Question User Level Security, 2003

J

JaedenRuiner

Registered User.
Local time
Today, 03:44
Joined
Jun 22, 2005
Messages
154
Alright,

Now, I have Office 2003 pro, with Access, with which I am developing a project. Now, I have had much experience with databases, and have created many other Access mdb files as well. mostly for something simple, like creating a database of all my movies, or books, or something silly like that. I've even done one of my video game modification data to help keep me organized.

But those are home end, simple, and having absolutely zero necessity for security.

I am working on a professional level project now (a new thing for me specific to Access, but not to databases and applications). And Access has always confused me when it came to setting up security.

I understand how to set rights in databases, but i remember from some time ago reading that Access security was a royal pain, due to the "Admin" user being equated with "Everyone". So if i were to copy the mdb onto a flash drive, and take it over to my client and install it. Sure I may have set some "startup" settings and hidden some database objects, but from what i've before (and this was years ago) without some "special" security concerns, the everyday user at my client's company could alter those settings, restoring full access to the database, if they knew how, because as the "Admin" of their copy of Access, they are the "adminstrator" of the db.

So I need a point to a good and complete guide to Access User Level Security in Access 2003. I've seen links that talk about Access 2000, and Access 2007. But nothing that is concise, and clear about how to set this up.

Should I:
  1. Remove the Admin user from the Admins Group After I've created a separate "God" account under the Admins Group?
  2. Convert the File Format over to 2002-2003 from 2000, and are there any advantages? (Security wise or otherwise)
  3. Does The security wizard create a specific workgroup information file for this database only, or is it for the system, And Do I need to create one first before entering the User And Group Accounts setup dialog?
these are some of the basic questions that really should be explained in a rather straight forward manner, but every search either pops up mde info, or 2007 info, and oivay it gets tiring.

The 10 Steps
I found that url as well as a few other on MSDN that seem to describe some levels of how to do these things but nothing as "detailed" as I would prefer. And by detailed I mean in explanation of what they are, why we do these steps, because for me it is no just knowing what to do, but why to do it, so I can understand fundamental architecture and thus not need to ask such questions in the future. *smile*
Thanks
Jaeden "Sifo Dyas" al'Raec Ruiner
 
I believe the the reason you do not find much on it because the built in user level security is not used by many developers. Based on the lack of support for this feature, Microsoft has also drop it from the new 2007/ACE format. I would urge you to consider not using it since it is no longer support int he current versions of Access.

If you are really worried about securing your data then use a SQL Server back end.

I have a few good links on using the ULS. I will look for them.
 
Last edited:
Well, if I was going to use a SQL Server back end I wouldn't use Access at all. I'd write the app in .Net. I'm using access because of the database and front end all-in-one setup, which is sort of what my client wants for now. I've got some user level security set up for now...but i will seriously be recommending the future of this project moves away from access.

J"SD"a'RR
 
There was an excellent step by step Access security guide by a gentleman named Jackson Macdonald. It was located on his site on Geocities, but Yahoo had discontinued Geocities so I have no idea if you can find it elsewhere or not.
Boyd makes a good point about the Access Security function being discontinued in "07. You may wish to investigate another secuirity function as he suggests.
If you feel you must try Access '03 security, make sure you make a copy of your database and practise on that. Always leave yourself an intact "master" copy when you first enter the dark waters of security.
 
statsman said:
There was an excellent step by step Access security guide by a gentleman named Jackson Macdonald. It was located on his site on Geocities, but Yahoo had discontinued Geocities so I have no idea if you can find it elsewhere or not.
Boyd makes a good point about the Access Security function being discontinued in "07. You may wish to investigate another secuirity function as he suggests.
If you feel you must try Access '03 security, make sure you make a copy of your database and practise on that. Always leave yourself an intact "master" copy when you first enter the dark waters of security.
Click to expand...


I actually have Jack MacDonald's white paper available for download on my site. See the link in post #3
 
Last edited:
Boyd:
IMO this paper is a necessity for anyone doing security work in pre '07 Access.

Thank you for having the foresight to save it.
 
You must log in or register to reply here.

Similar threads

NauticalGent
How to give a fancied DBA read only version of the tables.
Replies
10
Views
507
CJ_London
C
C
Inventory- hold stock level or not
Replies
10
Views
950
The_Doc_Man
The_Doc_Man
D
Darshan Hiranandani : How to Access a Password-Protected MDB Database with an MDW File and Unknown User Password?
Replies
3
Views
1,159
Isaac
Isaac
Technics
Help with moving Access database
2
Replies
32
Views
2,012
Technics
Technics
A
Secure Storage Model for Microsoft Access: Stream-Based Encrypted Data Architecture(for discussion)
Replies
5
Views
375
GPGeorge
GPGeorge

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Back
Top Bottom