open exclusive for back end design

[Guest]

hello,

i have a db which is split fe/be on a network folder.This db had a general
password created through open exclusive but at the time of the split, the
linking did not work untill i removed the password on the backend.It is
sufficient to leave the fe with the general password but i would like to
secure the be with user level security.I need to be careful since i already
have quite a few users on this db so i have yet to try it out...please advise
on the above since it seemed strange that a password would affect the linking
manager.
thanks

 

[Joan Wild]

i have a db which is split fe/be on a network folder.This db had a
general password created through open exclusive but at the time of
the split, the linking did not work untill i removed the password on
the backend.It is sufficient to leave the fe with the general
password but i would like to secure the be with user level security.I
need to be careful since i already have quite a few users on this db
so i have yet to try it out...please advise on the above since it
seemed strange that a password would affect the linking manager.

If you want to go with the database password (very easy to crack, by the
way), you can open the backend and set the password. Then open the
frontend, and delete the links. Then use File, Get External Data, Link to
create the links again - this time you will be prompted for the backend
password, which will be saved with the links.

If you want to implement user level security on the backend, you can still
do so. Follow the steps outlined in the security FAQ. If you are going to
leave the frontend unsecured, then you likely will not want to create your
own groups for the backend. Just assign the limited rights you need to the
Users Group. You could even deny permission entirely on the backend tables,
and use RWOP (run with owner permissions) queries in the frontend. This
would mean securing the frontend as well.

Security FAQ
http://support.microsoft.com/?id=207793

Security Whitepaper
http://support.microsoft.com/?id=148555

I've also outlined the detailed steps at
www.jmwild.com/AccessSecurity.htm

 

[Guest]

Thanks joan,

My objective for the be is to protect the tables from someone who could be
cruising the network and want to take a peek or delete an entry in the table.
The users need to do data entry on the fe and i am not too concerned on that
side but i do need for them to perform the data entry and i do not want
problems if i place user level security on the be in the network and all of a
sudden , they cant get in. I appreciate any direction from you to do it
right. thanks

 

[Joan Wild]

Thanks joan,

My objective for the be is to protect the tables from someone who
could be cruising the network and want to take a peek or delete an
entry in the table. The users need to do data entry on the fe and i
am not too concerned on that side but i do need for them to perform
the data entry and i do not want problems if i place user level
security on the be in the network and all of a sudden , they cant get
in. I appreciate any direction from you to do it right. thanks

If you feel that a password on the backend file is sufficient, then you can
use it. If you are worried about someone who is 'looking around', you could
hide the location of the backend file. Put it in a hidden share...
\\server\share$ rather than \\server\share

It's by no means totally secure. You'll never get that with a file based
database like Access. However it may suffice for you. Again you can put a
password on the backend, but you need to delete the links and recreate them
(don't just relink using the Linked Table Manager). Per my original post...