Results 1 to 3 of 3

Thread: Setup Security

  1. #1
    Join Date
    Mar 2006
    Posts
    33
    Provided Answers: 1

    Unanswered: Setup Security

    okay Guys, please guide me here,

    i know izy you will rap me on the knuckles real hard--->for not searching the forum....but im now tired have searched but am a little foxed. am out of time, the db i'm making is small, for single user on a machine(no network)-but deals in financial matters.......

    and i'm now transferred out from here and have to just finish this in two three nights (god willing) at most...btw i am in kashmir for now, and i need to do this to enable me to spare a man lot of hassales as most of my men have elementary education come from villages and computers are like..., and ofcourse since i started this i must complete it.

    the real flip is also that i love to learn access and it gives me great satisfaction and release from the hectic schedules here. Im so glad to be part of this community, wish i was here long back....to create a programme and make a pc do something other than type regular letters for snailmail!

    So here goes...

    1. I need to setup security,

    2. I want to know how can i ensure that my tables in the BE or from the FE are not seen or touched by anyone directly.

    3. Startup options should NOT be allowed to be bypassed except by only me (i have disabled everything i could from here)

    4. No one should be able to change/REPLACE the BE file apart from me

    5. Compact and close both the db and the BE every few maybe seven days without user intervention.

    6. Suggested method to distribute this db ->>>it is three files presently FE BE and mousehook.dll(from the lebans site) without the user direct access to the programe and not allowing flexibility in deleting changing the loc of the db/connected files

    7. Regular silent auto backups...?

    anyother ideas you may have...
    all help is welcome....any checklist on this....?
    and moderate experience level kinda instr please......


    thanks in adv (my fingers are crossed i think i asked too much)

    abhi

    PS
    the workgroup file if i make it and implement it, i've noticed if deleted, or access started without refering to it in the shortcut, the program resorts to the default workgroup file and security gets compromised....(this was long back msa2k2 in the yr 2k3 in another proj when i had used userlevel security wizard......should i implement it here again?)

    PPS

    forgive the typos pl.

  2. #2
    Join Date
    Apr 2004
    Location
    outside the rim
    Posts
    1,011
    holy smokes - that's a lot to do in 3 days. before I nod off (it's late here in NY) I can offer a few tidbits.

    1. I need to setup security
    There are lots of ways, from simple to complex, to do this. Due to the time constraint, I suggest using the built in security Access offers.

    2. I want to know how can i ensure that my tables in the BE or from the FE are not seen or touched by anyone directly.
    Disable the bypass (see below). Somewhere in this forum is a discussion of preventing users from linking to your tables. For the "seen" part, see my notes under item #4 below.

    3. Startup options should NOT be allowed to be bypassed except by only me (i have disabled everything i could from here)
    For the FE file, simply disable the bypass:
    Code:
    Private Sub Form_Open(Cancel As Integer)
        DisableBypass
    End Sub
    
    Sub DisableBypass()
        
        ' This little ditty will disable the bypass key.  You may want to make
        ' yourself a "back door" - some random thing you need to click and
        ' type in a hard coded password to re-enable the bypass so that you
        ' don't lock yourself out.
        ' Make sure "Allow Special Keys" is not checked in your startup box.
    
        Dim prp As Property
        
        On Error Resume Next
        CurrentDb.Properties("AllowBypassKey") = False
        If Err Then
            Err.Clear
            Set prp = CurrentDb.CreateProperty("AllowBypassKey", dbBoolean, False)
            CurrentDb.Properties.Append prp
            Set prp = Nothing
        End If
    End Sub
    For the BE File, I set it so that users in the IT group get in - everybody else gets booted. You can get rid of some of the crap that checks users security and logs access if you are the only user. This is the entire code of a form that runs on startup when the BE is opened. FYI: Special Access Keys includes Ctrl-Break, something you will want to turn off so the user doesn't simply break while the message box is up.
    Code:
    Option Compare Database
    Option Explicit
    
    Private Sub Form_Open(Cancel As Integer)
    
        Dim blIT As Boolean
        Dim rsData As DAO.Recordset
        Dim strUserID As String
        
        ' The bypass is automatically set to false when the file is opened
        SetProperties (False)
        strUserID = fnUserID
        On Error Resume Next
        ' See if the user is in the IT group
        blIT = DLookup("IT", "tblSecurity", "secUserID = '" & strUserID & "'")
        ' If an error, the user is not IT (userID not found)
        If Err Then
            Err.Clear
            blIT = False
        End If
        ' make a note
        Set rsData = CurrentDb.OpenRecordset("Select * From tblBackEnd")
        rsData.AddNew
        rsData(1) = strUserID
        If Not blIT Then
            rsData(2) = "Unauthorized user - denied access."
            MsgBox "You are not authorized to view this file.", vbOKOnly + vbCritical, "Access Denied"
        Else
            rsData(2) = "User identified as a member of IT and allowed access."
            rsData.Update
        End If
        rsData.Update
        Set rsData = Nothing
        If blIT Then DoCmd.Close Else DoCmd.Quit
    End Sub
    
    Sub SetProperties(blOp As Boolean)
    
        Dim prp As Property
        
        CurrentDb.Properties("AllowSpecialKeys") = blOp
        On Error Resume Next
        CurrentDb.Properties("AllowBypassKey") = False
        If Err Then
            Err.Clear
            Set prp = CurrentDb.CreateProperty("AllowBypassKey", dbBoolean, False)
            CurrentDb.Properties.Append prp
            Set prp = Nothing
        End If
    End Sub
    4. No one should be able to change/REPLACE the BE file apart from me
    This is not something you can control from within Access. It's a network security thing. You can't simply hide or make read only the BE, because the user will not be able to run or make changes to the data.

    Something I have done in the past is locate the files in an obscure, vanilla titled folder on the network somewhere. Each user gets a little executable that copies the FE to their temp directory and then runs it. So, even if the user finds the file in their temp directory, it locks them out (due to the disabled bypass) and they have no incling to where the BE is.

    5. Compact and close both the db and the BE every few maybe seven days without user intervention.
    Unless you are regularly deleting data, tables, etc. you should not need to compact. If you decide to do so, you are best running the compact from a seperate file (a DB technically can not compact it self - there was a thread on this topic a long time ago). All users will have to be out or it won't work anyway.

    You should put a "timeout" in your FE so that it closes automatically after a period of inactivity. There are a few ways to do that - I use a hidden form that checks every so often to see what control that has the focus. If it hasn't changed after 10 minutes, it closes the FE.

    6. Suggested method to distribute this db ->>>it is three files presently FE BE and mousehook.dll(from the lebans site) without the user direct access to the programe and not allowing flexibility in deleting changing the loc of the db/connected files
    Well, a package and deployment wizard would be nice. Sounds like you don't have time for that. Do you have visual basic? Make a little executable that does it for you.

    That's all for me - good luck!!!!!
    have fun!

    Todd S.
    click to email


    Independent Development Consultant
    Biz db & reports - SQL, Access, Crystal, Seradex and more
    Small, custom, unique programs - Office, VBA, .NET


    _________________________________________________
    Favorite message from Windows:
    There was an error displaying the previous error message

    Sadly, there was no error number to look up ...

  3. #3
    Join Date
    Mar 2006
    Posts
    33
    Provided Answers: 1
    thanks i go to work......now!
    ill keep you posted.
    Abhi
    A2K3 WinXP Prof SelfLearner

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •