Securing DB on a network drive

J

Jon M.

This seems to be a repetitive question but I've tried, at least think I've
tried several solutions I've been able to find in here. I have a db, it is
on a shared network drive, i want to secure it so only certain users can
access it by entering username and password. I created a workgroup, joined
it, made myself an admin, removed the admin permissions from the default
admin, made my password, added my users, removed all permissions from the
user group, created the shortcut, the whole shebang. When I'm done I can't
open the db from the shared drive I have to use the shortcut and I have to
log in and everything which is great. My problem is that then anybody with
access to the shared drive can just go in and open the db from there without
getting any prompt to enter a username or password. I think that I am not
properly assigning my db to my workgroup, or something? As always any advice
is greatly appreciated.
 
J

Joan Wild

Security is tricky. You just have to miss one minor step, and all bets are off.

From your description, I don't see that you logged in as your new user, and created a new mdb, and then imported all the objects from your mdb. Without doing this, the 'Admin' user owns everything. Even though you remove permissions from this user, as owner, it can do anything. Since the Admin user is common to all mdw files, that would explain how others are opening the mdb.
 
O

Olduke

Further to Joan's explanation.
Admin is the default user.
As Access security is always ON, there has to be one user logged in who is
Admin (the default user).
When you created the database, the "owner" of the database was Admin (the
default user).
You can't lock out the owner of the database because its his or her
database. Admin will always have full permissions to do everything even if
you make changes to Admin's permissions.
Clear as mud right?
The trick is once you have security up and running the way you want it, get
rid of Admin and change the owner to yourself.
WARNING - this is a very involved procedure. Don't even attempt it without
a step by step guide.
 
J

Joan Wild

Olduke said:
The trick is once you have security up and running the way you want it, get
rid of Admin and change the owner to yourself.
Click to expand...

You cannot get rid of Admin - it's not possible to delete that user. Also you don't want to change the owner 'once you have security up and running'. You don't want to do it after the fact. It's one of the early steps to make yourself the owner.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

DB Security isn't working properly. 2
Securing My DB for global Access user 6
Securing Back-End, Using one .mdw file on FE & BE 3
Database on a LAN Drive, but security only works for me 4
Add myself to the administrators group, open the db exclusively 1
db not secure 1
securing and sharing a database 4
ACCESSING SHARED DATABASE ON A NETWORK SHARED FOLDER 2

Top