By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
444,124 Members | 2,208 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 444,124 IT Pros & Developers. It's quick & easy.

Security--permissions not working properly

P: n/a
I'm having trouble with security on an A97 database.

First, yes I've read the white paper several times, followed all the
directions, and got security established correctly (or so I thought). There
are two problems, however.

One just occurred in the past couple of days. I added a new feature to a form,
which is a button that pops up a new form showing some summary data. The popup
form has a query as its recordsource, and the run permissions on the query are
set to Owner. Yet when a user who has only limited permissions clicks the
button, they get the error message 3112, no read permissions on the query that
drives the form.

The other is recurring but not consistent. The main database administrator
(this is my client), who has admin permissions and thus should be able to do
everything, is occasionally thwarted in trying to do something because the
system says she doesn't have the proper permissions to do it. If she signs out
and signs in again as me (I have the same permissions as she does but I'm also
the "owner" since I designed the db), she can do whatever she likes. Frankly,
this problem isn't as big as the first one because she can in fact always just
sign in again as me and do what she needs to do, but it's annoying nonetheless.

I don't know what to do about this. Seems like maybe security is corrupted
somehow? Is there a way to rebuild it? Other ways around these issues?

TIA

Jan
Jan Stempel
Stempel Consulting
Nov 12 '05 #1
Share this Question
Share on Google+
8 Replies


P: n/a
"Janross" <ja*****@aol.com> wrote in message
news:20***************************@mb-m23.aol.com...
I'm having trouble with security on an A97 database.

First, yes I've read the white paper several times, followed all the
directions, and got security established correctly (or so I thought). There are two problems, however.

One just occurred in the past couple of days. I added a new feature to a form, which is a button that pops up a new form showing some summary data. The popup form has a query as its recordsource, and the run permissions on the query are set to Owner. Yet when a user who has only limited permissions clicks the
button, they get the error message 3112, no read permissions on the query that drives the form.

The other is recurring but not consistent. The main database administrator (this is my client), who has admin permissions and thus should be able to do everything, is occasionally thwarted in trying to do something because the
system says she doesn't have the proper permissions to do it. If she signs out and signs in again as me (I have the same permissions as she does but I'm also the "owner" since I designed the db), she can do whatever she likes. Frankly, this problem isn't as big as the first one because she can in fact always just sign in again as me and do what she needs to do, but it's annoying nonetheless.
I don't know what to do about this. Seems like maybe security is corrupted somehow? Is there a way to rebuild it? Other ways around these issues?

TIA

Jan
Jan Stempel
Stempel Consulting

Have you got any idea how long it would take you to re-set the security from
scratch? If it was a straight-forward set up, it might be under 5 minutes.
You could join the workgroup as yourself, create a new database and import
all the objects into the new one - so that the new one is unsecured. You
can now re-join the system.mdw and use a shortcut to open the database using
the other mdw file.
Start the workgroup administrator, and select a group, eg "Standard Users"
then highlight all the forms including new forms (use ctrl / shift keys to
select several forms at a time) and set Open / Run to true and the rest to
false. Then the same with Database, Tables, Reports, etc. That could take
30 seconds to set all permissions for one group. Now the next group
"Read-Only Users", etc, etc.
You may realise this already, but my point is simply to highlight the fact
that if (especially if you suspect something is wrong) then completely
re-setting security may be only take you as long as it took me to write
this.

Fletcher
Nov 12 '05 #2

P: n/a
>> I'm having trouble with security on an A97 database.

First, yes I've read the white paper several times, followed all the
directions, and got security established correctly (or so I thought).

There
are two problems, however.

One just occurred in the past couple of days. I added a new feature to a

form,
which is a button that pops up a new form showing some summary data. The

popup
form has a query as its recordsource, and the run permissions on the query

are
set to Owner. Yet when a user who has only limited permissions clicks the
button, they get the error message 3112, no read permissions on the query

that
drives the form.

The other is recurring but not consistent. The main database

administrator
(this is my client), who has admin permissions and thus should be able to

do
everything, is occasionally thwarted in trying to do something because the
system says she doesn't have the proper permissions to do it. If she

signs out
and signs in again as me (I have the same permissions as she does but I'm

also
the "owner" since I designed the db), she can do whatever she likes.

Frankly,
this problem isn't as big as the first one because she can in fact always

just
sign in again as me and do what she needs to do, but it's annoying

nonetheless.

I don't know what to do about this. Seems like maybe security is

corrupted
somehow? Is there a way to rebuild it? Other ways around these issues?

TIA

Jan
Jan Stempel
Stempel Consulting

Have you got any idea how long it would take you to re-set the security from
scratch? If it was a straight-forward set up, it might be under 5 minutes.
You could join the workgroup as yourself, create a new database and import
all the objects into the new one - so that the new one is unsecured. You
can now re-join the system.mdw and use a shortcut to open the database using
the other mdw file.
Start the workgroup administrator, and select a group, eg "Standard Users"
then highlight all the forms including new forms (use ctrl / shift keys to
select several forms at a time) and set Open / Run to true and the rest to
false. Then the same with Database, Tables, Reports, etc. That could take
30 seconds to set all permissions for one group. Now the next group
"Read-Only Users", etc, etc.

Thanks. I thought that might be the solution, just didn't know exactly how to
do it once security is established. I'll give it a try (won't be for a couple
of days though as I have to go out of town for a different client tomorrow,
then play catch-up). Will write again if it doesn't work.

Jan
Jan Stempel
Stempel Consulting
Nov 12 '05 #3

P: n/a
Janross (ja*****@aol.com) wrote:
<snip>
: I'll give it a
: try (won't be for a couple of days though as I have to go out of town
: for a different client tomorrow, then play catch-up). Will write
: again if it doesn't work.
:
: Jan
: Jan Stempel
: Stempel Consulting

I'll be curious to see any solutions -- I'm running into the same issue,
even on queries/tables where I'm the owner (no delete permissions on...
messages).
--
Please remove the under_scores if sending me mail.

Nov 12 '05 #4

P: n/a
ja*****@aol.com (Janross) wrote:
One just occurred in the past couple of days. I added a new feature to
a form, which is a button that pops up a new form showing some summary
data. The popup form has a query as its recordsource, and the run
permissions on the query are set to Owner. Yet when a user who has
only limited permissions clicks the button, they get the error message
3112, no read permissions on the query that drives the form.


Even if the query is set to Owner Access, your users *still* need
permissions to read the query. Owner Access gives owner permissions to the
underlying table, not the query itself.

HTH - Keith.
www.keithwilby.org.uk
Nov 12 '05 #5

P: n/a
ja*****@aol.com (Janross) wrote:
The other is recurring but not consistent. The main database
administrator (this is my client), who has admin permissions and thus
should be able to do everything, is occasionally thwarted in trying to
do something because the system says she doesn't have the proper
permissions to do it. If she signs out and signs in again as me (I
have the same permissions as she does but I'm also the "owner" since I
designed the db), she can do whatever she likes. Frankly, this problem
isn't as big as the first one because she can in fact always just sign
in again as me and do what she needs to do, but it's annoying
nonetheless.


I'm not sure, but this may be to do with who owns the objects. Try setting
ownership to the admin group and not a specific admin user.
Nov 12 '05 #6

P: n/a
Keith Wilby <ke*********@AwayWithYerCrap.com> wrote in message > Even if the query is set to Owner Access, your users *still* need
permissions to read the query. Owner Access gives owner permissions to the
underlying table, not the query itself.

HTH - Keith.
www.keithwilby.org.uk


And for split databases, you need to have permissions for the table
LINKS and the tables on the backend. I was having a similar 'crazy'
problem until I realized that I hadn't reset the backend tables'
security settings!
Pete
Nov 12 '05 #7

P: n/a
ps********@zombieworld.com (Pete) wrote:
And for split databases, you need to have permissions for the table
LINKS and the tables on the backend.


A fair comment in isolation, but in this context the whole point of the
Owner Access property is to give the ordinary user the same rights to the
data in your tables as the owner! It would be unusual, to say the least,
for the owner of a table to not have full permissions to the data by
default ...
Nov 12 '05 #8

P: n/a
Thanks to all for your help. In starting to do the fix that Fletcher suggested
(rebuild security) I discovered the cause of the first problem (where basic
users couldn't get to one popup form). Turns out when I set security in the
first place, I didn't give basic users read-write access to new queries, so
when I created a new form driven by a query, they didn't in fact have
permission for it! Stupid mistake, now fixed.

As for the other, more confusing problem, in which a user in the admins group
is periodically denied permission to do things, I'll have to pursue the rebuild
to see if that helps (I stopped the process since I solved the first more
pressing problem; save it for when I have more time). And since that problem
is so intermittent, it will take a while to figure out if it's fixed.

Thanks again.

Jan
Jan Stempel
Stempel Consulting
Nov 12 '05 #9

This discussion thread is closed

Replies have been disabled for this discussion.