A
Ann in CA
Hello,
Please let me preface this by saying that I have read many things on user
level security, especially Joan and Lynne's sites, and while they are
extremely useful, I still haven't been able to get ULS to work. So I
apologize if I'm asking questions that have been answered time and time
again--maybe I just don't get it. =)
I do not want the user to have to log in. I am the only one who needs access
to the backend. I am fine with having one single users group, who can modify
data only through forms in the front-end file.
I assume I need to take the following steps to secure. Am I missing
something and/or what is the correct order?
1. Create a new workgroup--where should this be stored? On the server where
the database backend is?
2. In new workgroup, create new user who will "own" the system objects. Log
on as this user.
3. Open unsecure database backend.
4. Create new database and import tables. Remove Admin user from the Admins
group.
5. Start ULS, choosing Modify the current workgroup info file. Secure all
objects.
6. Do not choose any optional groups.
7. Give the users group permissions--here I don't know. Do I give them no
permissions in the BE file? I want them to only modify via forms in the _FE
file.
8. Create no new users--or should I put in the NT Login of everyone who can
have access? Remember, I don't want them to have to login.
9. After recording all the info, rejoin system.mdw. Create a shortcut to
the backend which I will use anytime later to make changes to the structure?
Then, I think I would secure the frontend following the same steps (but
perhaps changing the user group permissions?) Is there anything I have to
ship the users along with the next version of the frontend?
I think I have tried this whole process two dozen times and had zero
success. And, we're not upgrading to 2007 anytime soon but security has
suddenly become something we are focused on, so all the pressure is on me.
Thanks in advance for any help anyone might be able to offer.
Please let me preface this by saying that I have read many things on user
level security, especially Joan and Lynne's sites, and while they are
extremely useful, I still haven't been able to get ULS to work. So I
apologize if I'm asking questions that have been answered time and time
again--maybe I just don't get it. =)
I do not want the user to have to log in. I am the only one who needs access
to the backend. I am fine with having one single users group, who can modify
data only through forms in the front-end file.
I assume I need to take the following steps to secure. Am I missing
something and/or what is the correct order?
1. Create a new workgroup--where should this be stored? On the server where
the database backend is?
2. In new workgroup, create new user who will "own" the system objects. Log
on as this user.
3. Open unsecure database backend.
4. Create new database and import tables. Remove Admin user from the Admins
group.
5. Start ULS, choosing Modify the current workgroup info file. Secure all
objects.
6. Do not choose any optional groups.
7. Give the users group permissions--here I don't know. Do I give them no
permissions in the BE file? I want them to only modify via forms in the _FE
file.
8. Create no new users--or should I put in the NT Login of everyone who can
have access? Remember, I don't want them to have to login.
9. After recording all the info, rejoin system.mdw. Create a shortcut to
the backend which I will use anytime later to make changes to the structure?
Then, I think I would secure the frontend following the same steps (but
perhaps changing the user group permissions?) Is there anything I have to
ship the users along with the next version of the frontend?
I think I have tried this whole process two dozen times and had zero
success. And, we're not upgrading to 2007 anytime soon but security has
suddenly become something we are focused on, so all the pressure is on me.
Thanks in advance for any help anyone might be able to offer.