Prevent Importing / Linkage via Security

[Guest]

I have a secure production MDE database. ULS is setup and I want to keep
users out of design mode of tables, queries, forms,etc. Through the ULS, a
disabled AllowShiftKey property, Startup Properties and VBA code I am able
to keep users boxed in pretty good. But I want to keep the semi-casual hacker
out of copying /linking to the data.

The MDW associated with the database has no group permissions and only 3
users, Admin (zero capabilities), "dbusers" belonging to the Users Group and
"dbowner" belonging to the Admins and Users group. What I want to try and
prevent is the following scenario.

Creating a new database, join the Workgroup defined above, reopen the
database with "dbusers" username/password (which they have in their shortcut)
and import external data from the production MDE database. Because it's an
MDE they can't import the Forms, Reports and Modules, however the Tables and
Queries are available for importing!

Am I missing something? Is there a property that I need to set or is this
just a hole that ULS has missed?

Does anyone (Joan?) have a solution comment or reccomendation?

Your help is truly appreciated!

 

[Ed Metcalfe]

I have a secure production MDE database. ULS is setup and I want to keep
users out of design mode of tables, queries, forms,etc. Through the ULS, a
disabled AllowShiftKey property, Startup Properties and VBA code I am
able
to keep users boxed in pretty good. But I want to keep the semi-casual
hacker
out of copying /linking to the data.

The MDW associated with the database has no group permissions and only 3
users, Admin (zero capabilities), "dbusers" belonging to the Users Group
and
"dbowner" belonging to the Admins and Users group. What I want to try and
prevent is the following scenario.

Creating a new database, join the Workgroup defined above, reopen the
database with "dbusers" username/password (which they have in their
shortcut)
and import external data from the production MDE database. Because it's
an
MDE they can't import the Forms, Reports and Modules, however the Tables
and
Queries are available for importing!

Am I missing something? Is there a property that I need to set or is this
just a hole that ULS has missed?

Does anyone (Joan?) have a solution comment or reccomendation?

Your help is truly appreciated!

My favourite solution to problems like this is not to give users their user
name/password details. Create a launcher application either in VB or another
Access database (secured with a different workgroup file). The launcher
contains a list of all the systems the user can launch and builds a command
line to pass the login credentials to MS Access.

Ed Metcalfe.

 

[Guest]

Hi Ed,

Good call. A laucher would eliminate a lot of trails including the security
file, user and password. Thanks, I am amazed I didn't think of that one but
then that why we have these newsgroups!

RJ

 

[Ed Metcalfe]

Hi Ed,

Good call. A laucher would eliminate a lot of trails including the
security
file, user and password. Thanks, I am amazed I didn't think of that one
but
then that why we have these newsgroups!

RJ

RJ,

You're welcome!

You can also use the /Runtime switch with this method, just to be
doubly-sure your users aren't making any design changes they're not supposed
to.

Ed Metcalfe.