Re: security for 100+ user and dbs without having to signin

---

• From: "Graham Wideman [Visio MVP]" <checkforrealaddress@xxxxxxxxxxxxxxxxx>
• Date: Fri, 7 Oct 2005 01:26:36 -0700

---

Minor clarification/addition:

The key problem is that:

a) The owner of a DB can always give themselves permissions.

b) The owner is the user who created the DB. If the DB was created
by someone unaware of security, then likely they were logged in as
the default user "Admin".

c) You can't change the owner of the DB.

....hence the usual advice to establish a new user,
then use that user to create a new DB, then import all existing objects
to the new DB. Etc. And in your case, times 100.


Graham


--
---------------------------------------------------
Graham Wideman
Microsoft Visio MVP
---------------------------------------------------
Book/Tools:
Visio 2003 Developer's Survival Pack
Resources for programmable diagramming at:
http://www.diagramantics.com


"david epsom dot com dot au" <david@epsomdotcomdotau> wrote in message
news:ODXpMChyFHA.156@xxxxxxxxxxxxxxxxxxxxxxx
> The correct method is to replace each of these
> databases with a secured database, where the
> default user has limited permission.
>
> However there is also an incorrect way: in each
> database remove all unnecessary permissions from
> the default user.
>
> If you do it the incorrect way, the default
> user will still be able to go back into the
> database and restore all permissions. (Because
> you can't actually remove the right of the
> default user to administer permissions unless you
> create a new database)
>
> 1) Unless you follow the documented steps mechanically,
> you will probably do it the incorrect way: if you
> want it to be right, you should follow the documented
> steps mechanically.
>
> 2) It might not matter: are your users going to
> go in and restore their "write" permissions on
> the tables?
>
> 3) It might even be better: if you don't secure
> this stuff properly, you don't really have to worry
> about documentation and succession planning.
>
> Note: the default user is the user called "admin"
> by default, the default user has no password, and
> by default the default user is the owner of all of
> your databases.
>
> "Joelle921" <joelle921@xxxxxxxxxxx> wrote in message
> news:1128530799.198178.52780@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>>I am charged with securing 100+ dbs which are used by 100+ users - most
>> dbs are reporting only and don't require any user data-entry so they
>> can be ReadOnly.
>>
>> Currently all users default to Admin and don't use (or want to use)
>> ids/passwords to signon. What I'd like to do is limit the security for
>> Admin and setup a new group - SuperUser - which would then have
>> unlimited security to all dbs. So only if I (or another administrator)
>> logs on a SuperUser will the db allow full authority.Is this possible??
>>
>> Is there any other way to limit security to all other users without
>> forcing them to sign on each time??
>>
>> Can I create a group EndUser and force the id/password thru each time
>> they click to open a db from the front-end menu - ie in the Shell
>> statement - tho there would be an issue if they open the db anyway
>> other than thru the menu - they'd have to manually enter the
>> id/password
>>
>> Can all users have the same id/password so I dont' have to manage 100+
>>
>> PS - I'm currently forcing the db open as ReadOnly thru the menu but if
>> they dont' use the front-end menu it opens with Full-access and the
>> powers-that-be aren't satisfied
>>
>> Call Shell("""C:\program files\microsoft office\office11\msaccess.exe""
>> \\accpost\agreements\agrmnt.mdb /ro", 1)
>>
>>
>> thanks
>>
>
>


.

---

• References:
  • security for 100+ user and dbs without having to signin
    • From: Joelle921
  • Re: security for 100+ user and dbs without having to signin
    • From: david epsom dot com dot au

• Prev by Date: Re: Remote Site MDW Problems
• Next by Date: Re: Location of Workgroup administrator in Office 2002
• Previous by thread: Re: security for 100+ user and dbs without having to signin
• Next by thread: Re: Who deleted Records?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Creating security for MS Access application ... I wanted to create user ids and grant permissions based on user ids. ... You've not properly secured your database if that's the case. ... of User Level Security before mucking around with it too much more. ... with instructions on how to properly secure a database without the Security Wizard: ... (microsoft.public.access.security) Re: A note to add to ASPFAQ.com for database compacting ... I set the database directory permission to give full access to ... then checked "Allow inheritable permissions from parent to ... Thus your problem is that you have to high of security set ... > the files needed and also a compact & repair operation will not cause ... (microsoft.public.inetserver.asp.db) Sorting out security ... MS Access security. ... created a new workgroup, added a password for the Admin role, added groups, ... user IDs and passwords for users and allocated permissions on the ... remote logins to a secured database. ... (microsoft.public.access.security) RE: Security setup does not allow import of tables ... When you click on the menu option Tools> Security> User and Group ... Permissions at the bottom of the screen does it show you logged in as the ... | new system database that has a unique Name, Organization, ... In the User and Group Accounts dialog box, ... (microsoft.public.access.security) Re: Access db accessibility (permissions??) ... if you have not then your computers are workgrouped, security becomes a bit ... password when you first login to your database. ... > folder and then delete it. ... So the permissions are RWED on that folder. ... (microsoft.public.access.security)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Access  > microsoft.public.access.security  > 2005-10