login forms for multi user db on shared server

[david.nixon]

Hi,

I have setup a db to records peoples tasks and need to secure it. I
know there are two main ways (MS built in and build it yourself) but am
not sure what is best for me.

I have 3 main different types of users. Read only, read write and
admin. Read only can run reports, read write can add/update tasks and
admin can access everything.

I need to be able to pull the login name into certain fields to save
them forever selecting their own name.

Ideally I would like to use their xp login details so they do not have
to formally login, the db picks the info up and compares to the list of
allowed users.

is this possible or am i way leftfield?

cheers

 

[Keith Wilby]

Hi,

I have setup a db to records peoples tasks and need to secure it. I
know there are two main ways (MS built in and build it yourself) but am
not sure what is best for me.

The build-it-yourself way is a non-starter I'm afraid, it would be a
nightmare of an overhead in terms of management and it would be extremely
easy to break by someone with not much Access experience. Built-in
user-level security (ULS) has a very steep learning curve but it is much
harder to break and requires a determined hacker with special tools.

You can get the network ID of the user
(http://www.mvps.org/access/api/api0008.htm) and compare it to an account
name in ULS using the CurrentUser function to avoid passwords.

HTH - Keith.
www.keithwilby.com

 

[Ron2006]

Security is obviously very important. However, how you use the
application is also something to think about.

We had an application that used the network ID that Keith mentions. By
using the networkID, the constraint put on the system was that one
person's job could NOT be performed by another person at their own
computer. In order to perform person A's job, someone had to logon as
person A at person A's computer or had to logon as person A at their
own computer.

In other words, I could not do both person A's work AND my work at the
same time from my computer. Loging on as a second person at MY computer
can cause email problems for person A and user account problems on my
computer.

The biggest part of our problem was that the tight security was poorly
and too stringently implemented in that it was hard coded and the
function was bound to the person not to a a table of persons.

All I am saying is to be cognizant of the difference as you design your
approach. Be sure you can get around having that ONE person out sick or
their computer down. Can you easily assign someone else to perform a
function when that original person is out sick or on vacation? If you
are on vacation and the other person is out sick, are there procedures
so that someone else can do that job and/or get into the application to
assign someone to do it.