How to set up read-only accessibility to an existing .mdb

TechBoy <ro******@msn.com> wrote:

RE: Access 2002 SP3

I have an app "App1.mdb" that has internal security built-in via a
table: tblSecurity. In this table a match is obtained to see if they
are authorized to use the app.
This application has no Jet security being used ("Users/Groups", etc.)

One of the requirements was to hide the DBWindow completely from the
users, which works fine and the DBwindow is secure from all users.
Another requirement for App1.mdb: the users need to create ad-hoc
reports in the report designer area of this app.

Is there a way to create a second .mdb "App2.mdb" that links to the
tables in App1.mdb, but with purely read-only capability?

Any counsel is appreciated.

Thank you.

To do it properly you'd need to implement obviously workgroup security.
--
regards,

Bradley

A Christian Response
http://www.pastornet.net.au/response

To do it properly you'd need to implement obviously workgroup

security<<

I have never worked with Jet security before. Is it pretty
straightforward or are there some resources that would be helpful in
walking me through setting it up?
Reason I ask is, I have my application broke up into 2 .mdb files:

MyApp.mdb and MyAppData.mdb.

The data version has all the tables only, while the other has all the
forms, controls, modules, report, etc.

MyApp.mdb has links to tables in MyAppData. Do I set up the workgroup
security in MyApp.mdb or MyAppData.mdb for the users to have pure
"read-only" accessibility to all table for creating adhoc
reports/queries?

Thanks.
*** Sent via Developersdex http://www.developersdex.com ***

RLN wrote:

To do it properly you'd need to implement obviously workgroup
security<<

I have never worked with Jet security before. Is it pretty
straightforward or are there some resources that would be helpful in
walking me through setting it up?
Reason I ask is, I have my application broke up into 2 .mdb files:

MyApp.mdb and MyAppData.mdb.

The data version has all the tables only, while the other has all the
forms, controls, modules, report, etc.

MyApp.mdb has links to tables in MyAppData. Do I set up the workgroup
security in MyApp.mdb or MyAppData.mdb for the users to have pure
"read-only" accessibility to all table for creating adhoc
reports/queries?

If you go with User Level Security you would need it on BOTH files.
Security is controlled by the workgroup file and there is only one of those
per Access session so the file you open directly and any file that is has
links to are all affected by it.

If you want ALL users to be read only you can simply place the data file in
a folder where they have read-only permissions. If you want some to be
limited to read only and others to be able to edit data, then User Level
Security is the way to go. Network permissions cannot be used for that.

--
I don't check the Email account attached
to this message. Send instead to...
RBrandt at Hunter dot com

To do it properly you'd need to implement obviously workgroup

security<<

One more thing I forgot to mention that had me concerned on this
subject.
Before, I tried to set up some user security. When I did that, my app
prompted me for a username and pass, which was fine. The only thing
wrong with that was that after I set that up on the other PC here in my
cube, every time I would launch Access (ver. 2002) on that other PC,
**any** database file I would open up (even ones created a long time
ago) would prompt me for that username and pass I had only wanted to use
for my current application I mentioned earlier in this my first reply.

So I guess my concern is when you mentioned setting up workgroup
security, I thought 'oh gee, here I go again....I'll set this up on this
2nd machine and when Access tries to open *any* .mdb, I'll be prompted
for a password."

So my hesitancy on this whole workgroup security thing is wrapped around
the fact that Access made me log in to all databases, not just the one I
really need security for.

I'll search for some info on this, but if anyone has other words of
wisdom for me, I'm still reading......
Thanks.

----------
"Perseverance - there is no substitute for hard work."
- Thomas Alva Edison

*** Sent via Developersdex http://www.developersdex.com ***

RLN wrote:

To do it properly you'd need to implement obviously workgroup
security<<

One more thing I forgot to mention that had me concerned on this
subject.
Before, I tried to set up some user security. When I did that, my app
prompted me for a username and pass, which was fine. The only thing
wrong with that was that after I set that up on the other PC here in
my cube, every time I would launch Access (ver. 2002) on that other
PC, **any** database file I would open up (even ones created a long
time ago) would prompt me for that username and pass I had only
wanted to use for my current application I mentioned earlier in this
my first reply. [snip]

That only happens if you tell the security wizard that you want to make the
new secured workgroup file your default workgroup file. Login prompts are
dictated by the workgroup, not the MDB file being opened. If you tell the
wizard to create a special shortcut for your secured app then you are only
prompted for a login when you use that shortcut.
--
I don't check the Email account attached
to this message. Send instead to...
RBrandt at Hunter dot com

Hi, Rick.

If you want ALL users to be read only you can simply place the data file in
a folder where they have read-only permissions. If you want some to be
limited to read only and others to be able to edit data, then User Level
Security is the way to go. Network permissions cannot be used for that.

Actually, they can. The trick is that you have to grant write
permissions to all users for the _folder_ in which the .mdb file
resides (so they can manipulate the .ldb file) and then set the
permissions to read-only or read/write on the .mdb file itself.

So, if you have "thing.mdb" in a folder called "foo" and two groups of
users, "ReadUsers" and "ChangeUsers", then the required permissions
are...

on the folder "foo": _both_ "ReadUsers" and "ChangeUsers" need
read/write permissions

on the file "thing.mdb": give "ChangeUsers" read/write and give
"ReadUsers" read-only permissions
Gord

Rick Brandt <ri*********@hotmail.com> wrote:

RLN wrote:

To do it properly you'd need to implement obviously workgroup
security<<
I have never worked with Jet security before. Is it pretty
straightforward or are there some resources that would be helpful in
walking me through setting it up?
Reason I ask is, I have my application broke up into 2 .mdb files:

MyApp.mdb and MyAppData.mdb.

The data version has all the tables only, while the other has all the
forms, controls, modules, report, etc.

MyApp.mdb has links to tables in MyAppData. Do I set up the
workgroup security in MyApp.mdb or MyAppData.mdb for the users to
have pure "read-only" accessibility to all table for creating adhoc
reports/queries?

If you go with User Level Security you would need it on BOTH files.
Security is controlled by the workgroup file and there is only one of
those per Access session so the file you open directly and any file
that is has links to are all affected by it.

If you want ALL users to be read only you can simply place the data
file in a folder where they have read-only permissions. If you want
some to be limited to read only and others to be able to edit data,
then User Level Security is the way to go. Network permissions
cannot be used for that.

Although to confuse things you can use two different workgroup files.
One contains your users, the other the design admins. This way there is
physically no way anyone can login to gain access to your design (tables
usually as I distribute MDE frontends). Of course my user groups have
been created exactly the same in each workgroup else it won't work.

(Although again a simple tool will break the security anyway if one was
really keen to gain access:)
--
regards,

Bradley

A Christian Response
http://www.pastornet.net.au/response