Results 1 to 4 of 4
  1. #1
    Join Date
    Jun 2006
    Posts
    14

    Unanswered: DB Security in Access 2000

    I'm having a problem implementing security in my Access 2000 database. I did a search for security and found a document called SECFAQ.doc which outlined the steps to secure a database.

    I went through the security wizard, generated a workgroup information file, removed the Admin account from the Admins group, added a user to act as administrator and placed him in the Admins group, removed all rights from the Users group, and created my own User group and assigned rights to my 3 users. The security wizard generated a file called workgroup.mdw.

    The database is located on a file server which I do not own or have administrative rights. I want users to be forced to supply a username and password in order to access my database. When I access the DB from my own personal computer, I am prompted for username and password since I have the System.mdw file in my Documents and Settings/user/Microsoft/Access folder. However, when I open the database from a different computer, it opens with the default Admin user who is now a member of the Admins group, which I explicitly removed it from earlier.

    If I make a copy of the local System.mdw file and overwrite the other computer's System.mdw file, I get the correct operation...I'm required to supply a username and password.

    Is there a way to secure my database on the file-server without having to explicitly distribute the System.mdw to each user? Or am I supposed to distribute the workgroup.mdw file to users? If so, where are they supposed to put it? Since the database is located on the file server, must I have the appropriate .mdw file in the Documents and Settings... folder on the server?

    Any suggestions would be much appreciated. For the time being I've implemented a database-level password to restrict access (which I've read is pretty easily cracked). But users are still allowed Admin access to the entire database, which means they can alter my configurations (uh-oh). I don't mind if users are able to view the database's contents as they are not at all private, I just don't want random users to be have "Admin" rights to change things around.

  2. #2
    Join Date
    Sep 2003
    Location
    MI
    Posts
    3,713
    2 Ways (more possible):

    1) Put your MDW file on the network and set each user's machine to use that file for the security (using the Workgroup Administrator Utility).

    2) Make a shortcut on each client invoking the network db with the desired local/network mdw file ... It's up to you whether to put the security file on each client or just on the network.
    Back to Access ... ADO is not the way to go for speed ...

  3. #3
    Join Date
    Apr 2004
    Location
    metro Detroit
    Posts
    634
    It sounds like the database is not actually secured. If the workgroups were properly implemented, a user would not be able to open the db without going through the correct mdw file. They would get a message stating that they do not have permission to open the file.

    Try this link for a good tutorial http://www.jmhare.com/dbsecurity.htm.

  4. #4
    Join Date
    Jun 2006
    Posts
    14
    Thanks for the info. I used the methods described in the tutorial and it's working just fine.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •