[ OK, someone needs to increase the session timeout here ... I just spent 45 minutes or more crafting a huge explanation and when I posted it, it said I needed to login -- and then it brought me back to a blank page. Couldn't back up to the text either. Gone.... sigh ]

Anyway, here it is again... VERY briefly.

Building an ASP app for a limited number of users within a small company. Using NT authentication. To modify the MSAccess table the app works with, I need to give all these users MODIFY permissions to the folder holding the db (so it can create the ldb file) and to the mdb file itself (so it can be modified). But doing this means that these same users can also get to the mdb file directly, which I'd like to prevent, if possible. I want them to edit it, but only via the ASP app.

Do-able?

As long as you store your database in a different directory other than the directory your application is in and of course using an un-guessable name, you should be fine. If they don't know the directory of your database, then they can't modify it unless they use the application...

Why do the users have to have direct access to the DB? This is the web server making the calls to the DB, not the users. Use NT Auth to log them in, but use a separate username and password (that has modify rights) in your connection string to the DB. Show us some code.. maybe we can show you a better way...