Security wizard

[Guest]

Hi
I have set up a secure DB using the security wizard added all my users with
passwords, my database is now secure. I now go into the database and set user
permissions, after I have done this if I bypass the shortcut and click on the
MDB file I or anyone else can get straight in to the database and view all
data. Am I doing something wrong, I just followed the wizards instructions.
Please help!

 

[Joan Wild]

Hi
I have set up a secure DB using the security wizard added all my
users with passwords, my database is now secure.

How do you know? One method is to ensure you are joined to system.mdw by
default and try to open the mdb in Windows Explorer. If you can open it,
then you missed a step.

I now go into the
database

How do you go into it? Do you use a shortcut on the desktop that the wizard
may have created for you, or do you just open the file in Windows Explorer.

and set user permissions, after I have done this if I bypass
the shortcut and click on the MDB file I or anyone else can get
straight in to the database and view all data. Am I doing something
wrong, I just followed the wizards instructions. Please help!

What version of Access? Depending on version, there's more to it than
running the wizard.

 

[Guest]

Hi Joan

I'm using Access 2000. when i say I bypass the shortcut i am opening the mdb
file direct.

 

[Joan Wild]

Ok, you shouldn't bother with the wizard in Access 2000 as it is flawed.

Check in the folder where your mdb file is located and see if there is a
file with the same name but a bak extension.

If there is not, post back.

If there is, then rename it to have a mdb extension (you'll need to delete
the existing mdb first).
If you see a 'security.mdw' file, delete it.

Go to Start, wrkgadm.exe and it'll tell you the workgroup file you are
joined to currently. Click on Join and rejoin the standard system.mdw file
that ships with Access. It usually is located in the Windows\system folder,
however you might search for it first.

Now you are back to square one with an unsecured database. I would suggest
you start by backing up this mdb. It takes practice to get security right,
and you may find yourself restoring this backup a number of times, before
things are working. Go to
http://www.jmwild.com/security97.htm
and follow the steps. Do not omit anything.

 

[Guest]

Thanks Joan...I know that I probably should have mentioned that the DB is set
up in a folder on a network that the users have been granted access to...does
this affect the workgroup file.
I am going to try what you've said...no doubt I'll be back.

But thanks again.

 

[Joan Wild]

When you create the workgroup file, put it in the same folder as the mdb on
the server. Be sure you don't name it system.mdw and also don't name it the
same as the mdb file.

Once you have it secured, and tested, you should split the mdb. Since it's
secured, don't use the splitter wizard; instead do it manually. See
http://www.jmwild.com/SplitSecure.htm

But don't split it until you have the security right. After the split, the
backend will stay on the server, and you'll give each user a copy of the
frontend on their PC. Then give each a shortcut with the following in the
target:
"path to msaccess.exe" "path to frontend" /wrkgrp "path to secure mdw"

 

[Guest]

Joan

Thanks again. I read through all the security stuff you have done and a wee
bit of the MS white paper and was able to using your advice secure a similar
DB at home. I have today successfully secured my networked DB...Only one
question you mention that I should split DB, is there a particular reason for
this? and do I really need to? Sorry that's two questions...Again your help
is most appreciated.

 

[Joan Wild]

With multiple users using the same mdb file, you run the risk of corruption.

If it's split, and the user's frontend mdb corrupts, it's just a matter of
copying them a new file.

Also with recent versions, you can't make design changes to a mdb file
unless you have exclusive access to it. If it is split, you can make design
changes and test on your copy of the frontend while others can still use
their copy of the FE. Once you have changes ready, you just need to copy
the FE to users and overwrite their frontend.

More on splitting at
http://www.granite.ab.ca/access/splitapp/index.htm

 

[skennd]

With multiple users using the same mdb file, you run the risk of corruption.

If it's split, and the user's frontend mdb corrupts, it's just a matter of
copying them a new file.

Also with recent versions, you can't make design changes to a mdb file
unless you have exclusive access to it. If it is split, you can make design
changes and test on your copy of the frontend while others can still use
their copy of the FE. Once you have changes ready, you just need to copy
the FE to users and overwrite their frontend.

More on splitting at
http://www.granite.ab.ca/access/splitapp/index.htm

 

[Guest]

Thanks for that...Could I just ask one more thing...There will be about 40
users who have access to many PC's. Would splitting the DB and giving users a
shortcut to the one FE which would be in a folder on the network work just as
well as giving each of the users their own FE. There are about 50
users...thanking you again...

 

[Joan Wild]

I would still give each user a copy of the frontend. Just to clarify, you
don't need to give each 'user' a frontend, just each PC.

If you will be changing the frontend, you can automate distributing it to
the users. See
http://www.granite.ab.ca/access/autofe/details.htm