Changing users passwords

[Lin]

I have a number of database applications used by many
users. I am the only developer so we often have problems
if a user has problems changing their password and I'm not
here to sort it out.
I'm trying to create one database that will allow an
administrator (who doesn't know anything about Access) to
reset these passwords.
Two options I'm looking at are:
1. DBEngine(0).Users(Me!ChosenUser).newpassword Me!
[OldPW], Me![NewPW]
but the DBEngine will look at the current database and I
need to be able to change it to the selected database.
or 2. Change the password field directly in the
MSysAccounts table in the system.mdw database, but this
says it's bound to a replication system column which I
can't find.
I'd really appreciate any suggestions.
Thanks
Lin

 

[Albert D. Kallal]

I actually provide my users with a nice SUPER SIMPLE screen that lets the
guy in charge create new users, and set what groups they belong to.

Take a look at the following screen shots:

http://www.attcanada.net/~kallal.msn/RidesSec/index.html

I find that with above, there is about 5 to 8 seconds worth of training, and
usually ZERO training for the admin is required with the above screen.

Setting up security and making it a user friendly type system for a
end user who will eventually have to manage the system is not hard.

However, it does take planning on your part.

You can teach the admin to how to use the security settings. however, to
make things easy, you as the designer probably want to setup things up
before hand.

For example, you can have the admin add a new user, and then start adding
what forms that user can use. That is going to be a LOT OF work if you have
100 forms. Also, if you allow the client to do that, then every time you
send a update, they will loose the security settings.

Hence, the best approach is to sit down and make up a bunch of
security groups. For my last project the groups I made where:

Basic user
Daily Reports
Seasonal Reports
Allow creation of Corporate Groups
Can forward date invoice payments
Can back date invoices payments
Can delete invoice payments
Add Tours, Rooms, Change Tour Pricing
Admins Administrator (Add users, change passwords)

As you can see, I sat down and made a bunch of security groups. So, for
example, in the above list I have something called seasonal Reports. Only
those users that need to view financial sales data for the year can thus use
those reports that have financial data. The same goes for only some users
can back date invoice payments. Of course most employees are not allowed to
back date invoice payment, and thus the daily sales slips, and the till MUST
be balanced at the end of the day. (if not, the employees must stay until it
is balanced).

The above idea of creating a bunch of security groups makes the whole thing
much easier. Now, all you have to do, is add a new users to the system (you
can use the security menu, but I find my screens make this zillion times
easier). You then simply add each group above to the
user. Most standard users get basic, and perhaps daily reports. In addtion,
this means you NEVER actually have permissions for a user set in the
the actual applction. (that way, you can even send your client a new update
and the existing secuirty settings will NOT be lost).

The real work in setting up the security is thus sitting down, and making a
bunch of sensible security groups. After that, the admin can quite easily
mange the whole system, even with the built in security system.

I actually did not like the security menu in ms-access, and thus I did write
my own. (the above screen shots were of this).

However, as mentioned the screens are not hard..it is sitting down and
making up some security groups is the hard part.

 

[Albert D. Kallal]

Function ChangePassword(ByVal strUser As String, _
ByVal strPwd As String) As Integer

Dim ws As Workspace
Dim usr As user

Set ws = DBEngine.Workspaces(0)
Set usr = ws.Users(strUser)
usr.NewPassword "", strPwd

End Function

The above should let you change the users password via code. The user does
need admins prev.

 

[Albert D. Kallal]

I might be a bit confused here.

User passwords are NOT save in each mdb. The users, and what groups they
belong to, and also their passwords are saved in the workgroup file, and NOT
the particular mdb.

There is what we call user passwords, and they are NOT stored, or saved in
each database.

Are you talking about a the users passwords, or the simple password you can
attach to a database without using security?

In fact, I don't believe you can change database password via code, but my
posted example will certainly work for users passwords.

Are you using a different workgroup file for each database? If you are using
just one workgroup, then changing the users passwords will apply to all
databases they use, since passwords as mentioned are NOT stored in each mdb
file.

 

[Lin]

I have 19 database applications, all used by different
groups of users. Each database has it's own workgroup
file, to hold different permissions for each set of users
of that particular database. The users all have their own
logons and passwords. I don't use database passwords.

I've found the password field in the hidden MSysAccount
table in the mdw databse, but it won't let me change it
either manually or with code as it says it's bound to a
replication field 'password'. I've no idea where this
field may be.

Lin