I have a db on a network that is being access using a runtime version of access. FE local and BE on the network. I have user level security setup and everything works fine as long as an aministrator of the pc is logged onto the pc. When someone else logs on to the pc and is not an aministrator of the pc, the .mdw file does not work correctly, even a logon with full permissions does not work. All users have admin privileges to the network folder. I have been using access security for several years now and have never had this happen. Does anyone have any suggestions. Thanks.
Security Problem (1 Viewer)
- Thread starter spowers21
- Start date
- Local time
- Yesterday, 23:59
- Joined
- Feb 28, 2001
- Messages
- 27,374
When you are dealing with shared folders, don't forget that there are TWO sets of security to consider even before you get to the Workgroup Security issues. Then you worry about the workgroup itself.
First, the folder has Windows-based permissions. Remember the Windows rule that one DENY cancels a gazillion ALLOWs. Check for any DENY permissions to be set. Also, saying "admin rights" doesn't mean squat if the permissions are set for Admin:READ ONLY - so open up the folder, right-click to get to its properties, look at the security tab, and check the effective rights of the files in question.
Second, the server allows access to that folder because it is published as a SHARE of some sort. The SHARE has permissions of its own that act as filters for the local permissions. The Windows term is that permissions MINIMIZE when accessed through a SHARE. (Whereas with local access and multiple groups being applicable, permissions MAXIMIZE.)
Third, check for permissions on the .MDB and .MDW file, but also look at issues such as the ability to create files in the folder.
Fourth, and this one is tough to verify: Consider that if a session is still open to one or more of the files, Windows might have a file-level lock on that file. If so, and if the session is actually "dangling" - i.e. the client machine died with a session open - you might have a lock of a type that is supposed to be transitory but really isn't. Unfortunately, the only way to fix this particular problem is a reboot of the server. Not usually a welcome idea, but sometimes needed.
Also, does the database link to an external file? If so, check the external file for its own separate permissions.
First, the folder has Windows-based permissions. Remember the Windows rule that one DENY cancels a gazillion ALLOWs. Check for any DENY permissions to be set. Also, saying "admin rights" doesn't mean squat if the permissions are set for Admin:READ ONLY - so open up the folder, right-click to get to its properties, look at the security tab, and check the effective rights of the files in question.
Second, the server allows access to that folder because it is published as a SHARE of some sort. The SHARE has permissions of its own that act as filters for the local permissions. The Windows term is that permissions MINIMIZE when accessed through a SHARE. (Whereas with local access and multiple groups being applicable, permissions MAXIMIZE.)
Third, check for permissions on the .MDB and .MDW file, but also look at issues such as the ability to create files in the folder.
Fourth, and this one is tough to verify: Consider that if a session is still open to one or more of the files, Windows might have a file-level lock on that file. If so, and if the session is actually "dangling" - i.e. the client machine died with a session open - you might have a lock of a type that is supposed to be transitory but really isn't. Unfortunately, the only way to fix this particular problem is a reboot of the server. Not usually a welcome idea, but sometimes needed.
Also, does the database link to an external file? If so, check the external file for its own separate permissions.
