Results 1 to 3 of 3
  1. #1
    Join Date
    Oct 2003
    Posts
    103

    Unanswered: User Access Level, Transact SQL or getnetworkusername

    So this may seem like a strange question, but everything I have done up till now has been straight Access MDB. I want to start using ADP Projects, and immediately after establishing a connection I want to verify that the user is authorized for the database, and establish what they have access to.

    Now I no next to nothing about SQL, and I am reading about transact sql and stored procedures and the like. But I also wonder about portability of such a solution . . . not to mention that I really don't want to have to spend endless days learning sql server, storing procedures, and whatnot. In addition, there are access levels to forms as well as SQL tables and queries to consider.

    So, I'd like to know the drawbacks of simply checking the network user name against a stored table of "authorized" users for the database, and proceeding from there?

  2. #2
    Join Date
    Nov 2004
    Location
    out on a limb
    Posts
    13,692
    Provided Answers: 59
    interesting choice to use ADP's seeing as they are now depracated, and will be dropped in future versions of Access

    in the Access environment I'd always recommend using the network logon rather than the Acces workgroup ID... its harder to fake. however it has limitations (you need to be on a site where you have one userID to one user mapping.. so you cannot use generic userid's or shared userid's

    Im in favour of storing those userid's in a workgroup file and requesting what clearances that userid has. you can use that technique irrespective of what back end data store you use.

    SQL Server has its own set of permissions and user authentication.... and to use SQL server properly you shoudl make use of that security schema. Using the network logon may take you there (assuming you are certain that no user wil log on to the network and then leave their PC vacant and allow others to use that workstation). most companies Ive worked at have an instaban / instant disciplinary on that

    use the Dev Ashish code, or I think PKStormy has contributed somehtign similar in the code bank to get the network userid. if you are getting involved in auditing them also consider recording te computer and the time so if you need to hold a witchhunt you can identfy who, what and where the crime was committed.
    I'd rather be riding on the Tiger 800 or the Norton

  3. #3
    Join Date
    Oct 2003
    Posts
    103
    Quote Originally Posted by healdem
    interesting choice to use ADP's seeing as they are now depracated, and will be dropped in future versions of Access
    What's on the horizon for using a SQL backend other than ODBC? I'm moving to ADP for performance reasons, I can do everything I need in Access, but multi users gets slow, even with more than one front end.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •