Hi!
I have completed a database and now somebody came up with a request
for a user security (some people can read only some tables, some may
write, etc.).
When doing this before I set up a simple login form and a user table
and stored the user level corresponding to the login in a global VBA
variable. When opening forms, I did an DoCmd.OpenForm e.g. read only mode
according to the user level.
Easy, but would not even slow down a user that knows anything about Access
if they wanted to circumvent it.
Now I stumbled across the security wizard, but it kind of scares me as
it seems to be rather complex and on Google groups I read lots of
threads about side effects ("Now that I secured my DB this and that
doesn't work anymore").
IMO there are three areas of Access (security, runtime distribution, and
replication) that fall into the category of "If you have to ask you probably
should avoid it (for now)". I say that because I think that someone who is
highly PC/Windows-Literate, highly Access-literate, and knows how to search
the internet will know where to look, what to read, and will then be able to
delve into those topics with few problems. If a person doesn't meet that
criteria then I would certainly still encourage researching and learning,
but not diving right in.
That being said, circumstances often dictate that the topic must be explored
and these groups then take on the role of helping the flight attendant to
land the plane. If you're up there and the pilot is incapacitated what
other choice is there? On the other hand it's not a great idea to try to
help the flight attendant fly the plane if it is currently on the ground.
In these same areas I am not a big fan of using the wizards. To me a wizard
is useful to speed up a tedious process or to control a complicated
multi-step process when the results are easily examined and can be learned
from. IMO the security wizard is poor because a) a newbie to security ends
up with a secured application while learning almost nothing about how
security works and b) in some Access versions it doesn't even result in a
properly secured app. This last is compounded by the fact that the user is
almost never aware of the fact that the app is not secured properly.
So...my recomendation would be to research and learn the topic while
experimenting on test MDB files with relatively few objects in them. Obtain
and follow explicitly one of the various step-by-step instructions that you
can easily find by Googling the topic (avoid the wizard).
Security is HARD to learn and understand, but if you are careful and
thourough, once "the light goes on" it makes pretty good sense. A very good
idea is to read through a lot of the security related postings to these
groups. You will immediately get a sense of what problems and
misunderstandings most people have with it. I have often posted that I
believe that the vast majority of people who attempt to secure an app for
the first time get it wrong. The lucky ones are those that can at least see
that they did it wrong. Many just go on their merry way deluded that they
have actually accomplished something useful.
