473,320 Members | 1,958 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Tony's AutoUpdater Question

Bri
I've just started checking this out. I've got it to work alright with
one exception. It is a secured MDE, so I've setup all the INI file
options for it. The problem is that the UserID I setup for it to use to
do the version test, seems to need more than the claimed 'minimum
rights'. I haven't figured out what specifically it needs rights to, but
it is somewhere between our base level (does not have access to
sensitive data) and our Manager level (has everything except
Administrate rights). I would like this ID to have ONLY what is required
to do its function. Does anyone know what it is?

Thanks!

--
Bri

Dec 28 '06 #1
6 1499
Bri
Does nobody have any ideas on this?

Bri wrote:
I've just started checking this out. I've got it to work alright with
one exception. It is a secured MDE, so I've setup all the INI file
options for it. The problem is that the UserID I setup for it to use to
do the version test, seems to need more than the claimed 'minimum
rights'. I haven't figured out what specifically it needs rights to, but
it is somewhere between our base level (does not have access to
sensitive data) and our Manager level (has everything except
Administrate rights). I would like this ID to have ONLY what is required
to do its function. Does anyone know what it is?

Thanks!

--
Bri
Dec 29 '06 #2
Hi, Bri.
Does nobody have any ideas on this?
Not many folks are using User-Level Security, and information given is rather
vague, so I suspect that's why no one has responded yet.
>The problem is that the UserID I setup for it to use to do the version test,
seems to need more than the claimed 'minimum rights'.
I suspect folks may be asking the following questions: Is that a Windows User
ID or an Access User ID? Who's claim? Is there a list somewhere of what these
"minimum rights" are? Can you give us a link to it?
>I would like this ID to have ONLY what is required to do its function. Does
anyone know what it is?
Just for Access User-Level Security? Or Windows security? On the database
file? On the INI file? On Tony's AutoFE?

If it's Access User-Level Security you're asking about, then the user should be
assigned to a group that has permission to open the database (possibly
exclusively if that's what your application requires), and the group has
permissions to open/run whatever forms and reports the group needs. The group
shouldn't have any permissions to open tables, or read or modify their designs,
or permissions to update, add, or delete data in those tables. For queries, the
group should only be able to run the RWOP queries, not alter them.

Unless, of course, the user is a member of the Admins group. This group has
permissions on everything.

HTH.
Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips and tutorials.
http://www.Access.QBuilt.com/html/ex...ributors2.html for contact info.
"Bri" <no*@here.comwrote in message news:zmglh.530035$1T2.444736@pd7urf2no...
Does nobody have any ideas on this?

Bri wrote:
>I've just started checking this out. I've got it to work alright with one
exception. It is a secured MDE, so I've setup all the INI file options for
it. The problem is that the UserID I setup for it to use to do the version
test, seems to need more than the claimed 'minimum rights'. I haven't figured
out what specifically it needs rights to, but it is somewhere between our
base level (does not have access to sensitive data) and our Manager level
(has everything except Administrate rights). I would like this ID to have
ONLY what is required to do its function. Does anyone know what it is?

Thanks!

--
Bri

Dec 31 '06 #3
Oh, and I forgot to add, for User-Level Security, no individual user should be
given permissions on anything, not even to open the database. All permissions
should be granted to the group he belongs to. And the default Users group
shouldn't have any permissions, either.

HTH.
Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips and tutorials.
http://www.Access.QBuilt.com/html/ex...ributors2.html for contact info.
"'69 Camaro" <Fo**************************@Spameater.orgZERO_SP AMwrote in
message news:Ko******************************@adelphia.com ...
Hi, Bri.
> Does nobody have any ideas on this?

Not many folks are using User-Level Security, and information given is rather
vague, so I suspect that's why no one has responded yet.
>>The problem is that the UserID I setup for it to use to do the version test,
seems to need more than the claimed 'minimum rights'.

I suspect folks may be asking the following questions: Is that a Windows User
ID or an Access User ID? Who's claim? Is there a list somewhere of what
these "minimum rights" are? Can you give us a link to it?
>>I would like this ID to have ONLY what is required to do its function. Does
anyone know what it is?

Just for Access User-Level Security? Or Windows security? On the database
file? On the INI file? On Tony's AutoFE?

If it's Access User-Level Security you're asking about, then the user should
be assigned to a group that has permission to open the database (possibly
exclusively if that's what your application requires), and the group has
permissions to open/run whatever forms and reports the group needs. The group
shouldn't have any permissions to open tables, or read or modify their
designs, or permissions to update, add, or delete data in those tables. For
queries, the group should only be able to run the RWOP queries, not alter
them.

Unless, of course, the user is a member of the Admins group. This group has
permissions on everything.

HTH.
Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips and tutorials.
http://www.Access.QBuilt.com/html/ex...ributors2.html for contact info.
"Bri" <no*@here.comwrote in message
news:zmglh.530035$1T2.444736@pd7urf2no...
> Does nobody have any ideas on this?

Bri wrote:
>>I've just started checking this out. I've got it to work alright with one
exception. It is a secured MDE, so I've setup all the INI file options for
it. The problem is that the UserID I setup for it to use to do the version
test, seems to need more than the claimed 'minimum rights'. I haven't
figured out what specifically it needs rights to, but it is somewhere
between our base level (does not have access to sensitive data) and our
Manager level (has everything except Administrate rights). I would like this
ID to have ONLY what is required to do its function. Does anyone know what
it is?

Thanks!

--
Bri


Dec 31 '06 #4
Bri
'69 Camaro wrote:
Hi, Bri.

>Does nobody have any ideas on this?


Not many folks are using User-Level Security, and information given is rather
vague, so I suspect that's why no one has responded yet.
If you have used Tony's Updater on a MDE with Workgroup security, then
the questions are not vague. I suppose they could seem so to those that
haven't.
>>>The problem is that the UserID I setup for it to use to do the version test,
seems to need more than the claimed 'minimum rights'.


I suspect folks may be asking the following questions: Is that a Windows User
ID or an Access User ID? Who's claim? Is there a list somewhere of what these
"minimum rights" are? Can you give us a link to it?
Access UserID. The claim I refer to are in Tony's INI file descripter in
the Workgroup security section.
http://www.granite.ab.ca/access/autofe/inifile.htm

"MDWUser=AccessUsername
This needs to be an Access account which can have very limited rights to
the front end MDB."

I cannot get it to work with limited rights, only with admin rights. I
suspect there is a specific right it needs to have to work.
>>>I would like this ID to have ONLY what is required to do its function. Does
anyone know what it is?


Just for Access User-Level Security? Or Windows security? On the database
file? On the INI file? On Tony's AutoFE?
See above.
If it's Access User-Level Security you're asking about <snip>
It wasn't. I think I have a handle on the security of the MDE itself, I
just don't know what the Updater is trying to access that it doesn't get
permissions for unless I grant admin, which I don't want to do. That's
too big a hammer for this nail. :D
>
HTH.
Gunny
Not yet, but I hope eventually. :)
"Bri" <no*@here.comwrote in message news:zmglh.530035$1T2.444736@pd7urf2no...
>Does nobody have any ideas on this?

Bri wrote:
>>>I've just started checking this out. I've got it to work alright with one
exception. It is a secured MDE, so I've setup all the INI file options for
it. The problem is that the UserID I setup for it to use to do the version
test, seems to need more than the claimed 'minimum rights'. I haven't figured
out what specifically it needs rights to, but it is somewhere between our
base level (does not have access to sensitive data) and our Manager level
(has everything except Administrate rights). I would like this ID to have
ONLY what is required to do its function. Does anyone know what it is?

Thanks!

--
Bri
Jan 2 '07 #5
Hi, Bri.
If you have used Tony's Updater on a MDE with Workgroup security, then the
questions are not vague. I suppose they could seem so to those that haven't.
Those are precisely the folks reading your question. It was a holiday week,
followed by a holiday weekend when you posted your question and follow up. Many
of the folks who regularly browse this newsgroup were busy with holiday cheer,
not chained to their computers. It would be very difficult this time of year to
find someone who is familiar with all three of those items on your list _and_
who answers questions in this newsgroup. Perhaps now that most folks are back
to work this morning, more will respond to your question.
I cannot get it to work with limited rights, only with admin rights.
Either the AutoFE can't decypher the encrypted password for this "limited
rights" user, or this "limited rights" user is a member of a group that has
doesn't have enough permissions to open/run the database (or open the database
exclusively if that's the requirement). Or it's one of the myriad of other
problems Access developers new to User-Level Security often encounter when
deploying databases in a multiuser environment after they've skipped a step or
three, but you already ruled that out by manually logging into the secure
database as the limited user with that particular workgroup file on one of the
user's workstations. Or did you? (Yes, a Windows shortcut which includes the
workgroup file can be used for this test instead.)

HTH.
Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips and tutorials.
http://www.Access.QBuilt.com/html/ex...ributors2.html for contact info.
"Bri" <no*@here.comwrote in message news:8Rmmh.546873$5R2.274715@pd7urf3no...
'69 Camaro wrote:
>Hi, Bri.

>>Does nobody have any ideas on this?


Not many folks are using User-Level Security, and information given is rather
vague, so I suspect that's why no one has responded yet.

If you have used Tony's Updater on a MDE with Workgroup security, then the
questions are not vague. I suppose they could seem so to those that haven't.
>>>>The problem is that the UserID I setup for it to use to do the version test,
seems to need more than the claimed 'minimum rights'.


I suspect folks may be asking the following questions: Is that a Windows
User ID or an Access User ID? Who's claim? Is there a list somewhere of
what these "minimum rights" are? Can you give us a link to it?

Access UserID. The claim I refer to are in Tony's INI file descripter in the
Workgroup security section. http://www.granite.ab.ca/access/autofe/inifile.htm

"MDWUser=AccessUsername
This needs to be an Access account which can have very limited rights to the
front end MDB."

I cannot get it to work with limited rights, only with admin rights. I suspect
there is a specific right it needs to have to work.
>>>>I would like this ID to have ONLY what is required to do its function. Does
anyone know what it is?


Just for Access User-Level Security? Or Windows security? On the database
file? On the INI file? On Tony's AutoFE?

See above.
>If it's Access User-Level Security you're asking about <snip>

It wasn't. I think I have a handle on the security of the MDE itself, I just
don't know what the Updater is trying to access that it doesn't get
permissions for unless I grant admin, which I don't want to do. That's too big
a hammer for this nail. :D
>>
HTH.
Gunny

Not yet, but I hope eventually. :)
>"Bri" <no*@here.comwrote in message
news:zmglh.530035$1T2.444736@pd7urf2no...
>>Does nobody have any ideas on this?

Bri wrote:

I've just started checking this out. I've got it to work alright with one
exception. It is a secured MDE, so I've setup all the INI file options for
it. The problem is that the UserID I setup for it to use to do the version
test, seems to need more than the claimed 'minimum rights'. I haven't
figured out what specifically it needs rights to, but it is somewhere
between our base level (does not have access to sensitive data) and our
Manager level (has everything except Administrate rights). I would like this
ID to have ONLY what is required to do its function. Does anyone know what
it is?

Thanks!

--
Bri

Jan 2 '07 #6
Bri
Hi Gunny,

'69 Camaro wrote:
Hi, Bri.

>>If you have used Tony's Updater on a MDE with Workgroup security, then the
questions are not vague. I suppose they could seem so to those that haven't.


Those are precisely the folks reading your question. It was a holiday week,
followed by a holiday weekend when you posted your question and follow up. Many
of the folks who regularly browse this newsgroup were busy with holiday cheer,
not chained to their computers. It would be very difficult this time of year to
find someone who is familiar with all three of those items on your list _and_
who answers questions in this newsgroup. Perhaps now that most folks are back
to work this morning, more will respond to your question.
I know that the timing sucked, but it was for something I was deploying
when I could guarantee that nobody at the clients was using the previous
version. I've got it working with the userID in a group that has more
right than I would like, but it is working. I would like to scale back
that userID's rights to only those required to do what it needs to do.
>>I cannot get it to work with limited rights, only with admin rights.


Either the AutoFE can't decypher the encrypted password for this "limited
rights" user, or this "limited rights" user is a member of a group that has
doesn't have enough permissions to open/run the database (or open the database
exclusively if that's the requirement). Or it's one of the myriad of other
problems Access developers new to User-Level Security often encounter when
deploying databases in a multiuser environment after they've skipped a step or
three, but you already ruled that out by manually logging into the secure
database as the limited user with that particular workgroup file on one of the
user's workstations. Or did you? (Yes, a Windows shortcut which includes the
workgroup file can be used for this test instead.)
The AutoFE has no problems with the password. I changed the group that
the userID was in and it then worked. Yes, I logged in with the userID
(that's how I set the password for it vs using DAO). A windows shortcut
with the /workgroup parameter was the way we were accessing the app
prior to moving to the AutoFE. I am not new to UserGroup security, only
to the AutoFE. I don't know what process it is doing that requires the
rights, so I don't know what rights need to be given.

Through trial and error, I have determined that the required right falls
somewhere between our standard Employee rights (ie limited access to
certain tables) and our Manager rights (all access to data but no Admin
rights). So, it isn't the admin rights that were required. I feel more
compfortable with this level than with Admin, but would still prefer
that I grant only the minimum needed.

Thanks for sticking with this. I'm assuming now that I need to contact
Tony to determine exactly what rights are needed. Maybe he's back to
work today too?

--
Bri

Jan 2 '07 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: perseus | last post by:
Tony, Don't you know where you are? A bunch of idiots are trying to control free speech on the C++ language! perseus
0
by: Vi | last post by:
Some of you might be interested in this open source AutoUpdater for ..NET "Sharp AutoUpdater provides an auto-update feature for .NET applications. Using XML configuration files, Sharp...
0
by: Vi | last post by:
Some of you might be interested in this open source AutoUpdater for ..NET "Sharp AutoUpdater provides an auto-update feature for .NET applications. Using XML configuration files, Sharp...
10
by: Nathaniel Branden | last post by:
Hello. This isn't really an Access question. I just want to know whether Tony Toews is retarded. In that vain, I have pasted down his last thirty or so posts for someone out there to respond. ...
16
by: David W. Fenton | last post by:
http://www.granite.ab.ca/access/performancefaq.htm I hope Tony doesn't mind my opening a discussion of some issues on his performance FAQ page here in the newsgroup. This is not meant as...
1
by: Mauro D. | last post by:
Hi Tony, i'm trying to develop a backend for LDAP directory in your "php developer architecture"... Have you ever try to do it? Only to know if i'm re-discovery the wheel...! Happy new year...
3
by: Don Barton | last post by:
Does anyone know if Tony Toews Auto FE updater utility work with the new Access 2007 Runtime? I am new to using the runtime, but have clients starting to ask for it. (they don't want to have to...
2
by: bobh | last post by:
Hi, I'm having an issue with Tony's Auto FE Updater I was hoping someone could help with. I need to use UNC instead of mapped drive letters her in this shop drive letters are mapped differently...
6
by: Timmy! | last post by:
Is Tony still out there? The granite site is down or gone and I've been unable to access usenet for quite some time and am using Google. Here's my problem. Tony's Auto FE Loader has worked...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.