security issue with using 97 and 2000 workgroups

[needing help]

I have many users on our network. One dept. has all their
DB's converted to 2000 and are joined to a secure 2000 mdw
file. 2 of the users have full permissions so that they
may make any changes they want to their DB.

Then there is another group of users who are using a split
DB - some going into the DB thru 97 and some going thru
2000. They are all joined to the secure 97 mdw.

My problem is that one of the users that has full
permissions thru the 2000 mdw is opening the DB that is
the split 97 DB and is able to make design changes and I
need to know how to prevent this from happening.

When you secure thru 97 you can secure each user within
the DB but I have found that in 2000 each user gets
permissions assigned that apply to all DB's.

Am I doing something wrong ?

Please help ! Thank you.

 

[Eric Butts [MSFT]]

Hi,

Use the following shortcut to launch the databases to help eliminate any
confusion:

"< full path of msaccess.exe >" "< full path of MDB file >" /wrkgrp "< full
path of MDW file >"

If not you would need to ensure that the 2000 users use the "wrkgadm.exe"
file version 9.0xxx to join to the correct MDW and the 97 users use the
file version 8.0xxx.

A 2000 user using the file version 8.0xxx joining the MDW has not joined
the MDW until they use the correct version (i.e., 9.0xxx).

Regards,

Eric Butts
Microsoft Access Support
(e-mail address removed)
"Microsoft Security Announcement: Have you installed the patch for
Microsoft Security Bulletin MS03-026? If not Microsoft strongly advises
you to review the information at the following link regarding Microsoft
Security Bulletin MS03-026
<http://www.microsoft.com/security/security_bulletins/ms03-026.asp> and/or
to visit Windows Update at <http://windowsupdate.microsoft.com/> to install
the patch. Running the SCAN program from the Windows Update site will help
to insure you are current with all security patches, not just MS03-026."

This posting is provided "AS IS" with no warranties, and confers no rights

--------------------
| Content-Class: urn:content-classes:message
| From: "needing help" <[email protected]>
| Sender: "needing help" <[email protected]>
| Subject: security issue with using 97 and 2000 workgroups
| Date: Wed, 7 Apr 2004 07:33:09 -0700
| Lines: 21
| Message-ID: <[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| Thread-Index: AcQcrT+83PUuQxSuSAK26F2JC1Vp9Q==
| Newsgroups: microsoft.public.access.security
| Path: cpmsftngxa06.phx.gbl
| Xref: cpmsftngxa06.phx.gbl microsoft.public.access.security:9765
| NNTP-Posting-Host: tk2msftngxa09.phx.gbl 10.40.1.161
| X-Tomcat-NG: microsoft.public.access.security
|
| I have many users on our network. One dept. has all their
| DB's converted to 2000 and are joined to a secure 2000 mdw
| file. 2 of the users have full permissions so that they
| may make any changes they want to their DB.
|
| Then there is another group of users who are using a split
| DB - some going into the DB thru 97 and some going thru
| 2000. They are all joined to the secure 97 mdw.
|
| My problem is that one of the users that has full
| permissions thru the 2000 mdw is opening the DB that is
| the split 97 DB and is able to make design changes and I
| need to know how to prevent this from happening.
|
| When you secure thru 97 you can secure each user within
| the DB but I have found that in 2000 each user gets
| permissions assigned that apply to all DB's.
|
| Am I doing something wrong ?
|
| Please help ! Thank you.
|

 

[david epsom dot com dot au]

Also, workgroup security is difficult to explain, and
you need to go through the steps mechanically to really
get it right. In your case, you haven't created /new/
secured databases -- a necessary step if you want to
prevent 'strangers' from entering your database with
full design permissions.

That is, you can't "fully secure" an existing database
by removing permissions. You can only "fully secure"
a database by importing the objects into a /new/ "fully
secured" database.

for more information:
http://support.microsoft.com/support/access/content/secfaq.asp

(david)