By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
458,089 Members | 1,488 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 458,089 IT Pros & Developers. It's quick & easy.

User Level Security in Access 2007

P: n/a
I realize that user level security is not available for Access
databases in the new AK27 format .accdb, and I know that I can still
utilize ULS by making my database an .mdb file.

But I'm wondering WHY Microsoft is scrapping a feature that I've
always found to be extremely useful. Surely they don't expect that
users of the new database format will no longer have a need to assign
permissions at different levels for different users! Why would they
want to make Access LESS powerful for a wide variety of uses?

So I'm thinking they must be thinking that .accdb developers will use
a different method to achieve the functionality previously offered by
ULS. Is the built-in ULS feature unnecessary because the same results
can be achieved using VBA? (Of course, there have always been some
kinds of permissions that can only be managed with VBA -- for example,
ULS can be used to set table-level permissions but not record-level
permissions.)

Also, what are the selling points of the new .accdb format? What
advantages does it have that .mdb does not? I am concerned that if I
develop a new db in the old format that future versions of Access
might not support it.

Thanks for your counsel.
Jun 27 '08 #1
Share this Question
Share on Google+
2 Replies


P: n/a
On Thu, 8 May 2008 12:51:54 -0700 (PDT), evenlater
<ev*******@gmail.comwrote:

I think they removed it because it was never very secure. In future I
will implement role-based security based on membership in Active
Directory groups.

-Tom.

>I realize that user level security is not available for Access
databases in the new AK27 format .accdb, and I know that I can still
utilize ULS by making my database an .mdb file.

But I'm wondering WHY Microsoft is scrapping a feature that I've
always found to be extremely useful. Surely they don't expect that
users of the new database format will no longer have a need to assign
permissions at different levels for different users! Why would they
want to make Access LESS powerful for a wide variety of uses?

So I'm thinking they must be thinking that .accdb developers will use
a different method to achieve the functionality previously offered by
ULS. Is the built-in ULS feature unnecessary because the same results
can be achieved using VBA? (Of course, there have always been some
kinds of permissions that can only be managed with VBA -- for example,
ULS can be used to set table-level permissions but not record-level
permissions.)

Also, what are the selling points of the new .accdb format? What
advantages does it have that .mdb does not? I am concerned that if I
develop a new db in the old format that future versions of Access
might not support it.

Thanks for your counsel.
Jun 27 '08 #2

P: n/a
In addition to what Tom has said:

For years, those of us who realized the ease with which a determined cracker
could get past ULS have been advising that if your data was worth US$150 to
you (the cost of password recovery software on the Internet) should use a
server back end for security and that compiling to .MDE would protect your
code. Now, it turns out that the ULS password recovery code can be had for
free, and there is now software, either free or inexpensive, to convert an
..MDE back into a usable .MDB.

With the new ACCDB in Access 2007, access to SharePoint data is enhanced...
it's not truly relational, with referential itegrity, but many companies are
using it, and finding Access a good front-end, just as it has been for
server DBs. And, like server DBs, it has its own data security. There are
additional datatypes, and user interface changes (the latter, you will have
to decide for yourself if it is an advantage or disadvantage). I think
you'll find a longer and more-detailed list of changes at the
http://office.microsoft.com website.

ULS has been convenient for keeping users from stumbling over their own
keystrokes, but that can be coded -- it won't be truly "secure" but will be
about as secure as ULS has turned out to be. In fact, one of my earliest
paying jobs with Access was to implement a "security lite" scheme for just
that purpose, and the client and prime contractor were worried not at all
that it was relatively easy for a knowledgeable Access user to break.

Larry Linson
Microsoft Office Access MVP

"evenlater" <ev*******@gmail.comwrote in message
news:6d**********************************@c58g2000 hsc.googlegroups.com...
>I realize that user level security is not available for Access
databases in the new AK27 format .accdb, and I know that I can still
utilize ULS by making my database an .mdb file.

But I'm wondering WHY Microsoft is scrapping a feature that I've
always found to be extremely useful. Surely they don't expect that
users of the new database format will no longer have a need to assign
permissions at different levels for different users! Why would they
want to make Access LESS powerful for a wide variety of uses?

So I'm thinking they must be thinking that .accdb developers will use
a different method to achieve the functionality previously offered by
ULS. Is the built-in ULS feature unnecessary because the same results
can be achieved using VBA? (Of course, there have always been some
kinds of permissions that can only be managed with VBA -- for example,
ULS can be used to set table-level permissions but not record-level
permissions.)

Also, what are the selling points of the new .accdb format? What
advantages does it have that .mdb does not? I am concerned that if I
develop a new db in the old format that future versions of Access
might not support it.

Thanks for your counsel.

Jun 27 '08 #3

This discussion thread is closed

Replies have been disabled for this discussion.