Workgroup Security Sample DB
- Thread starter ewong1
- Start date
MarkK
bit cruncher
- Local time
- Today, 04:44
- Joined
- Mar 17, 2004
- Messages
- 8,571
There's an .mdw file on your computer at c:\windows\system32 or equivalent. When you secure a database using user level security an .mdw file is created for you and you generally don't need to modify it directly. More commonly you'd modify it using the Tools->Security on the Access main menu.
ghudson
Registered User.
- Local time
- Today, 07:44
- Joined
- Jun 8, 2002
- Messages
- 6,193
ALL Access databases are secured. The default user ID is Admin. The default workgroup file is the System.mdw located in your computers System directory in Windows. Do not make the mistake of altering the default System.mdw workgroup. Create a new one when you attempt to add workgroup security and user permissions to your db.
Thanks for getting back to me on this issue. So that part of the workgroup security makes sense. Is there a way for me to require that the database be opened under a specific workgroup file that I have created? If the file is not present at its current state - the user logs in by default as an admin and has read / write access. Let me know when you get the chance. Thanks!
If you have followed the instructions properly then they will only be able to open the DB using the correct Workgroup file.
One of the things that you need to do when you set up security is to remove all permissions from the Admin user/group and assign rights to where you want them to be,
see http://support.microsoft.com/default.aspx?scid=/support/access/content/secfaq.asp for details on setting up security
Peter
One of the things that you need to do when you set up security is to remove all permissions from the Admin user/group and assign rights to where you want them to be,
see http://support.microsoft.com/default.aspx?scid=/support/access/content/secfaq.asp for details on setting up security
Peter
Ok, so everything sounds all fine and dandy now, but I'm still not 100% clear on workgroup security. I understand that I can create and join to a new workgroup file - but what if my user rights on my computer or any other users computer are not allowing that. My windows permissions do now allow me to permanently or even temporarily edit the joined workgroup files. Is there a way for me to join a workgroup on the formload command? Any ideas will help! Thanks!
ghudson
Registered User.
- Local time
- Today, 07:44
- Joined
- Jun 8, 2002
- Messages
- 6,193
You have to join [or open] the workgroup file before the secured db is opened. I do not understand why your Windows permissions are preventing you from editing the workgroup file. Are you not allowed to edit any files on your PC. You only need to edit the workgroup file when you are making permission changes and/or user group changes.
You should be opening the secured db with a custom shortcut. The "Target" field of the shortcut will point to the correct msaccess.exe file, using your workgroup file for your db. Do not "join" a users computer to your workgroup file!
Like this [all on one line]...
"C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE" /wrkgrp "X:\WorkgroupFile.mdw" "X:\DatabaseFile.mdb" /user UserName
You should be opening the secured db with a custom shortcut. The "Target" field of the shortcut will point to the correct msaccess.exe file, using your workgroup file for your db. Do not "join" a users computer to your workgroup file!
Like this [all on one line]...
"C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE" /wrkgrp "X:\WorkgroupFile.mdw" "X:\DatabaseFile.mdb" /user UserName
I understand the portion about opening the workgroup file prior to opening the database, but if the user is able to get to the database without a custom shortcut, isnt there a potential of the database being opened with admin rights?
ghudson
Registered User.
- Local time
- Today, 07:44
- Joined
- Jun 8, 2002
- Messages
- 6,193
Not if the db is properly secured. Admin rights should be removed. You should be assigning the permissions to the custom user groups you create for your custom workgroup file. If you can simply open the "secured" db from Windows Explorer then your "secured" db is not secured.
I think that makes sense, let me try and repeat it in my own words to see if I correctly interpreted what you said.
So what I actually need to do is remove all rights to the admin account in my database so that the workgroup file is the only enabled security file that can access the data and permissions for my database. Is this correct?
So what I actually need to do is remove all rights to the admin account in my database so that the workgroup file is the only enabled security file that can access the data and permissions for my database. Is this correct?
ghudson
Registered User.
- Local time
- Today, 07:44
- Joined
- Jun 8, 2002
- Messages
- 6,193
Sorta.
You do not want to remove the Admin user, just all Admin permissions. Give your other user accounts the permissions they need.
I advise you to make copies of your db before, during and after while you are learning of to properly secure your db. Just in case!
You do not want to remove the Admin user, just all Admin permissions. Give your other user accounts the permissions they need.
I advise you to make copies of your db before, during and after while you are learning of to properly secure your db. Just in case!
Similar threads
