Re: low permission cannot convert from A97 to A2000/2003

From: david epsom dot com dot au (david_at_epsomdotcomdotau)
Date: 08/02/04

• Next message: david epsom dot com dot au: "Re: Access 97 conversion rejection"
• Previous message: Chris Mills: "Re: A problem occured while microsoft access was communicating with ole server or activex control"
• In reply to: A C: "Q: low permission cannot convert from A97 to A2000/2003"
• Next in thread: dennis: "Q: low permission cannot convert from A97 to A2000/2003"
• Messages sorted by: [ date ] [ thread ]

Date: Mon, 2 Aug 2004 17:58:49 +1000

Delete is a separate permission. You can remove
delete permission and retain modify permission.

You need open exclusive permission on the database to
convert the database. 'database' permissions are
on the form as table/query permissions, but you have
to scroll UP in the combo box to see 'database'.

Convert might mess up any owner-permission queries
that you have.

(david)

"A C" <no@reply.please> wrote in message
news:ifjPc.7999$N77.399474@news.xtra.co.nz...
> Was meant to be a cross post (microsoft.public.access.security) but didnt,
> sorry. I will copy all replies into the other group.
>
> Hi
>
> I have a situation where our "master operator" (admin permissions) only
has
> A97, but the database is sent out and used by contractors (user
permissions)
> who use A2000+. The privileges are causing conversion problems, and I
need
> either a solution or a good work-around.
>
> Privileges are not being used for security reasons, the data is not
> particularly sensitive. It is being used for application functionality
and
> data integrity reasons, such as deleting records. The security is to
> prevent accidents.
>
> The admin user has full privileges. The users group are not meant to
delete
> any records, and have a couple of tables they are not meant to view.
> Pragmatically however it is only the deletion of records that is something
> we really really want to keep, we would be happy enough to consider just
> hiding the other tables and leaving it at that. Once the contractor has
> edited/added the data they export only those tables into text file which
the
> master operator imports back into A97 - so basically if they stuff out the
> tables they are not meant to see then it is not a disaster as we dont care
> as we wont be importing those files from them, and the contractor will be
> getting a brand new version from us each time they go out anyway.
>
> Not deleting data means not allowing the user permission to modify table
> design, it is not possible to set up permissions to allow table
modification
> but prevent record deletion (correct?).
>
> The problem we are having is converting the database from A97 to 2000+.
The
> master cannot do it as they dont have anything other than A97. So the
idea
> is to give the contractor the A97 database and have them convert it to
their
> Access. But the contractor/user cannot do it either because their
> permissions prevent them from doing so.
>
> So what can we do? All help greatly appreciated.
>
>
> So far I have come up with the following ideas, comments on any of them
> would be good too:
>
> 1. Ignore record deletion permission. Pros - can ignore permissions
> basically. Cons - really undesirable
>
> 2. Have 2 user logins both with admin privileges. Use code on startup to
> adjust the permissions of the "user admin". Pros - should work. Cons -
> lots of coding (and learning on my behalf!) to do, not sure adjustments
are
> permanent or single session, basically defeats the purpose and niceties of
> using security in the first place, probably unworkable idea
>
> 3. Have 3 user logins. Admin and Admin_Convert = full admin privileges,
> Userxx = user privileges (no delete records etc). When logging in detect
> the user id and if Admin_Convert then post a message saying that
conversion
> has been done and exit Access. Only the master operator should know the
> Admin user password, so only the users will be using Admin_Convert or
Userxx
> ids. If the user opens up the A97 database with Userxxx they will not be
> able to convert the database and will get a message to that effect. That
> will remind them that it is new and they need to initially logon using the
> convert login. If the user opens up the (unconverted) A97 with the user
> Admin_Convert then it has admin privileges so will convert properly, and
> then will quit (eg put quit in autoexec, or on the splash screen etc).
They
> can then login using the regular user id. If they try and relogin using
> Admin_Convert it will just keep quitting on them so even though it has
admin
> priv it is basically useless to them.
> Pros: might work. Cons: very insecure, easy for someone to get access
using
> Admin_Convert simply by either stopping the quit happening or by
connecting
> remotely to that database with that login.
>
>
> Thanks in advance
> A
>
>
>

• Next message: david epsom dot com dot au: "Re: Access 97 conversion rejection"
• Previous message: Chris Mills: "Re: A problem occured while microsoft access was communicating with ole server or activex control"
• In reply to: A C: "Q: low permission cannot convert from A97 to A2000/2003"
• Next in thread: dennis: "Q: low permission cannot convert from A97 to A2000/2003"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint