Results 1 to 3 of 3
  1. #1
    Join Date
    Oct 2003

    Unanswered: NT authentication and folder security settings

    [ OK, someone needs to increase the session timeout here ... I just spent 45 minutes or more crafting a huge explanation and when I posted it, it said I needed to login -- and then it brought me back to a blank page. Couldn't back up to the text either. Gone.... sigh ]

    Anyway, here it is again... VERY briefly.

    Building an ASP app for a limited number of users within a small company. Using NT authentication. To modify the MSAccess table the app works with, I need to give all these users MODIFY permissions to the folder holding the db (so it can create the ldb file) and to the mdb file itself (so it can be modified). But doing this means that these same users can also get to the mdb file directly, which I'd like to prevent, if possible. I want them to edit it, but only via the ASP app.


  2. #2
    Join Date
    Sep 2003
    Newark, Vermont
    As long as you store your database in a different directory other than the directory your application is in and of course using an un-guessable name, you should be fine. If they don't know the directory of your database, then they can't modify it unless they use the application...

  3. #3
    Join Date
    Jul 2003
    Why do the users have to have direct access to the DB? This is the web server making the calls to the DB, not the users. Use NT Auth to log them in, but use a separate username and password (that has modify rights) in your connection string to the DB. Show us some code.. maybe we can show you a better way...
    That which does not kill me postpones the inevitable.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts