security with networklogin username?

[Guest]

Hi!

I would like to ask if it is possible to use the login of the user in the
network as its security for ms access 2000?

currently our user wants to synchronize their network account with the
access account.

1.) can i use this without using the microsoft access security?
2.) can i modify the workgroup programmatically to edit the security
settings of ms access to work it together with the network settings?

thank you in advance!

 

[Rick Brandt]

Hi!

I would like to ask if it is possible to use the login of the user in
the network as its security for ms access 2000?

currently our user wants to synchronize their network account with the
access account.

1.) can i use this without using the microsoft access security?
2.) can i modify the workgroup programmatically to edit the security
settings of ms access to work it together with the network settings?

Access User Level Security has nothing at all to do with Windows or network
domain security. You can supply the same user name, but since that defaults to
the last name entered that is not of much use anyway. The password though would
still have to be keyed in for Access security.

 

[Guest]

Hi Mr. Brandt,

But can the workgroups be edited with the vba code in access? i mean should
i be creating a new table in access.. save the users in that table (these
users are registered in the workgroup) then everytime they clicked on access
i would match their network domain and username with this table. (which means
i would be creating a module to add/edit users in the network and to be able
to edit programmatically the users in the workgroup?)

do you think this is favorable?


thank you!

 

[Rick Brandt]

Hi Mr. Brandt,

But can the workgroups be edited with the vba code in access? i mean
should i be creating a new table in access.. save the users in that
table (these users are registered in the workgroup) then everytime
they clicked on access i would match their network domain and
username with this table. (which means i would be creating a module
to add/edit users in the network and to be able to edit
programmatically the users in the workgroup?)

do you think this is favorable?

Only if you create all users with a blank password.

 

[Guest]

there is currently a workgroup in our database and i would like it to synch
it with their usernames.. did you mean that i need to re-create this
workgroup to be able to match it with their network logins? i will not be
able to modify their current logins?

thank you so much!

 

[Guest]

there is currently a workgroup in our database and i would like it to synch
it with their usernames.. did you mean that i need to re-create this
workgroup to be able to match it with their network logins? i will not be
able to modify their current logins?

thank you so much!

 

[Rick Brandt]

there is currently a workgroup in our database and i would like it to
synch it with their usernames.. did you mean that i need to re-create
this workgroup to be able to match it with their network logins? i
will not be able to modify their current logins?

thank you so much!

Access security establishes who the user is before the MDB file is even opened.
Before any code or macro can be run. That being the case you can check the
Windows identity against a standard Access table filled with user names but you
cannot synch with the workgroup file in any meaningful way.

There is a commonly used Windows API method at "The Access Web" web site that
will allow you in VBA code to retrieve the current Windows user name. As stated
though you would be doing that AFTER the user was in your app so that is not
useful as a way to synch with the user names in your workgroup.

In other words, if everyone logged into your app using their Windows login name
then they would have to have already been set up in your workgroup file before
that would work. You would not be able to recognize NEW users based on their
Windows profile.

 

[Guest]

Hi Mr. Brandt,

thank you so much for your clear explanation... maybe the future versions of
access would acquire this thought?

i may be able to add new users in an access table but if they change their
windows login password when it expires, that would result to another problem
as this will not get synch with access security. is this correct?

 

[Rick Brandt]

Hi Mr. Brandt,

thank you so much for your clear explanation... maybe the future
versions of access would acquire this thought?

i may be able to add new users in an access table but if they change
their windows login password when it expires, that would result to
another problem as this will not get synch with access security.
is this correct?

Do you have an IT or other group that is in charge of your network? If so, I am
sure they would very much NOT want you to be storing user passwords in an Access
file.

If you need security then make the users login. It's really not that difficult.
If you just need to keep track of who users are while they are in your app then
use the API code I mentioned before and don't bother with Access user level
security.

 

[Guest]

Hi Mr. Brandt,

I think I will just save their respective usernames in the network not their
passwords...because as you said there is no way that i could get it sink with
acess and the windows network.the saving of the network usernames - that is
all that I could do.

thanks again for that quick reply. i really appreciate it!

 

[David W. Fenton]

Access User Level Security has nothing at all to do with Windows
or network domain security. You can supply the same user name,
but since that defaults to the last name entered that is not of
much use anyway.

Er, why would that matter? If the person has already authenticated
via their Windows logon, what's the big deal? If the problem is
someone leaving their workstation logged on all the time, then
that's a problem that has nothing to do with Access, and is a huge
risk to much more than just the data stored in your Access app.

The password though would
still have to be keyed in for Access security.

You don't have to assign a password if you're depending on Windows
authentication.

 

[Rick Brandt]

Er, why would that matter? If the person has already authenticated
via their Windows logon, what's the big deal? If the problem is
someone leaving their workstation logged on all the time, then
that's a problem that has nothing to do with Access, and is a huge
risk to much more than just the data stored in your Access app.

I was speculating that the reason he wants "integrated security" is so that the
user will not have to enter a username and password. Since the ULS login prompt
defaults to the last username that was used then all that the user is really
having to provide is the password (after the first time).

So my point was that he could create a script that would launch the app while
automatically suppying the username, but not one that would automatically supply
the password and since the username is not going to change anyway the script
would provide zero benefit.

You don't have to assign a password if you're depending on Windows
authentication.

Yes, but "depending on Windows authentication" is not the same thing as
"integrating Windows authentication with Access ULS".