Re: User access on a company intranet

I believe at work we are using a the verison prior to 2003. When the screen
came up for permissions I did not do anything on it. I did assgn my user to
groups, some to an update group and to a data entry grounp.

"Joan Wild" wrote:

I will assume you are using Access 2003? If someone is getting in without
providing a username/password, it's possible that you assigned permissions
to the 'Users' Group during the steps of the wizard - is that so?

--
Joan Wild
Microsoft Access MVP

Dan wrote:
I assigned each user a unique password "ex: sunset" for each user. I
also used the security wizard to do this so I don't know how I missed
a step.

"Joan Wild" wrote:

Dan wrote:
I have set user level security up on the database used by my
department, which I'm the owner of all the tables, queries, etc.. I
have given everyone in my department a user name, assigned them to
groups and gave each a password.

How did you give each a password? I'm asking because I suspect you
think the PID you assigned to the username is a password, it isn't.

While the security works on my
computer others in my department who access the database through the
server are not prompted for their user name or password. While
other are not allowed access because they do not have permission.
What have I done wrong? Does the security in Access only work on
stand alone computers? Does it work when the database is on the
server?

It does work on shared databases. You've missed a step in securing
it if someone is able to open it without username/password (i.e.
they're likely using the default system.mdw workgroup file). They
are being silently logged in as 'Admin', and they shouldn't even be
able to open the mdb as this user.

Security is complex, and you need to ensure you follow every step.
Missing one step, or doing things out of order can result in an
unsecure mdb. Security FAQ
http://support.microsoft.com/?id=207793

Security Whitepaper
http://support.microsoft.com/?id=148555

Although the whitepaper is old, it contains information to help you
understand security.

I've also outlined the detailed steps at
www.jmwild.com/AccessSecurity.htm


--
Joan Wild
Microsoft Access MVP



.

Relevant Pages

  • Re: More security questions
    ... Joan Wild ... Microsoft Access MVP ... have permissions to do anything. ... Usernames/passwords/group membership are stored in the mdw. ...
    (microsoft.public.access.security)
  • Re: More security questions
    ... this thread your question was seen for sure by Joan Wild and Lynn Trapp. ... have permissions to do anything. ... Usernames/passwords/group membership are stored in the mdw. ... Microsoft Access MVP ...
    (microsoft.public.access.security)
  • Re: More security questions
    ... Joan Wild ... Microsoft Access MVP ... have permissions to do anything. ... Usernames/passwords/group membership are stored in the mdw. ...
    (microsoft.public.access.security)
  • Re: Front end, Back end, and restrictions on which Forms can open.
    ... Joan Wild wrote: ... ensuring that 'users' were granted no permissions (as i did when i was ... using the same method and selecting the same security file. ... it is secured but when I double click on the file, it still opens ...
    (microsoft.public.access.security)
  • Re: RWOP /table permissions question
    ... Look in the security FAQ. ... without them needing permissions on the tables. ... Microsoft Access MVP ... Now base all your SQL statements on these queries rather than ...
    (microsoft.public.access.security)