The point is you want to secure the application, so you must secure both
front and backends. Access won't get confused...
Some tips on Access security I put together for my Blog in May follow.
--
Tony D'Ambra
Web Site: aadconsulting.c om
Web Blog: accessextra.net
Effective MS Access Security?
Did you know that:
1. You can access the Start-Up properties (such as disabling the Shift key
bypass) of an .mde through an .mdb and change each property
2. You can open an .mde with the Shift key, press Ctrl+G to open the Debug
window, press F2 to open the Object Browser, and then search all the code
modules and constants.
3. You can import all the form and report objects but not the code from an
unsecured .mde into an .mdb.
To effectively secure an Access database you MUST demote the Admin user from
the Admins group. Otherwise your database will not be secure, as Admin
cannot be removed from the Users group, and anyone using the retail
system.mdw file logs on automatically as Admin.
Securing An Access Database
1. Use the Access Workgroup Administrator (AWA), wrkgadm.exe, to create a
new workgroup (.mdw) file.
2. Join the new workgroup using the AWA.
3. Open Access and the database to be secured.
4. Using Tools, Security, User and Group Accounts..., in the User and Group
Accounts dialog:
4.1 Create a password for Admin user.
4.2 Create a new user account. This account will be the new database owner
account. For example, call the owner account DBOwner. Add "DBOwner" to all
groups, including the critical Admins group.
5. Close and re-open Access, logging on as "DbOwner", and leaving the
password blank, as you have not assigned one yet.
7. In the User and Group Accounts dialog, demote the Admin user account by
removing it from the Admins group. Now Admin is only a member of the Users
group and will have only those permissions assigned to that group by
"DBOwner".
8. Create a password for "DBOwner".
9. Close and re-open Access, logging on as "DBOwner" using the password you
created in step 8.
10. You can now start to secure the objects in you database.
Special Notes:
* A User account inherits the permissions of the Group to which it belongs.
* In Access 2000 and later, if you are not creating an .mde, you also need
to secure your code by using Password Protection in the VBA Editor.
"Ant" <an*******@virg in.net> wrote in message
news:C1******** *********@newsf e1-win.ntli.net...
I am trying to apply security to a database I have just finished. The
application is split into a back end of tables and a front end of forms
etc.
I need some users to have access to forms based on some queries but not
others. My question is do I run the security wizard in the back end DB or
the front end? If I just do the front end I seem to have more control
(Queries, individual forms etc) but what’s to stop some one just opening
the
back end DB. If I run the security wizard on the back end I can block
access to tables but not queries or forms. If I ran it in both I feel
both
me and Access would get confused
As you can probably guess it’s the first time I have applied security
levels
in a DB but I need to get it right first time. Thanks for any suggestions
