TechBoy <rlntemp-junk@yahoo.com> wrote:[color=blue]
> I am trying to learn on the fly about Access Security for an app we
> are developing. I realize Access security is an advanced subject
> with many details. I wanted to share a scenario and ask a couple of
> questions.
>
> Scenario:
> I have MyApp.MDB up on a file server.
> I also have two Client PC's: Client1 and Client2 who use MyApp.
> (Both Client's are running Access 2002)[/color]
Best to put the front-end database on each PC and leave the back-end
database on the file server..... (split your database).
[color=blue]
> On Client1's PC:
> In MSAccess I have set up 7 users across four groups:
> Level1, Level2, Level3 & Level4.
> Level1 users have the most authority in the app, then down to level
> 4's who can only click on report icons on forms and run the reports,
> which are based on queires as data sources. I have tried setting up
> permissions on the users on Client 1's PC. One of the permissions is
> blocking the security form that allows them to update the tblSecurity
> object in the app.
> This works on the app.
>
> Client2's PC does not have any users set up.
> So when I launch the same "MyApp.mdb" on Client2's PC, the application
> comes up with no prompting for a user id and password and all parts of
> the app can be accessed by anyone.
>
> This leads me to believe that I have to set up groups and users ...*on
> each PC!!* Am I reading this whole process correctly here?
>
> Another wierd thing happened on client1's PC where I originally set up
> the groups/users/passwords:
> I launched an old Access 2000 app that I used for testing. It only
> had one table and one form in it, used for practice. This old app had
> absolutely no security stuff in it at all. So when I double clicked
> it, Access asked for a userid and password![/color]
Yes, because you've changed the default workgroup being used by Access.
You'd need to change it back to system.mdw. Or, even worse you've
actually changed system.mdw which is a BIG no-no!
[color=blue]
> ok...then I launched that same old little test app on Client2's PC and
> it ran just fine, with no prompting for id's/passwords.
>
> So I conclude that if I set up groups/users on the workstations of all
> 7 original users, those seven original users will have to enter a
> userid/pass not only for the current app I'm writing for them (which
> needs security) but also for **all** of the older apps they want to
> run (which never required security)
> ...this could be a problem![/color]
I think you've got several problems:) You need to create a new workgroup
and put it on your file server for everyone to share. Then, create a
shortcut to call up your database and in the shortcut pass the workgroup
file you want to use (instead of changing the default which will effect
all databases).
eg. shortcut.
"C:\Program Files\Microsoft Office 2000\Office\MSACCESS.EXE"
"C:\folder\FrontEnd.mdb" /wrkgrp "F:\shreadfolder\MyNewWorkgroup.mdw"
For more information :
Overview of securing a database:
http://support.microsoft.com/kb/254372/EN-US/
The role of workgroup files:
http://support.microsoft.com/kb/305541/EN-US/
(note: the location of the workgroup administrator has changed in later
versions... look in your office folder for it).
How to share a securied database on a network
http://support.microsoft.com/default...b;en-us;232390
Access2003 security white paper:
http://www.microsoft.com/technet/pro.../o3secdet.mspx
[color=blue]
> Finally, my question:
> How can I set up security *only for one app*, but yet allow other
> older .mdb's to run without them being prompted for a user/pass?[/color]
See above....
Just remember: Never touch the default system.mdw. Always create a new
one through the workgroup administrator and call it something else (eg.
myapp.mdw).
--
regards,
Bradley
A Christian Response
http://www.pastornet.net.au/response 
