AllowBypassKey

[Gary Dikkema]

Thanks for spelling it out Joan. And yes, sequence of the Security FAQ
execution is very important!

Yes, I had been close. I made one little mistake with HUGE impact. Somehow
the Dist MDW file I created was messed up. That's the only way I know of
describing it at the moment.

So I created a new MDW group, called DISTR, created the SiteAdmin user
account and made it the Administrator. I then tried to open my database with
this MDW and found I could NOT! Good news. So I added users with access to
the Groups already discussed and with this DISTR MDW those users had the
ability to run the 'stuff' that they were supposed to be able to.

I also tried to use the Bypass utility with this MDW and the SiteAdmin
account and got nowhere!

Ah yes! The sweet smell of success; I smell it now! <VBG>

Now as to the scaffolding code; a bunch of routines that empty tables and
preload tables for users to demonstrate functionality... 4 scenarios that I
don't want my users to perform... it allows me to demonstrate
functionality, as you need data to be able to do that. I log on as special
user who can perform those functions and all the rest, then demo, showcase
and empty the tables and then logoff and let them logon and tinker to their
hearts content with the functions that they are allowed to do.

The light finally went on when it was pointed out - more than ONCE (which
probably drove it home) - that the Admins group is different in each MDW
file!

Now if only I could get my grasp and use of proper terminology up to this
level...

Again, thanks for sticking by me!

 

[Gary Dikkema]

This morning I got back into my database with the DEV MDW...

I noticed all the modules had an <Unknown> owner.

Can anyone explain?

 

[Rick Brandt]

This morning I got back into my database with the DEV MDW...

I noticed all the modules had an <Unknown> owner.

Can anyone explain?

Any object created while logged in as a user that doesn't exist in the current
Workgroup will show "Unkown" as the owner. Usually it means you're using the
wrong workgroup, but not always.

 

[TC]

Actually I probably meant any user account with the Admins user group.

That's much better. But remember, if you are dealing with more than one
workgroup file, it may be better to say "with[in] the Admins group >of the
workgroup file which was used to create the database<".

Actually, my double lockdown finally works... so I got somewhere TC! <VBG>

Well done.

However, you're right! In the terminology dept I suck! Old concepts are hard
to part with and I seem to get a piece almost right in some emails and then
nothing in others. <VBG>

No-one gets this stuff right first time. The key is incremental improvement
over time

So tell me what 'right' is required to allow a Macro to delete an Object...
a table object?

Rights (or "permissions") apply to >users< and objects, not macros &
objects. Your question is, what right is required to allow a >user< to
delete an object (eg. a table). The following users have permission to
delete an object:
1. the owner of the object (ie. the user who created it);
2. any member of the Admins group >of the workgroup file which was used to
create the database<, or
3. any user who has been granted Delete permission by a user who is
authorized to grant that permission.

So, if you want user 'U' to delete object 'X', but 'U' is not a user noted
in 1. or 2. above, you must log-on as one of the users noted in 1. or 2.
above, then use Tools:Security (or whatever) to grant Delete permission >on<
object 'X' >to< user 'U'.

I suspect you have to be this person who created the
Database, as per your last paragraph?

Nope. It is commonly believed that "the owner of the database" is one of the
users who have special rights within the database. But that is just not
true, at all.

And RWOP is used how and where? I had to remove RWOP from queries to allow
a user who had full rights to tables and queries and macros the ability to
execute those queries. As soon as I flipped the query from Owner to User
things worked.

That's a bit too big to answer here. Some googling will find you lots of
stuff on RWOP queries.

Cheers,
TC
(off for 2 days)

 

[Gary Dikkema]

Hum... but I seem to be able to get in and change content...

And the application runs...

 

[Gary Dikkema]

See inline...

Actually I probably meant any user account with the Admins user group.

That's much better. But remember, if you are dealing with more than one
workgroup file, it may be better to say "with[in] the Admins group >of the
workgroup file which was used to create the database<".
Agreed!

Actually, my double lockdown finally works... so I got somewhere TC!
<VBG>

Well done.

Thanks to all those who assisted me! <VBG>

Thanks for the rest of the info...

 

[Guest]

Can anyone tell me how to disable the Shift key with "allowbypasskey" in .adp (2002-2003 format)

Thanks so much for your help!