Results 1 to 5 of 5
  1. #1
    Join Date
    Sep 2004
    Location
    Rio Bravo, Mexico
    Posts
    27

    Exclamation Unanswered: Need some advice

    Hi guys, I need some advice as to what would be the best security approach to take when deploying an Access application.

    I'm about to distribute an application that I have been working on for the past year and half, and I just can't decide if to distribute it as an MDE or MDB.

    I know that if distributed as an MDE, basically no one can make any changes to the code, forms, reports, etc. but if I understand correctly there is no way to update forms, reports, etc in case there is a bug found.

    On the other hand, if distributed as MDB and protecting it by setting up Administrator password, I do have the update option available but, there is a big chance someone cracking the password and therefore having access to everything.
    Now, I am not worried about the end user, but I do worry about some one out there with enough Access experience that may take advantage of it.

    I have gone through the process of protecting my investment with Copy Right, but still have not decided which way to go.

    Im leaning towards MDB distribution and take that chance in order to have the ability to update/patch just in case.

    Need your advice here.

    Thanks
    Carlos

  2. #2
    Join Date
    Sep 2004
    Location
    Raleigh, NC
    Posts
    146
    I'm no expert on Access security, but I do know that this website has an exhaustive FAQ on just this topic. It might contain some insight to help you make the right decision. http://support.microsoft.com/default...t%2Fsecfaq.asp

  3. #3
    Join Date
    Sep 2004
    Location
    Raleigh, NC
    Posts
    146
    Quote Originally Posted by smacdonaldnc
    I'm no expert on Access security, but I do know that this website has an exhaustive FAQ on just this topic. It might contain some insight to help you make the right decision. http://support.microsoft.com/default...t%2Fsecfaq.asp
    I believe it runs through A2k.

  4. #4
    Join Date
    Sep 2004
    Location
    Rio Bravo, Mexico
    Posts
    27
    eventhough it only runs through 2k, still very good information, thanks guys

    Carlos

  5. #5
    Join Date
    Nov 2004
    Location
    out on a limb
    Posts
    13,692
    Provided Answers: 59
    In short do both
    deploy the application (& data) to the user desktops by using MDE's, remembering to keep a master copy of the original as a MDB
    deploy sedcurity within the application using workgroup security, remembering to retain all rights to administrator, remove all rights from user "ADMIN", or make user "ADMIN" the lowest form of user life in your application. The real pain in the .... with access workgroups is if your network goes down, or there's a problem with the directory where the workgroup file is located dissappeears then Access automaitcally creates a new workgroup file on a local drive. So you also need to force the users to use a specified workgroup, offhand i think its /w<filename> on a desktop shortcut.
    Word of warning if you are just starting off on the deployment of security take plenty of backups, and be prepared to loose many hours of sleep / time etc as things go wrong. The security model in access is very effective but its easy to screw it up. I would also not be tempted to micromanage security, unless you arew working on a tremendously complex application (if so you're almost certainly using a client server model rather than JET's file server modeland you'll be using the server security (won't you?)) then allocate users to groups, and permsisions to groups.
    If in doubt buy some decent books - I've always found the Access Developers Handbooks by Gertz, Litwin & Gilbert published by Sybex worthwhile. No I'm not on commission (wish I was)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •