Read only access to backend

[aine_canby]

My frontend is programed as an mde, and distributed to all users.

But what is I wan't to have a version for "untrusted users" who can
only read the backend but not actually write to it?

Thanks,

Aine.

 

[Pieter Wijnen]

Then you must (should) dvelve into User Level Security.
It's not easy, but worth it.

Pieter

 

[Joseph Meehan]

I suggest you start by reading
http://support.microsoft.com/default.aspx?scid=kb;[LN];207793

Access security is a great feature, but it is, by nature a complex product
with a very steep learning curve. Properly used it offers very safe
versatile protection and control. However a simple mistake can easily lock
you out of your database, which might require the paid services of a
professional to help you get back in.

Practice on some copies to make sure you know what you are doing.

Access 2007 doesn't support user-level security.

 

[Guest]

Aine,

If you are just trying to prevent people from making accidental changes, you
can implement a very rudimentary security feature relatively easily.

In several of my databases, I include a Users table, which includes a
UserID, AllowEdits, and several other fields. AllowEdits is a True/False
field that is by default set to False.

When the user opens the Splash form, the Open event checks the logon using
the WindowsAPI call (http://www.mvps.org/access/api/api0008.htm) and tests to
see whether that UserID already exists in the Users table (if not, it adds
it). It then checks the value of the AllowEdits field in the Users table and
sets the value of a function (fnAllowEdits) to True or False. Then, in the
open event of each successive form, I set the AllowEdits property based on
the value of this function.

This will obviously not prevent someone from sitting down at a computer that
is already logged into the application, but neither will user level security.

Public Function fnAllowEdits(Optional TrueOrFalse as variant = Null) as
Boolean

Static myAllowEdits as Boolean

if not isnull(TrueOrFalse) then myAllowEdits = TrueOrFalse
fnAllowEdits = myAllowEdits

End Function

HTH
Dale

 

[John W. Vinson]

But what is I wan't to have a version for "untrusted users" who can
only read the backend but not actually write to it?

One very simple way - which would slow down an experienced Access developer by
thirty seconds or so <g> - would be to make a copy of the frontend MDB file;
open each Form and set its AllowEdits property to False; make a MDE and
distribute this mde to your untrusted users.

Access security, as recommended by the other folks here, is probably the right
way to go about it. Print out the security whitepaper; read it carefully. Get
a good night's sleep. Read it carefully *again*. Follow its instructions to
the letter. You'll need to secure both the frontend and the backend.

John W. Vinson [MVP]