How can I keep a user from accessing a database file from the directory? I've seen it before where if a user tries to open the database from the directory without being attached to the workgroup file it gives them a permissions error. I've set the users up with shortcuts to the database with the workgroup parameter but some users still go through the directory to open the file. When they do this, the currentUser property isn't captured. It logs them as the Admin. I want to keep this from happening. What can I do?
Security of Database
- Thread starter teel73
- Start date
statsman
Active member
- Local time
- Today, 15:41
- Joined
- Aug 22, 2004
- Messages
- 2,082
First of all, delete the Admin.
The Admin is essentially the "default user". Whoever selected that name at Microsoft deserves a quick kick in the ###.
DO NOT DELETE THE ADMIN until you have created your user groups and assigned users and permissions.
For an excellent overview of Access security, go to:
http://www.geocities.com/jacksonmacd
download the first file – Security Paper by Jack Macdonald. It’s a little long but it tells you everything you need to know.
The Admin is essentially the "default user". Whoever selected that name at Microsoft deserves a quick kick in the ###.
DO NOT DELETE THE ADMIN until you have created your user groups and assigned users and permissions.
For an excellent overview of Access security, go to:
http://www.geocities.com/jacksonmacd
download the first file – Security Paper by Jack Macdonald. It’s a little long but it tells you everything you need to know.
boblarson
Smeghead
- Local time
- Today, 12:41
- Joined
- Jan 12, 2001
- Messages
- 32,040
You need to remove the Admin account from the ADMINS group. You can't remove the Admin account completely. But, it should not be part of the Admins group.
Please Help Me!... I'm in big trouble. I removed the Admin user from the Admins account. Now when I try to open my database it gives me a disk network error. And it's giving me that error for all of my backups too. What do I do? I am going crazy.
Can someone help me with this issue please. I've tried everything, including removing the admin user from the Admins group.
I have a database file that I want to restrict users from being able to access from the directory. They have shortcuts on they're desktops with the wrkgrp parameter included to point them to the correct workgroup. However some users go through the directory and when they do that I can't capture current user information. How do I accomplish that with a database that already has a workgroup file associated with it? Before I used the security wizard at the start of creating my database. When someone tries to access that database from the directory it gives them an error message: You don't have the neccessary permissions to use ......
That's what I want - to be able to force the user to use they're shortcuts.
Please any help would be appreciated.
Thanks
I have a database file that I want to restrict users from being able to access from the directory. They have shortcuts on they're desktops with the wrkgrp parameter included to point them to the correct workgroup. However some users go through the directory and when they do that I can't capture current user information. How do I accomplish that with a database that already has a workgroup file associated with it? Before I used the security wizard at the start of creating my database. When someone tries to access that database from the directory it gives them an error message: You don't have the neccessary permissions to use ......
That's what I want - to be able to force the user to use they're shortcuts.
Please any help would be appreciated.
Thanks
Len Boorman
Back in gainfull employme
- Local time
- Today, 20:41
- Joined
- Mar 23, 2000
- Messages
- 1,927
Have you used the System.mdw as the workgroup file.
Do you have a backup
If I want to restrict users I use the following process/Situation
1) Our Network Logon and PC Windows Logon are identical
2) I detect Windows Logon and PC ID at opening of database
3) If Windows logon = Logon PC stored in table in database then database continues to open, if not it closes
4) F11 key disabled
5) Bypass key disabled
So I really do not need to worry about accounts at all. Okay its not bombproof but keeps out those I do not want and gives me a logon ID that I can stamp on records along with PC id and date/time
Do not really care if they start from shortcut or directory. process works in all cases
L
Do you have a backup
If I want to restrict users I use the following process/Situation
1) Our Network Logon and PC Windows Logon are identical
2) I detect Windows Logon and PC ID at opening of database
3) If Windows logon = Logon PC stored in table in database then database continues to open, if not it closes
4) F11 key disabled
5) Bypass key disabled
So I really do not need to worry about accounts at all. Okay its not bombproof but keeps out those I do not want and gives me a logon ID that I can stamp on records along with PC id and date/time
Do not really care if they start from shortcut or directory. process works in all cases
L
No. I created the workgroup file and added my users to the group. I have set them up with shortcuts so I can capture who's making changes to the database by using the currentUser function. All of that works fine. What I haven't figured out is how to keep them from accessing the file from the directory which does not capture workgroup information such as their database login id. That's what I need to do. I don't want to have to create another workgroup file and use the wizard and add all my users manually.
- Local time
- Today, 14:41
- Joined
- Feb 28, 2001
- Messages
- 30,566
Invariably, when this happens, it is because the database was not properly secured. Search this forum for Securing a Database and Workgroup Security. The answer to this question has been posted many times. I've posted it. Pat Hartman posted it. At least five or six others have posted on this subject. Search first. Ask detailed questions later.
Len Boorman
Back in gainfull employme
- Local time
- Today, 20:41
- Joined
- Mar 23, 2000
- Messages
- 1,927
I have a couple of security documents too big to post here
PM me with an email address and I will send them
L
PM me with an email address and I will send them
L
TastyWheat
Registered User.
- Local time
- Today, 14:41
- Joined
- Dec 14, 2005
- Messages
- 125
One IMPORTANT thing to keep in mind. Whatever you do make sure at least one user is a member of Admins. Only Admins can add/remove users and change group associations.
Dennisk, I did exactly what you suggested. I removed the user "admin" from the "Admins" group and I created a password for "admin". However, I am able to access the database from the directory and it doesn't prompt me for a logon.
But now what I can't figure out is, I also created another test database and workgroup using the security wizard. If I try to access this database file from the directory, it gives me the permissions error. "You do not have the neccessary permissions to use .........". The only difference in the two workgroups are:
1. the wizard created the security to the test dbase
2. the owner of the test database is me and the owner of the database I'm trying to get to work properly is "Admin".
Could that have anything to do with it? Maybe I need to change ownership.
Similar threads
