Hi:
I have created a secured database for a client. For various reasons, I
don't want the client to have full persmissions for the database; they
aren't in the admins group. I have instead tried to create a second
group, called "localAdmin," for the admin-type person at the client. I
want this group to be able to do some basic admin-type stuff, including
adding new users and clearing passwords if users forget theirs.
I can't seem to accomplish this, though. When signing on as someone in
the LocalAdmin group, if I try to go to Tools/Security/user & group
accounts, I get the error message about not having read permissions for the
msysUserlist table and msysGroupList table. If I try to add a user via
VBA code, I get error
3033--you don't have permissions for the Tables object (code is below
for your reference).
Dim wrkDefault As Workspace
Dim usrNew As User
Dim usrTemp As User
Set wrkDefault = DBEngine.Workspaces(0)
With wrkDefault
' Create and append new User.
Set usrNew = .CreateUser(Me!username)
usrNew.pid = Me!pid
.Users.Append usrNew------------------>it fails here
the code goes on
I tried giving the localAdmin group administer permissions for the
database (which I hate to do, frankly), but even that didn't work.
Is there no way to accomplish this?
TIA
Jan 6 5119
"Jan" <ja*@stempelconsulting.com> wrote in message
news:12*************@corp.supernews.com... Hi:
I have created a secured database for a client. For various reasons, I don't want the client to have full persmissions for the database; they aren't in the admins group. I have instead tried to create a second group, called "localAdmin," for the admin-type person at the client. I want this group to be able to do some basic admin-type stuff, including adding new users and clearing passwords if users forget theirs.
I can't seem to accomplish this, though. When signing on as someone in the LocalAdmin group, if I try to go to Tools/Security/user & group accounts, I get the error message about not having read permissions for the msysUserlist table and msysGroupList table. If I try to add a user via VBA code, I get error 3033--you don't have permissions for the Tables object (code is below for your reference).
Dim wrkDefault As Workspace Dim usrNew As User Dim usrTemp As User
Set wrkDefault = DBEngine.Workspaces(0)
With wrkDefault ' Create and append new User. Set usrNew = .CreateUser(Me!username) usrNew.pid = Me!pid .Users.Append usrNew------------------>it fails here the code goes on I tried giving the localAdmin group administer permissions for the database (which I hate to do, frankly), but even that didn't work.
Is there no way to accomplish this?
TIA
Jan
In order to add and delete users, you normally need to be a member of the
admins group. However, it would be possible for you to create a workspace
with the credentials of an Administrator programatically, so that a
non-admin person just presses a button and a new user is created. One way I
do this is to create an account with the name Automation, then I can create
the workspace:
Set wks = DBEngine.CreateWorkspace("Jet", "Automation", "MyPassword",
dbUseJet)
and do whatever from there. If your application is an mde, the code is
compiled and you don't need to worry about hard-coding the password as the
code is unreadable. If it is an mdb, there is the risk that someone could
read and extract the password. However, if someone knew enough to
understand the code and extract the password, they could break in anyway as
Access user-level security is broken (ie easily crackable) and unlikely to
be fixed.
Anthony England wrote: "Jan" <ja*@stempelconsulting.com> wrote in message news:12*************@corp.supernews.com...
Hi:
I have created a secured database for a client. For various reasons, I don't want the client to have full persmissions for the database; they aren't in the admins group. I have instead tried to create a second group, called "localAdmin," for the admin-type person at the client. I want this group to be able to do some basic admin-type stuff, including adding new users and clearing passwords if users forget theirs.
I can't seem to accomplish this, though. When signing on as someone in the LocalAdmin group, if I try to go to Tools/Security/user & group accounts, I get the error message about not having read permissions for the msysUserlist table and msysGroupList table. If I try to add a user via VBA code, I get error 3033--you don't have permissions for the Tables object (code is below for your reference).
Dim wrkDefault As Workspace Dim usrNew As User Dim usrTemp As User
Set wrkDefault = DBEngine.Workspaces(0)
With wrkDefault ' Create and append new User. Set usrNew = .CreateUser(Me!username) usrNew.pid = Me!pid .Users.Append usrNew------------------>it fails here the code goes on I tried giving the localAdmin group administer permissions for the database (which I hate to do, frankly), but even that didn't work.
Is there no way to accomplish this?
TIA
Jan
In order to add and delete users, you normally need to be a member of the admins group. However, it would be possible for you to create a workspace with the credentials of an Administrator programatically, so that a non-admin person just presses a button and a new user is created. One way I do this is to create an account with the name Automation, then I can create the workspace:
Set wks = DBEngine.CreateWorkspace("Jet", "Automation", "MyPassword", dbUseJet)
and do whatever from there. If your application is an mde, the code is compiled and you don't need to worry about hard-coding the password as the code is unreadable. If it is an mdb, there is the risk that someone could read and extract the password. However, if someone knew enough to understand the code and extract the password, they could break in anyway as Access user-level security is broken (ie easily crackable) and unlikely to be fixed.
Hi:
Thanks for the quick reply. Let me get this straight:
I need to create a user called "automation" in the admins group, give it
a password ("mypass"), and then in the code for creating a user, instead
of the
Set wrkDefault = DBEngine.Workspaces(0)
I would use
Set wrkDefault
=DBEngine.createWorkspaces("jet","automation","myp ass",dbusejet)
and then that would allow the non-admin user to add new users?
Please let me know if I've missed something.
Also, how would they clear passwords? I haven't been able to figure out
how to do that programmatically; the VBA way to do it seems to require
one to know the old password in order to change it to blank; but if the
user has forgotten their pass, you can't go that way. I had expected
the "localAdmin" folks to just go through the tools/security/user &
group accounts menus, but they can't do that unless they're in the
admins group. Any thoughts?
Jan
"Jan" <ja*@stempelconsulting.com> wrote in message
news:12*************@corp.supernews.com...
Anthony England wrote: "Jan" <ja*@stempelconsulting.com> wrote in message news:12*************@corp.supernews.com...
Hi:
I have created a secured database for a client. For various reasons, I don't want the client to have full persmissions for the database; they aren't in the admins group. I have instead tried to create a second group, called "localAdmin," for the admin-type person at the client. I want this group to be able to do some basic admin-type stuff, including adding new users and clearing passwords if users forget theirs.
I can't seem to accomplish this, though. When signing on as someone in the LocalAdmin group, if I try to go to Tools/Security/user & group accounts, I get the error message about not having read permissions for the msysUserlist table and msysGroupList table. If I try to add a user via VBA code, I get error 3033--you don't have permissions for the Tables object (code is below for your reference).
Dim wrkDefault As Workspace Dim usrNew As User Dim usrTemp As User
Set wrkDefault = DBEngine.Workspaces(0)
With wrkDefault ' Create and append new User. Set usrNew = .CreateUser(Me!username) usrNew.pid = Me!pid .Users.Append usrNew------------------>it fails here the code goes on I tried giving the localAdmin group administer permissions for the database (which I hate to do, frankly), but even that didn't work.
Is there no way to accomplish this?
TIA
Jan
In order to add and delete users, you normally need to be a member of the admins group. However, it would be possible for you to create a workspace with the credentials of an Administrator programatically, so that a non-admin person just presses a button and a new user is created. One way I do this is to create an account with the name Automation, then I can create the workspace:
Set wks = DBEngine.CreateWorkspace("Jet", "Automation", "MyPassword", dbUseJet)
and do whatever from there. If your application is an mde, the code is compiled and you don't need to worry about hard-coding the password as the code is unreadable. If it is an mdb, there is the risk that someone could read and extract the password. However, if someone knew enough to understand the code and extract the password, they could break in anyway as Access user-level security is broken (ie easily crackable) and unlikely to be fixed. Hi:
Thanks for the quick reply. Let me get this straight:
I need to create a user called "automation" in the admins group, give it a password ("mypass"), and then in the code for creating a user, instead of the Set wrkDefault = DBEngine.Workspaces(0) I would use Set wrkDefault =DBEngine.createWorkspaces("jet","automation","myp ass",dbusejet) and then that would allow the non-admin user to add new users?
Please let me know if I've missed something.
Also, how would they clear passwords? I haven't been able to figure out how to do that programmatically; the VBA way to do it seems to require one to know the old password in order to change it to blank; but if the user has forgotten their pass, you can't go that way. I had expected the "localAdmin" folks to just go through the tools/security/user & group accounts menus, but they can't do that unless they're in the admins group. Any thoughts?
Jan
That's basically it. Clearing password simply means that you set the
password to a zero-length string. As to providing the original password,
that is the point of programatically creating a new workspace as a member of
the admins group. If you are in the admins group, you don't need to know
the old password to change it to a new one.
In the example below, I use a blank string for the old password:
usr.NewPassword "", strNewPwd
but since the old password isn't even looked at, I could have written
either:
usr.NewPassword strNewPwd, strNewPwd
or
usr.NewPassword "AbsoluteNonsense", strNewPwd
However, it doesn't really help readability.
Public Function ResetPassword(strUserName As String, _
strNewPwd As String) As Boolean
On Error GoTo Err_Handler
Dim wks As DAO.Workspace
Dim usr As DAO.User
Set wks = DBEngine.CreateWorkspace("Jet", "Automation", _
"MyPassword", dbUseJet)
Set usr = wks.Users(strUserName)
usr.NewPassword "", strNewPwd
ResetPassword = True
Exit_Handler:
If Not usr Is Nothing Then
Set usr = Nothing
End If
If Not wks Is Nothing Then
wks.Close
Set wks = Nothing
End If
Exit Function
Err_Handler:
Select Case Err.Number
Case 3029 ' Invalid account or password - error with our secret account
MsgBox "Unable to change password", _
vbExclamation, "Password Error"
Case 3033 ' Account has insufficient permissions - error with our secret
account
MsgBox "Unable to change password", _
vbExclamation, "Password Error"
Case 3265 ' strUserName relates to a non-existant user
MsgBox "Cannot locate user: " & strUserName, _
vbExclamation, "Password Error"
Case Else
MsgBox Err.Description, vbExclamation, "Error No: " & Err.Number
End Select
Resume Exit_Handler
End Function
Thanks, Anthony. I'm going to try it (I hope I can squeeze in time
today but it might be tomorrow) and will let you know how it goes.
Jan
Anthony England wrote: "Jan" <ja*@stempelconsulting.com> wrote in message news:12*************@corp.supernews.com...
Anthony England wrote:
"Jan" <ja*@stempelconsulting.com> wrote in message news:12*************@corp.supernews.com...
Hi:
I have created a secured database for a client. For various reasons, I don't want the client to have full persmissions for the database; they aren't in the admins group. I have instead tried to create a second group, called "localAdmin," for the admin-type person at the client. I want this group to be able to do some basic admin-type stuff, including adding new users and clearing passwords if users forget theirs.
I can't seem to accomplish this, though. When signing on as someone in the LocalAdmin group, if I try to go to Tools/Security/user & group accounts, I get the error message about not having read permissions for the msysUserlist table and msysGroupList table. If I try to add a user via VBA code, I get error 3033--you don't have permissions for the Tables object (code is below for your reference).
Dim wrkDefault As Workspace Dim usrNew As User Dim usrTemp As User
Set wrkDefault = DBEngine.Workspaces(0)
With wrkDefault ' Create and append new User. Set usrNew = .CreateUser(Me!username) usrNew.pid = Me!pid .Users.Append usrNew------------------>it fails here the code goes on I tried giving the localAdmin group administer permissions for the database (which I hate to do, frankly), but even that didn't work.
Is there no way to accomplish this?
TIA
Jan
In order to add and delete users, you normally need to be a member of the admins group. However, it would be possible for you to create a workspace with the credentials of an Administrator programatically, so that a non-admin person just presses a button and a new user is created. One way I do this is to create an account with the name Automation, then I can create the workspace:
Set wks = DBEngine.CreateWorkspace("Jet", "Automation", "MyPassword", dbUseJet)
and do whatever from there. If your application is an mde, the code is compiled and you don't need to worry about hard-coding the password as the code is unreadable. If it is an mdb, there is the risk that someone could read and extract the password. However, if someone knew enough to understand the code and extract the password, they could break in anyway as Access user-level security is broken (ie easily crackable) and unlikely to be fixed.
Hi:
Thanks for the quick reply. Let me get this straight:
I need to create a user called "automation" in the admins group, give it a password ("mypass"), and then in the code for creating a user, instead of the Set wrkDefault = DBEngine.Workspaces(0) I would use Set wrkDefault =DBEngine.createWorkspaces("jet","automation","myp ass",dbusejet) and then that would allow the non-admin user to add new users?
Please let me know if I've missed something.
Also, how would they clear passwords? I haven't been able to figure out how to do that programmatically; the VBA way to do it seems to require one to know the old password in order to change it to blank; but if the user has forgotten their pass, you can't go that way. I had expected the "localAdmin" folks to just go through the tools/security/user & group accounts menus, but they can't do that unless they're in the admins group. Any thoughts?
Jan
That's basically it. Clearing password simply means that you set the password to a zero-length string. As to providing the original password, that is the point of programatically creating a new workspace as a member of the admins group. If you are in the admins group, you don't need to know the old password to change it to a new one. In the example below, I use a blank string for the old password: usr.NewPassword "", strNewPwd
but since the old password isn't even looked at, I could have written either: usr.NewPassword strNewPwd, strNewPwd or usr.NewPassword "AbsoluteNonsense", strNewPwd
However, it doesn't really help readability.
Public Function ResetPassword(strUserName As String, _ strNewPwd As String) As Boolean
On Error GoTo Err_Handler
Dim wks As DAO.Workspace Dim usr As DAO.User
Set wks = DBEngine.CreateWorkspace("Jet", "Automation", _ "MyPassword", dbUseJet)
Set usr = wks.Users(strUserName)
usr.NewPassword "", strNewPwd
ResetPassword = True
Exit_Handler:
If Not usr Is Nothing Then Set usr = Nothing End If
If Not wks Is Nothing Then wks.Close Set wks = Nothing End If
Exit Function
Err_Handler:
Select Case Err.Number
Case 3029 ' Invalid account or password - error with our secret account MsgBox "Unable to change password", _ vbExclamation, "Password Error"
Case 3033 ' Account has insufficient permissions - error with our secret account MsgBox "Unable to change password", _ vbExclamation, "Password Error"
Case 3265 ' strUserName relates to a non-existant user MsgBox "Cannot locate user: " & strUserName, _ vbExclamation, "Password Error"
Case Else MsgBox Err.Description, vbExclamation, "Error No: " & Err.Number
End Select
Resume Exit_Handler
End Function
It all worked beautifully. Thanks so much for the help.
Jan
Jan wrote: Thanks, Anthony. I'm going to try it (I hope I can squeeze in time today but it might be tomorrow) and will let you know how it goes.
Jan
Anthony England wrote:
"Jan" <ja*@stempelconsulting.com> wrote in message news:12*************@corp.supernews.com...
Anthony England wrote:
"Jan" <ja*@stempelconsulting.com> wrote in message news:12*************@corp.supernews.com...
> Hi: > > I have created a secured database for a client. For various > reasons, I don't want the client to have full persmissions for > the database; they aren't in the admins group. I have instead > tried to create a second group, called "localAdmin," for the > admin-type person at the client. I want this group to be able > to do some basic admin-type stuff, including adding new users > and clearing passwords if users forget theirs. > > I can't seem to accomplish this, though. When signing on as > someone in the LocalAdmin group, if I try to go to > Tools/Security/user & group accounts, I get the error message > about not having read permissions for the msysUserlist table > and msysGroupList table. If I try to add a user via VBA code, > I get error 3033--you don't have permissions for the Tables > object (code is below for your reference). > > Dim wrkDefault As Workspace Dim usrNew As User Dim usrTemp As > User > > Set wrkDefault = DBEngine.Workspaces(0) > > With wrkDefault ' Create and append new User. Set usrNew = > .CreateUser(Me!username) usrNew.pid = Me!pid .Users.Append > usrNew------------------>it fails here the code goes on I tried > giving the localAdmin group administer permissions for the > database (which I hate to do, frankly), but even that didn't > work. > > Is there no way to accomplish this? > > TIA > > Jan In order to add and delete users, you normally need to be a member of the admins group. However, it would be possible for you to create a workspace with the credentials of an Administrator programatically, so that a non-admin person just presses a button and a new user is created. One way I do this is to create an account with the name Automation, then I can create the workspace:
Set wks = DBEngine.CreateWorkspace("Jet", "Automation", "MyPassword", dbUseJet)
and do whatever from there. If your application is an mde, the code is compiled and you don't need to worry about hard-coding the password as the code is unreadable. If it is an mdb, there is the risk that someone could read and extract the password. However, if someone knew enough to understand the code and extract the password, they could break in anyway as Access user-level security is broken (ie easily crackable) and unlikely to be fixed.
Hi:
Thanks for the quick reply. Let me get this straight:
I need to create a user called "automation" in the admins group, give it a password ("mypass"), and then in the code for creating a user, instead of the Set wrkDefault = DBEngine.Workspaces(0) I would use Set wrkDefault =DBEngine.createWorkspaces("jet","automation","myp ass",dbusejet) and then that would allow the non-admin user to add new users?
Please let me know if I've missed something.
Also, how would they clear passwords? I haven't been able to figure out how to do that programmatically; the VBA way to do it seems to require one to know the old password in order to change it to blank; but if the user has forgotten their pass, you can't go that way. I had expected the "localAdmin" folks to just go through the tools/security/user & group accounts menus, but they can't do that unless they're in the admins group. Any thoughts?
Jan
That's basically it. Clearing password simply means that you set the password to a zero-length string. As to providing the original password, that is the point of programatically creating a new workspace as a member of the admins group. If you are in the admins group, you don't need to know the old password to change it to a new one. In the example below, I use a blank string for the old password: usr.NewPassword "", strNewPwd
but since the old password isn't even looked at, I could have written either: usr.NewPassword strNewPwd, strNewPwd or usr.NewPassword "AbsoluteNonsense", strNewPwd
However, it doesn't really help readability.
Public Function ResetPassword(strUserName As String, _ strNewPwd As String) As Boolean
On Error GoTo Err_Handler
Dim wks As DAO.Workspace Dim usr As DAO.User
Set wks = DBEngine.CreateWorkspace("Jet", "Automation", _ "MyPassword", dbUseJet)
Set usr = wks.Users(strUserName)
usr.NewPassword "", strNewPwd
ResetPassword = True
Exit_Handler:
If Not usr Is Nothing Then Set usr = Nothing End If
If Not wks Is Nothing Then wks.Close Set wks = Nothing End If
Exit Function
Err_Handler:
Select Case Err.Number
Case 3029 ' Invalid account or password - error with our secret account MsgBox "Unable to change password", _ vbExclamation, "Password Error"
Case 3033 ' Account has insufficient permissions - error with our secret account MsgBox "Unable to change password", _ vbExclamation, "Password Error"
Case 3265 ' strUserName relates to a non-existant user MsgBox "Cannot locate user: " & strUserName, _ vbExclamation, "Password Error"
Case Else MsgBox Err.Description, vbExclamation, "Error No: " & Err.Number
End Select
Resume Exit_Handler
End Function
"Jan" <ja*@stempelconsulting.com> wrote in message
news:12*************@corp.supernews.com... It all worked beautifully. Thanks so much for the help.
Jan
Cool.
Thanks for letting us know. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: |
last post by:
Looking for a way for users to change their passwords on
local accounts. I followed this KB article, 306271, and
it worked as far as adding a new user. I tried to modify
it to do password...
|
by: HNguyen |
last post by:
Hi,
I have a Web application in ASP.NET. My Application allows the users upload
files into the server after checking their user names and passwords. For
each transaction, the Web program will...
|
by: 4site |
last post by:
Happy New Year and all that!
I'd like to write a short PHP script that will allow users to alter
their virtual server password via a secure web form. I had hoped that
I might be able to call...
|
by: antonyliu2002 |
last post by:
I am not sure how to google this concept.
Basically, what I wanna do is to direct different users to different
pages. I do not have a whole lot users.
For example, if user name 'tomcat'...
|
by: Terry Holland |
last post by:
I have an intranet application that comprises an ASP.Net application
connecting to a SQL Server DB
The application has 150 users. At the moment I am connecting using the
following setup
I have...
|
by: usafshah |
last post by:
Is there any simple way to change all the passwords for an Organization Unit or users in a group at once?
I want to set same passwords to all users !
|
by: postmanpat |
last post by:
i have to create a login form that validates the users and passwords from a text file. I have another function that can add new users and passwords by writing to a test file split by a delimiter. But...
|
by: =?Utf-8?B?R2hpc3Rvcw==?= |
last post by:
Hi,
I collect hashed password in my BD. I give the opportunity to the user to
reset his password with the PasswordRecovery control. But, when he receive it
, it is a series fo strange characters...
|
by: harshadd |
last post by:
I want to replicate users (with there passwords and home directories) on diff Linux server, reason is I have a working setup of ssh and vsftp which is being used by many users who are not contactable...
|
by: DolphinDB |
last post by:
Tired of spending countless mintues downsampling your data? Look no further!
In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: jfyes |
last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
|
by: ArrayDB |
last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Shællîpôpï 09 |
last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
|
by: af34tf |
last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
| |