How to disable viewing DB objects of MDE file from another database?

[Milan]

Hello,

I have the following problem. I created some MDE file where I forbid
displaying the database window with the list of all database objects
(tables, forms etc.). This file has got no DB password but is secured
by the usage of mdw file.

Is it possible to forbid users importing the tables and queries from
this MDE dabatase to some new database they have created? I would like
to forbid displaying the list of DB objects (especially tables and
queries) to everyone else than me.

Thank you very much for your help!!

Milan

 

[Rick Brandt]

Hello,

I have the following problem. I created some MDE file where I forbid
displaying the database window with the list of all database objects
(tables, forms etc.). This file has got no DB password but is secured
by the usage of mdw file.

Is it possible to forbid users importing the tables and queries from
this MDE dabatase to some new database they have created? I would like
to forbid displaying the list of DB objects (especially tables and
queries) to everyone else than me.

Thank you very much for your help!!

If you have implemented user-level security then you can control it with that.

 

[Milan]

If you have implemented user-level security then you can control it with that.

And can you please tell me how to do that? I would like to forbid
displaying the name of the tables and queries (and their design views
as well) even to the people who have permissions to read the data from
those objects.

Thanks,
Milan

 

[Rick Brandt]

with that.


And can you please tell me how to do that? I would like to forbid
displaying the name of the tables and queries (and their design views
as well) even to the people who have permissions to read the data from
those objects.

You can't forbid them from seeing the list of objects (AFAIK) but you can
set permissions on those objects such that they wouldn't be allowed to
import them. This would (I think) require that you remove all permissions
to the tables and use "Run with owner's permission" queries for all of your
data access. They might then be able to import the query definitions, but
without the tables those would be useless.

You could set them to hidden in which case people attempting to do an
import wouldn't see them unless they had their options set to show hidden
objects.

You have to understand that with an Access/Jet datastore (mdb file) all you
can do is erect obstacles. You cannot really keep anyone out who has
permission to use the application and is determined enough to get at stuff
you would rather they not be able to. Often called "Security by obscurity"
there are numerous strategies you can use which will make it more
difficult, and/or require more PC knowledge to circumvent, but ultimately a
user who is sophisticated enough and determined enough will be able to see
whatever they want. If the application's data is that critical then a
server-based database like SQL Server or Oracle is more appropriate.