Question Permissions in Access 2007 (1 Viewer)

[realmadrid]

i have a database in access 2007. i heard that access 2007 doesnt support or have the permission option like before. i want to know that if i right-click on the database file & go in security tab from the property option,will i not be able to assign permissions to the staff this way? if not then what are those permission for?

 

[Galaxiom]

Microsoft removed User Level Security in 2007 because it had become so vulnerable to hacks as to be pointless.

You can place Windows ACL permissions on the database file and that will certainly prevent unauthorised users from accessing the data.

You can even set Read and Write permissions to allow the tables in the database to be read but not written by particlar users. If you need to do this with different tables in the same database you can use multiple backends with the permissions on each one set as required.

I know it works because I have accidentally prevented writing to a table from an unbound form in this way by inadvertently setting permissions but have not tried it with a bound form.

It wouldn't be too bad if you use Security Groups but the solution could get very messy if you wanted a fine grained control of the permissions on several tables. You might end up with a lot of backends.

If you want real control over the data it is best to put the backend on Microsoft SQL Server. The Express version is free. Otherwise you can use MySLQ which is also free.

 

[realmadrid]

thanks, your reply was rly informative !!

For data security purpose, i prefer a database password for my database which will restrict unauthorized users to access it. Nw the only thing which i want is can i restrict a form from all the users accessing to my database & make it available for myslf??? for i.e i have a delete form which i want to restrict from all the users except me.

P.S Please note that i dont have a sign in option on my database & thats the reason all the users have the privilege to read-write-modify & delete.

 

[Galaxiom]

SQL Server can use Windows Integrated Security or database username and passwords.

Alternatively use a Windows API call to get the Windows login username. Some procedures to do this are posted on this site and elsewhere. Test for the user in the Form_Load event and close the form immediately if it isn't your account.

Of course this is only as good as your login security. If they can log in as you and get to the database then they won't be stopped.