Hi all,
I'm working on an access db where users need to log on to protect the data. It all works quite well, I only would like to record every log on attempt and place it in a table to audit every log on. If the user fails to log on, it should record in a table "failed to log on", if a user is locked after 3 failed logons, it should record in a table "user is locked". I made the log on screen using DAO, when a user fails to log on 3 times, a field 'lock_user' is activated and the user is locked out the database. If you would like to see the code behind this all, don't hesitate to ask.
Is there somebody who can help me built a ADO recordset to audit every log on? Does it need to be activated on the 'update event' of the form?
Thanks a lot for your help.
Regards,
Tom
2 1267
Tom, it would be activated on the on_click event when someone logs in. That way you don't have any issues of when it's going to fire.
As for the ADO part, I need more information as to what you're looking to do and what fields you already have available.
Email me on here.
Hope that helps,
Joe P.
Tom, it would be activated on the on_click event when someone logs in. That way you don't have any issues of when it's going to fire.
As for the ADO part, I need more information as to what you're looking to do and what fields you already have available.
Email me on here.
Hope that helps,
Joe P.
Hi Joe,
Thank you very much for your reply.
The login ID and password is checked when the user press 'log in' on the main form after filling in the user ID and psswrd.
I think its best that I make my code to audit the security in this part of the program because the code is already going to control the logID and psswrd in this part of the program, so I don't have to make all the user ID and password check again in the 'before update' event.
Here is the code to control access to the database, I use DAO recordset to control the access but I would like to use ADO to write every log on attempt with comments (login failed, log in ok, user locked,...) to the table tbl_security
The fields I would like to use in tbl_security are:
Username
CompName
Date&Time
Comment on log on: failed, succesfull, user locked
Thanks in advance!!
Regards,
Tom - ' Module : mod_display_menu
-
' Function : display the switchboard after checking the access and password and password expiry date
-
-
Option Compare Database
-
Option Explicit
-
Dim rsUsers As ADODB.Recordset
-
Dim fldAttempt As ADODB.Field
-
-
-
-
Sub display_menu()
-
On Error GoTo err_display_menu
-
-
-
-
'*************************************************************
-
'* Check userId and access level *
-
'*************************************************************
-
Dim access_level As Integer
-
Dim finish_Date As Date
-
Dim port_syd As String
-
Dim valid_user As Integer
-
Dim check_user As Integer
-
Dim password_period As Date
-
Dim check_password As String
-
Dim strmsg As String
-
Dim bln_lock As Boolean
-
Dim intLogonAttempts As Integer
-
Dim user_name As String
-
-
-
valid_user = 2
-
user_name = Forms!frm_main!user_id
-
-
-
-
' ***********************************************
-
' * Validate user_id *
-
' ***********************************************
-
check_user = DCount("[user_id]", "tbl_users", "user_id=forms!frm_main!user_id")
-
bln_lock = DLookup("[Control_lock]", "tbl_users", "user_id=forms!frm_main!user_id")
-
If check_user = 1 And bln_lock = False Then
-
If user_name = UserName() Then
-
valid_user = 2
-
Else: MsgBox "U hebt met een verschillende acount ingelogd in LimsFreeze en het NT netwerk, dit is niet mogelijk. Gelieve onder dezelfde acount in te loggen a.u.b.", vbCritical, "LimsFreeze Login"
-
valid_user = 0
-
Application.Quit
-
End If
-
Else
-
valid_user = 0
-
End If
-
-
-
-
-
' ********************************************************************************
-
' * Validate password *
-
' * REMARK: Changed UCase scenario to allow upper and lower case symbols *
-
' ********************************************************************************
-
If valid_user = 2 Then
-
check_password = DLookup("[passwords]", "tbl_users", "user_id=forms!frm_main!user_id")
-
If check_password = Forms!frm_main!password Then
-
valid_user = 2
-
Else
-
valid_user = 1
-
End If
-
-
End If
-
-
-
-
' **********************************************
-
' * Validate access_level *
-
' **********************************************
-
If valid_user = 2 Then
-
access_level = DLookup("[access_level]", "tbl_users", "user_id=forms!frm_main!user_id")
-
-
End If
-
-
Select Case valid_user
-
-
Case 0, 1
-
strmsg = " Access Denied" & _
-
vbCrLf & " Contact your Administrator if the problem persists. "
-
MsgBox strmsg, vbCritical, "INVALID USER ID or PASSWORD"
-
-
'Get recordset
-
Set rsUsers = New ADODB.Recordset
-
user_name = Forms!frm_main!user_id
-
-
-
'open recordset
-
rsUsers.Open "tbl_users", CurrentProject.Connection, adOpenStatic, adLockOptimistic
-
-
With rsUsers
-
'Check each record
-
While Not .EOF
-
For Each fldAttempt In .Fields
-
'check value
-
If fldAttempt.Name = "user_id" Then
-
If fldAttempt.Value = user_name Then
-
.Fields("Attempts") = .Fields("Attempts") + 1
-
intLogonAttempts = .Fields("Attempts")
-
If intLogonAttempts > 3 Then
-
MsgBox "You are locked out this database. Please contact your System Administrator.", vbCritical, "Restricted Access!"
-
.Fields("Control_lock") = True
-
'Application.Quit
-
End If
-
-
.Update
-
End If
-
End If
-
Next
-
.MoveNext
-
Wend
-
End With
-
-
-
-
rsUsers.Close
-
Set rsUsers = Nothing
-
-
'DoCmd.Quit
-
-
Case 2
-
Select Case access_level
-
-
Case 1 ' Level1 menu; System Administrator
-
' validate password expiry
-
password_period = DLookup("[password_date]", "tbl_users", "user_id = forms!frm_main!user_id")
-
If password_period < date - 30 Then
-
strmsg = " Your password has expired. You must change your password"
-
MsgBox strmsg, vbInformation, "Expired Password"
-
DoCmd.OpenForm "frm_change_password", acNormal
-
Else
-
DoCmd.OpenForm "switchboard"
-
End If
-
-
-
'Get recordset
-
Set rsUsers = New ADODB.Recordset
-
user_name = Forms!frm_main!user_id
-
-
'open recordset
-
rsUsers.Open "tbl_users", CurrentProject.Connection, adOpenStatic, adLockOptimistic
-
-
With rsUsers
-
'Check each record
-
While Not .EOF
-
For Each fldAttempt In .Fields
-
'check value
-
If fldAttempt.Name = "user_id" Then
-
If fldAttempt.Value = user_name Then
-
.Fields("Attempts") = "0"
-
intLogonAttempts = .Fields("Attempts")
-
.Update
-
End If
-
End If
-
Next
-
.MoveNext
-
Wend
-
End With
-
rsUsers.Close
-
Set rsUsers = Nothing
-
-
Case 2 ' Level2 menu; super visor acount
-
' validate password expiry
-
password_period = DLookup("[password_date]", "tbl_users", "user_id = forms!frm_main!user_id")
-
If password_period < date - 90 Then
-
strmsg = " Your password has expired. You must change your password"
-
MsgBox strmsg, vbInformation, "Expired Password"
-
DoCmd.OpenForm "frm_change_password", acNormal
-
Else
-
DoCmd.OpenForm "switchboard"
-
End If
-
-
-
'Get recordset
-
Set rsUsers = New ADODB.Recordset
-
user_name = Forms!frm_main!user_id
-
-
'open recordset
-
rsUsers.Open "tbl_users", CurrentProject.Connection, adOpenStatic, adLockOptimistic
-
-
With rsUsers
-
'Check each record
-
While Not .EOF
-
For Each fldAttempt In .Fields
-
'check value
-
If fldAttempt.Name = "user_id" Then
-
If fldAttempt.Value = user_name Then
-
.Fields("Attempts") = "0"
-
intLogonAttempts = .Fields("Attempts")
-
.Update
-
End If
-
End If
-
Next
-
.MoveNext
-
Wend
-
End With
-
rsUsers.Close
-
Set rsUsers = Nothing
-
-
Case 3 ' Level3 menu; user acount
-
' validate password expiry
-
password_period = DLookup("[password_date]", "tbl_users", "user_id = forms!frm_main!user_id")
-
If password_period < date - 90 Then
-
strmsg = " Your password has expired. You must change your password"
-
MsgBox strmsg, vbInformation, "Expired Password"
-
DoCmd.OpenForm "frm_change_password", acNormal
-
Else
-
DoCmd.OpenForm "switchboard"
-
End If
-
intLogonAttempts = 0
-
-
-
'Get recordset
-
Set rsUsers = New ADODB.Recordset
-
user_name = Forms!frm_main!user_id
-
-
'open recordset
-
rsUsers.Open "tbl_users", CurrentProject.Connection, adOpenStatic, adLockOptimistic
-
-
With rsUsers
-
'Check each record
-
While Not .EOF
-
For Each fldAttempt In .Fields
-
'check value
-
If fldAttempt.Name = "user_id" Then
-
If fldAttempt.Value = user_name Then
-
.Fields("Attempts") = "0"
-
intLogonAttempts = .Fields("Attempts")
-
.Update
-
End If
-
End If
-
Next
-
.MoveNext
-
Wend
-
End With
-
rsUsers.Close
-
Set rsUsers = Nothing
-
-
Case Else
-
strmsg = " Access Denied" & _
-
vbCrLf & " Contact your Administrator if the problem persists. "
-
MsgBox strmsg, vbInformation, "INVALID USER ID or PASSWORD"
-
End Select
-
-
End Select
-
-
exit_display_menu:
-
Exit Sub
-
-
err_display_menu:
-
MsgBox Err.decsription
-
Resume exit_display_menu
-
-
End Sub
-
-
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Xizor |
last post by:
Ok, I'm new to PHP and MySQL. I've been going through tutorials, reading the
documentation, and looking through web sites. PHP to me seems great! With
MySQL it seems even better.
However, I'm an...
|
by: Huzefa |
last post by:
I am working on a amll project in Java that includes many classes.
Each of the classes has a Logger object. I have associated a
FileHandler with
each of these Logger objects. The file is the same...
|
by: bart plessers |
last post by:
Hello,
I want to list my folders with ASP.
I use following script to achieve this:
Set oFSO = Server.CreateObject("Scripting.FileSystemObject")
Set oRoot = oFSO.GetFolder(Path)
Set oFolders =...
|
by: Ollie Riches |
last post by:
I have written a custom logging sink for the enterprise library logging
application block (June 2005). I have been able to configure it as expected
from the UI config tool (EntLibConfig.exe).
I...
|
by: Vic |
last post by:
Dear All,
I have been developing a small access database, but I am new to
security concepts with access. This is a multiuser database, I have a
table which will be written by various users...
|
by: Einar Høst |
last post by:
Hi,
I'm getting into the Trace-functionality in .NET, using it to provide some
much-needed logging across dlls in the project we're working on. However,
being a newbie, I'm wondering if some...
|
by: Marina |
last post by:
Hi,
I am trying to find the minimum security settings to allow a windows control
embedded in IE have full trust.
If I give the entire Intranet zone full trust, this works. However, this is...
|
by: A.M |
last post by:
Hi,
What would be the best approach to log different items (SQL, Exceptions,
Security, ...)
I have a simple Logging function that adds log string to the end of a text
file.
Is there any...
|
by: Rocky |
last post by:
My Access 2007 file fails to open on a machine with the 2007 Access
runtime version installed. It comes up with a Security alert message.
Is there a security setting in the Access Database that...
|
by: Cramer |
last post by:
I plan to implement an exception logging feature in an ASP.NET Web
application that writes encountered exceptions to disk. The exception data
will be stored as XML.
I am planning on having each...
|
by: DolphinDB |
last post by:
Tired of spending countless mintues downsampling your data? Look no further!
In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
|
by: ryjfgjl |
last post by:
ExcelToDatabase: batch import excel into database automatically...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: Vimpel783 |
last post by:
Hello!
Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
|
by: jfyes |
last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
|
by: ArrayDB |
last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Defcon1945 |
last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
| |