Stop Shift Key Override On Open MDB

[Andy]

Hi;

Learned from Rob Oldfield that a user can override all my "PreCautions" by
holding down the Shift Key when the open the MDB in Access.

Using A2K.

Have also learned that "AllowBypassKey" needs to be set to False.

Would someone be so kind to point me in the correct direction.

Andy

 

[Dirk Goldgar]

Hi;

Learned from Rob Oldfield that a user can override all my
"PreCautions" by holding down the Shift Key when the open the MDB in
Access.

Using A2K.

Have also learned that "AllowBypassKey" needs to be set to False.

Would someone be so kind to point me in the correct direction.

Andy

The following code procedure comes from the Microsoft Access Security
FAQ document:

'----- start of code -----
Function faq_DisableShiftKeyBypass(strDBName as String, fAllow as
Boolean) As Boolean

On Error GoTo errDisableShift

Dim ws As Workspace
Dim db As DATABASE
Dim prop As Property
Const conPropNotFound = 3270

Set ws = DBEngine.Workspaces(0)
Set db = ws.OpenDatabase(strDBName)

db.Properties("AllowByPassKey") = Not fAllow
faq_DisableShiftKeyBypass = fAllow
exitDisableShift:
Exit Function

errDisableShift:
'The AllowBypassKey property is a user-defined
' property of the database that must be created
' before it can be set. This error code will execute
' the first time this function is run in a database.

If Err = conPropNotFound Then
' You must set the fourth DDL parameter to True
' to ensure that only administrators
' can modify it later. If it was created wrongly, then
' delete it and re-create it correctly.
Set prop = db.CreateProperty("AllowByPassKey", _
dbBoolean, False, True)
db.Properties.Append prop
Resume
Else
MsgBox "Function DisableShiftKeyBypass did not complete
successfully."
Faq_DisableShiftKeyBypass = False
GoTo exitDisableShift
End If
End Function

'----- end of code -----

You should define and call this function, not in the database you want
to secure, but in another "utility" database. When you cal the
function, you pass it the path and name of the database you want to
secure. Bear in mind that, in the absence of user-level security, any
sufficiently knowledgeable user can run similar code to re-enable the
bypass key. But it does put up a greater barrier than relying on the
user's ignorance of the Shift key trick.

 

[Guest]

The easiest way to accomplish this is to do it using a remote app designed to
do this.

See the Utility at the link below:

http://www.utteraccess.com/forums/showthreaded.php?Cat=&Board=48&Number=233728

R. Hicks

 

[Andy]

Ricky;

Thank You. I'll give it a try.

Also in a reply to a post: InputBox Mask ****** & Call it 3 times.

Rob Oldfield gave this answer:

It can be done in an adp...
http://support.microsoft.com/default.aspx?scid=kb;en-us;826765

Thank heaven for help from people like You.

Andy

 

[Rob Oldfield]

Doesn't matter I'm afraid Andy. However you set the shift key bypass, the
objects within the mdb still have an owner of admin. If I go into a new
database (where I am, by default, admin and the owner of the "secured" db)
and hit file, import then there is absolutely nothing that can be done to
stop me getting at all of the objects within it. As I said before, it's a
comfort blanket.

 

[Andy]

Rob;

It looks like this MDB is going to be an ADP.

Worked too long on this to let some Munchkin come along and mess things up.

Thank You for helping me.

Andy

 

[Andy]

Hi;

Ran the Security Wizard.

It all ran correctly.

But it doesn't tell You how to open the DBase after it's been secured.

Searched Access Help, Searched MSSupport Center for Access, even used
Advanced Search.

Experience tells me that I'm not wording the search correctly.

Would someone be so kind and inform me how to open a "Secured" Dbase or
where to find the answer.

Thank You.
Andy

 

[Rob Oldfield]

You need to specify the workgroup information file to use. A couple of ways
to do it:

Run the workgroup administrator program wrkgadm.exe (in 2K, not sure if it's
been changed in later versions, but it'll be under program files\office
somewhere). This will show what your default mdw file is (when you're
playing, make sure you note where that is so you can switch back later) and
allow you to change it - generally to the one that you created while running
the wizard. If you do that then, from that point on, you'll be asked for a
username/pwd when you open an mdb.

The other way is to specify the mdw file in the command to open the db.
That would be something like:

"path\Msaccess.exe" "path\whatever.mdb" /wrkgrp "path\Secure.mdw"

I tend to use the second method as it allows for normal shortcuts for
standard access to unsecured dbs, with the secure.mdw only referenced when
it's needed.

Note that if a standard user goes into standard Access then, to reiterate,
they are the user 'admin'. They can only open any mdbs which allow the
admin user that right, which is why you generally remove the admin user as
part of the security wizard.

 

[Andy]

Rob;

Posted a new question: Protect MDB any MVP

It includes this and more details:

Went to his office yesterday to see this "Sophisticated" program. My friend
has A2K.
Launched Access, Clicked on File/Open. Selected the dbase's name. Held the
Shift key down and clicked the Open button.

The dbase opened but all of the qrys/frms/rpts were dimmed and when I right
clicked on the frms names the "Design" option was grayed and un-usable.
Even when the frms were imported into a new dbase You still couldn't get
into design view for those frms.

The database has an MDB extenstion, not MDE, not ADP, MDB.

Andy

 

[Douglas J Steele]

The file could have been renamed. Changing the extension from MDE to MDB
doesn't stop the file from being an MDE!

--
Doug Steele, Microsoft Access MVP

(no e-mails, please!)

Rob;

Posted a new question: Protect MDB any MVP

It includes this and more details:

Went to his office yesterday to see this "Sophisticated" program. My friend
has A2K.
Launched Access, Clicked on File/Open. Selected the dbase's name. Held the
Shift key down and clicked the Open button.

The dbase opened but all of the qrys/frms/rpts were dimmed and when I right
clicked on the frms names the "Design" option was grayed and un-usable.
Even when the frms were imported into a new dbase You still couldn't get
into design view for those frms.

The database has an MDB extenstion, not MDE, not ADP, MDB.

Andy

You need to specify the workgroup information file to use. A couple of ways
to do it:

Run the workgroup administrator program wrkgadm.exe (in 2K, not sure if it's
been changed in later versions, but it'll be under program files\office
somewhere). This will show what your default mdw file is (when you're
playing, make sure you note where that is so you can switch back later) and
allow you to change it - generally to the one that you created while running
the wizard. If you do that then, from that point on, you'll be asked

for

a
username/pwd when you open an mdb.

The other way is to specify the mdw file in the command to open the db.
That would be something like:

"path\Msaccess.exe" "path\whatever.mdb" /wrkgrp "path\Secure.mdw"

I tend to use the second method as it allows for normal shortcuts for
standard access to unsecured dbs, with the secure.mdw only referenced when
it's needed.

Note that if a standard user goes into standard Access then, to reiterate,
they are the user 'admin'. They can only open any mdbs which allow the
admin user that right, which is why you generally remove the admin user as
part of the security wizard.

Hi;

Ran the Security Wizard.

It all ran correctly.

But it doesn't tell You how to open the DBase after it's been secured.

Searched Access Help, Searched MSSupport Center for Access, even used
Advanced Search.

Experience tells me that I'm not wording the search correctly.

Would someone be so kind and inform me how to open a "Secured" Dbase or
where to find the answer.

Thank You.
Andy


Rob;

It looks like this MDB is going to be an ADP.

Worked too long on this to let some Munchkin come along and mess things
up.

Thank You for helping me.

Andy

Doesn't matter I'm afraid Andy. However you set the shift key bypass,
the
objects within the mdb still have an owner of admin. If I go into

a
new

database (where I am, by default, admin and the owner of the "secured"
db)
and hit file, import then there is absolutely nothing that can be done
to
stop me getting at all of the objects within it. As I said

before,
it's