Keep users from directly opening the backend database.

  • Thread starter Thread starter jerry alexander via AccessMonster.com
  • Start date Start date
J

jerry alexander via AccessMonster.com

I have an Access database called CodesBE.mdb

On the user's desktop is the CodesFE.mdb

My supervisor needs to keep the user from browsing over the network to the
CodesBE and opening up the tables.

At first he put a password on the Windows network share, but then the FE
could'nt even access the linked tables.

Then he added an Access Password to the CodesBE. Now the CodesFE says it
can't see or find the tables.
----------------------------------
What is the easiest way to keep users from directly opening the BE while
having access on the FE to update & change certain records?

Thanks in advance for your help!
jaa
 
There isn't one.

They must have access to it to use it.

You can, however, implement user-level security and take away all access
from the actual tables in the database.

All the forms and reports in your front-end would then be based on stored
queries. The queries would need to be built with the "run with owner's
permission" set.

This is a bit of a hassle, but helps to keep people out of the tables where
they can get around all your rules and edits.
 
First, as a general rule, your front end should be a mde, not a mdb.

however, the quick and dirty solution I use is to make a autoexec macro in
the back end.

I put in two lines in this macro:

Msgbox
Message: You do not have permissions to run this file
Beep: Yes
Type: Critical
Title: Can not run

Quit:
Options: Exit

Now, when users try to run/open the back end, they get a message (fake
one!!) that says they don't have permissions to run the application. When
they click ok, the application shuts down. This trick fools 99% of your
users. And, if you need to get in, just hold down the shift key. And, if you
want to disable the shift key, then grab my nifty code here that allows you
to browse to the back end...and disable the shift key.

http://www.members.shaw.ca/AlbertKallal/msaccess/msaccess.html
 
Then he added an Access Password to the CodesBE. Now the CodesFE says it
can't see or find the tables.
Click to expand...

Have someone who knows the password Open the FE and relink to the BE tables.
Redistribute this FE as necessary. Done.

Note: this password is stored in the FE as part of the table's Connection
string, so it is *not* hackerproof by any means, but it is "accident" proof.
It keeps "casual" browsers, and most power users, out of the BE. (How many
of your people would know how to read the connection string of a table? How
many would even know that there was something there worth reading?)

If you have any "FE-BE relinking" code routines, they *might* need to be
adjusted to accomodate the existance of a password.

This is the "easiest". Whether it is "good enough" is up to you & your boss.

HTH,
 
Back
Top