W
Warren
Hello friends,
My files:
~~~~~~
My backend lies in a hidden network folder (in citrix) with a Database
Password on it. My frontend exists as an MDE that is copied to the
user's home folder each time they start the application using a batch
file linked from a desktop icon.
My security:
~~~~~~~~~
I like my security because I created it and I seem to have full control
over it. Basically, users must exist in my 'users' table before an
AutoExec function will allow them to proceed, otherwise, they are
exited. The same table defines permissions for each user that are read
on each form's startup. Users do not have to 'log on' as usernames are
obtained the the OS logon. The shift key is disabled.
My questions:
~~~~~~~~~~
Like I said, I seem to have full control of the security and, as I
created it all, I know it backwards. Do MVPs and other professionals
here think that this is ok? I don't know how to 'break in' to my
database given only a front-end because the shift key is disabled, is
there a way? And finally, I have read that database passwords are
almost useless.
I am asking these questions because I feel that I have more control
over what the user can do, and I can make it simpler for admins to
change user persmissions etc. User level security seems more
complicated that what I've done. Am I right?
Thanks, Warren
My files:
~~~~~~
My backend lies in a hidden network folder (in citrix) with a Database
Password on it. My frontend exists as an MDE that is copied to the
user's home folder each time they start the application using a batch
file linked from a desktop icon.
My security:
~~~~~~~~~
I like my security because I created it and I seem to have full control
over it. Basically, users must exist in my 'users' table before an
AutoExec function will allow them to proceed, otherwise, they are
exited. The same table defines permissions for each user that are read
on each form's startup. Users do not have to 'log on' as usernames are
obtained the the OS logon. The shift key is disabled.
My questions:
~~~~~~~~~~
Like I said, I seem to have full control of the security and, as I
created it all, I know it backwards. Do MVPs and other professionals
here think that this is ok? I don't know how to 'break in' to my
database given only a front-end because the shift key is disabled, is
there a way? And finally, I have read that database passwords are
almost useless.
I am asking these questions because I feel that I have more control
over what the user can do, and I can make it simpler for admins to
change user persmissions etc. User level security seems more
complicated that what I've done. Am I right?
Thanks, Warren