Access & DLL

[Scott]

I have several access databases with code that contain user names and
passwords to sql servers. I was just looking for some advice on my options
to protect the sensitive data.

Would it be a decent plan to create a dll and have the username/password
sensitive data inside the dll and have access get the user/password info
from the dll?

I'm not that into .Net, but do own visual studio 2008. I realize this is an
access forum, but I was wondering if you can create something simple like a
dll with a little sentive data as described using regular vb script with VS
or does VS force a programmer to use only .Net code?

Any guidance would be appreciated.

 

[Sylvain Lafontaine]

Whenever possible, your best option would be to use Integrated Security.
This way, the passwords are not even travelling the wire.

--
Sylvain Lafontaine, ing.
MVP - Windows Live Platform
Email: sylvain2009 sylvainlafontaine com (fill the blanks, no spam please)
Independent consultant and remote programming for Access and SQL-Server
(French)

 

[Scott]

I'm sorry, maybe I didn't explain correctly. Let's say for example, I have
an access project file. In a function that's called in autoexec macro, I
check the ip address of the pc running the app. Depending on the ip address,
I have code that connects the adp to the correct sql server.

The code needed to connect to the appropriate server has to contain the
server's ip, user and password.

I'm trying to find a way to hide that sensitive info. Anyone that logs into
the database could look in the module and see it.

 

[Sylvain Lafontaine]

Oups, I'm sorry but I was doing a little too much multi-tasking - waiting
for a program to debug - and I partially misread your question.

In your case, yes, of course, you can create a DLL library with .NET and
call it from Access VBA. A direct call to .NET is not permitted but there
is what we call the Interoperability module: it will wrap a .COM component
around your .NET library and will act as any ordinary COM component to VBA.
COM components are also known as ActiveX components and are the standard way
of extending VB (Classical), VBScript and VBA.

You can define Interoperability as either calling a COM component from the
..NET world or calling a .NET component as a COM component (or ActiveX
control) from VB/VBscript/VBA. The following page will give you many good
articles on this topic:

http://www.vbdotnetheaven.com/Articles/ArticleListing.aspx?SectionID=2&SubSectionID=98

In particular, the following articles seems very good:

http://www.vbdotnetheaven.com/Uploa...4082005083037AM/CsharpCompInVBthroughCOM.aspx

http://www.vbdotnetheaven.com/Uploa...4112005081747AM/ActiveXControlInVBdotNET.aspx

http://www.vbdotnetheaven.com/Uploa...ponents04112005051613AM/DotNETcomponents.aspx

http://www.vbdotnetheaven.com/Uploa...ropPart204112005023548AM/COMInteropPart2.aspx


You'll find many other articles on Interoperability on the web; for example:

http://migrationguide.artinsoft.com/Migration-Guide-Faq-Chapter-14.aspx

http://www.csharphelp.com/archives/archive240.html

A second possibility for you would be to create an module in an independant
MDB or ACCDB database file or an ADP project and then compile this separate
file to MDE, ACCDE or ADE state. This way, your module will be compiled but
you'll still be capable of developing your main MDB/ACCDB/ADP file directly

Finally, my suggestion of using Integrated Security is still a valid one. By
using Integrated Security, you don't have to provide the user name and the
password to the connection object; which make it the easiest and safer way
of doing a safe connection. However, I don't know if this is applicable in
your case because I don't know much about your overall installation.

--
Sylvain Lafontaine, ing.
MVP - Windows Live Platform
Email: sylvain2009 sylvainlafontaine com (fill the blanks, no spam please)
Independent consultant and remote programming for Access and SQL-Server
(French)

 

[Sylvain Lafontaine]

See also:

http://msdn.microsoft.com/en-us/library/ms173184(VS.80).aspx
http://msdn.microsoft.com/en-us/library/c3fd4a20(VS.80).aspx

--
Sylvain Lafontaine, ing.
MVP - Windows Live Platform
Email: sylvain2009 sylvainlafontaine com (fill the blanks, no spam please)
Independent consultant and remote programming for Access and SQL-Server
(French)

 

[Tony Toews [MVP]]

I have several access databases with code that contain user names and
passwords to sql servers. I was just looking for some advice on my options
to protect the sensitive data.

If you are shipping an MDE then use some means of encrypting the
passwords, such as the MS Crypto API calls, and store the encrypted
passwords as constants in the VBA code.

Tony

 

[Mark Andrews]

You could turn your access database files (mdb or accdb) to (mde or accde)
files. That way no one can get to the code. It's the access way to create
a locked application. Not sure if that works but that's a little easier
than going off and making a dll.

Mark