine 99% of the time) against that table, and either the app is closed due to the user not being listed or else it starts up and rights and permissions are assigned. The idea behind it is that since you already had to log onto the network, we've already validated your identity.
If you want to password protect the data itself on top of that, then Ranman's procedure is definitely the way to go, but keep in mind that the password is transmitted over the network in the clear, and someone getting access to the user's front end can, in theory, pull up the connection string and get the login/password combo from it. (Again, at my workplace, every SQL Server database has permissions assigned, and if a user doesn't have need-to-know, then they don't get access to the DB.)
When the apps are started, the app checks the user's login info (I pull from the Widows API, but Environ("USERNAME") works fine 99% of the time) against that table, and either the app is closed due to the user not being listed or else it starts up and rights and permissions are assigned. The idea behind it is that since you already had to log onto the network, we've already validated your identity.
If you want to password protect the data itself on top of that, then Ranman's procedure is definitely the way to go, but keep in mind that the password is transmitted over the network in the clear, and someone getting access to the user's front end can, in theory, pull up the connection string and get the login/password combo from it. (Again, at my workplace, every SQL Server database has permissions assigned, and if a user doesn't have need-to-know, then they don't get access to the DB.)
