Results 1 to 11 of 11
  1. #1
    Join Date
    May 2007
    Posts
    92

    Unanswered: Secure the Microsoft Access database

    Hi everyone,

    Does anyone knows how to secure the Microsoft Access database?

    Actually, I need to put the MS Access Database in the folder. I am afraid that the user who is using the database might remove the whole MS Access..

    Is there some way to secure the MS Access Database such that it will not be remove by the other users using the database??

    Or is there some way to duplicate the Access database in another folder??

    Thank...

  2. #2
    Join Date
    Feb 2007
    Posts
    16
    Hello Steven,

    To prevent deleting the database file itself, you have to tune the security settings of the file with the operating system permissions. Access can't do this for you.

    I hope it helps.

  3. #3
    Join Date
    Dec 2004
    Location
    Madison, WI
    Posts
    3,926
    I actually clone the db using a little cloning script which adds the user login name to the mdb filename and opens that mdb. I "hide" the source mdb which it clones off of so the user never knows where it is and the user only sees the vb script to clone and open the mdb. The "source" mdb is never opened and stays safely hidden in a folder (where I also set the hidden attribute for the folder to true.)

    Other than that, I might have our network guys set up permissions on the folder itself so they can't delete files in it.
    Expert Database Programming
    MSAccess since 1.0, SQL Server since 6.5, Visual Basic (5.0, 6.0)

  4. #4
    Join Date
    May 2007
    Posts
    92

    Creating Security System in Access

    Hi Paul,

    I am trying to use the security setting in the Access.

    These are the following steps i did for the security setting in the Access

    Step 1: I go to the User-Levl Security Wizard (create the new workgroup information file)

    Step 2: I go to select the shortcut to open my security-enhanced database

    Step 3: I go to the ALL Object tab and select all

    Step 4: I go to add the new user in the security wizard (2 Admins for my case)

    Step 5: I go to select a group and assign users to the group.

    Step 6: I click the finish button.

    Step7: I double-click teh shortcut in my desktop and open the newly secured database.

    Then i got a problem on adding the group and the user. And also I encounter the problem of getting back into my database as the system seems to prohibit me for entering.

    Actually I got 2 types of Users

    Administrators and Engineers

    I want to create the security such that it will only allow the 2 types of user to enter the system..

    As for the Engineer, they only have the access right to the form and entering the data in the form (eg.booking the tool)

    While the Administrator has the full access to the system and the administrator can able to track who are the users in the system..

    Thank...

  5. #5
    Join Date
    May 2003
    Location
    Dallas
    Posts
    817
    Provided Answers: 5
    Remember that where ever the database (that is being accessed) is stored an ldb file is created as well - and this file needs (so says Microsoft - bu8t not really) to be deleted when the last user exits the db. So in order to prevent delete permissions from the mdb and still delete the ldb file those two options are the bes

    1)permissions and roles at eh file folder/file level via windows
    2)or Storm's solution (a very good one) do it via the clone or two tiering so to speak.

    I do have on question - why would you give someonme access to data that you may think will delete the entire container to begin with - sounds like they just need to read printed reports. (kidding)
    Dale Houston, TX

  6. #6
    Join Date
    Dec 2004
    Location
    Madison, WI
    Posts
    3,926
    One thing we do at work when we create an mdw (security) type file is create shortcuts to the mdb file which utilize the /wrkgroup and mdw file in the shortcut. I'm not sure if this is your situation as my experience with Access security is limited (I mostly work with SQL Server security.)

    Since I downloaded an mdw security "hacking" file and was able to see all the users in the mdw (with their passwords), I've been hesitant to use this approach. When I first started working with an mdb file which was "secured" via an mdw file, no one gave me any of the user names and passwords to get access to it. I used my little hacking tool and found the admin user name and password and that was all I needed to get access. Given that SQL Server may not be an option, I still think establishing security via SQL Server with an mde front-end is the best method.

    I was also given an mdb file where someone had disabled using the shift key. For this I used a little program I had which changed the startup of the mdb file and that was all there was to hacking that.

    To me, the lines of defense on security are:
    1. Establishing permissions to the folders.
    2. Establishing permissions in SQL Server.
    3. Hiding the source mde file and only making the vb script to launch the mde visible.
    4. Locking the front-end with a good design approach which prevents the user from getting behind the scenes. Establishing a "security" table which prevents users from doing certain things in the front-end.
    5. Making the mdb file an mde file to prevent any access to the code.
    6. Audit log type tables to track data changes with date/times and user names on what was changed.
    Last edited by pkstormy; 08-25-07 at 20:19.
    Expert Database Programming
    MSAccess since 1.0, SQL Server since 6.5, Visual Basic (5.0, 6.0)

  7. #7
    Join Date
    May 2003
    Location
    Dallas
    Posts
    817
    Provided Answers: 5

    Mdw

    I am not sure Paul - but there is a good chance you were looking at a system.mdw file ( I came to that conclusion because you mentioned admin user.)

    the trick is to develop in an mdw that is not the system file
    then create the users and pernissions (but I truly like the windows security)

    Once you have tested the application - recreate the users and pids in a new workgroup leaving out the master developer / user ID

    without that user and PID I do not think that someone could hack the mdw searching for that missing user and missing pid - I could be wrong but I think that does work at that level security. I must admit though that if security is of the upmost importance - than windows security and SQL server backend is the way to go.
    Dale Houston, TX

  8. #8
    Join Date
    Dec 2004
    Location
    Madison, WI
    Posts
    3,926

    Utility to crack an mdw

    No - I'm positive it wasn't the system.mdw file. The utility I have let's you specify the specific mdw file so I know it was not the system.mdw file and I "cracked" several different mdw files using it.

    Here's the utility and you'll see you can crack ANY mdw file with it (at least any that I've seen so far.) - You don't need to search for specific PID's - just browse for the mdw file and it lists all of the PID's with their passwords in that mdw file.

    Of course you still need to setup your user and reference the specific mdw in the shortcut using the /wrkgrp and mdw file otherwise you'll get the "Records cannot be read, no permissions on 'MSysObjects'" permissions problem. But once you set up the shortcut to get into it, simply use any of the user names and passwords you found using this utility and you'll see that you can use any of them to get into it with any permissions.
    Attached Files Attached Files
    Last edited by pkstormy; 08-27-07 at 11:39.
    Expert Database Programming
    MSAccess since 1.0, SQL Server since 6.5, Visual Basic (5.0, 6.0)

  9. #9
    Join Date
    Jun 2012
    Posts
    1

    Bypass mdw File

    I need this tool, but the zip file throws an error that it is not valid. Can you repost?

  10. #10
    Join Date
    Nov 2004
    Location
    out on a limb
    Posts
    13,692
    Provided Answers: 59
    Quote Originally Posted by sheree View Post
    I need this tool, but the zip file throws an error that it is not valid. Can you repost?
    I have no problem in unzipping the file
    which suggests the problem lies with your unzip program
    if you cannot get the unzip to work in explorer then I'd suggest you get another program such as 7-zip
    I'd rather be riding on the Tiger 800 or the Norton

  11. #11
    Join Date
    Feb 2004
    Location
    New Zealand
    Posts
    1,424
    Provided Answers: 8
    What I do is put a local copy frount end in c:\screens\database-name.mde on the clients machine and link the table by \\servername\data$\data.mdb and the user has full control over that folder but because it hidden what they can't see they can't delete lol and in 15year doing it this way I have had one user delete the local copy because they thought the main program was on the desktop (the shortcut) I always hide the main database window also in the backend version I put a autoexec macro to quick the database if open.
    In one case I made the data.mdb a hidden file on problem with I forgot it was hidden took about an 20mins to work why I couldn't see the database and I went into panic mode
    hope this help

    See clear as mud


    StePhan McKillen
    the aim is store once, not store multiple times
    Remember... Optimize 'til you die!
    Progaming environment:
    Access based on my own environment: DAO3.6/A97/A2000/A2003/A2007/A2010
    VB based on my own environment: vb6 sp5
    ASP based on my own environment: 5.6
    VB-NET based on my own environment started 2007
    SQL-2005 based on my own environment started 2008
    MYLE
    YOUR PASSWORD IS JUST LIKE YOUR TOOTHBRUSH DON'T SHARE IT.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •