Re: User access on a company intranet
- From: "Joan Wild" <jwild@xxxxxxxxxxxxxxxx>
- Date: Mon, 22 May 2006 11:04:17 -0400
It's good that groups have permissions, but does the 'Users Group' have any
permissions?
If you really want to start over, you should find a file in the same folder
as the mdb, but with a bak extension.
You can rename your secure mdw and your mdb, and then rename the bak file to
have a mdb extension. This is an unsecured copy of your mdb, and you can
start over with it.
--
Joan Wild
Microsoft Access MVP
Dan wrote:
I checked and none of the users have permissions, but the groups do.
Like the update group can read and update. Also, all tables,
queries, etc. list me as the owner. However, if I go to another
persons computer and open the database it showes unknown as the
owner. Is there any way to start over?
"Joan Wild" wrote:
OK, that's version 2002. When you open the mdb via the shortcut and
login as you, go to the Tools, Security, Permissions dialog and
select the Users Group. Check that it doesn't have any permissions
on any object.
Click on the Ownership tab, and verify that 'Admin' does not own
anything.
--
Joan Wild
Microsoft Access MVP
Dan wrote:
I believe at work we are using a the verison prior to 2003. When
the screen came up for permissions I did not do anything on it. I
did assgn my user to groups, some to an update group and to a data
entry grounp.
"Joan Wild" wrote:
I will assume you are using Access 2003? If someone is getting in
without providing a username/password, it's possible that you
assigned permissions to the 'Users' Group during the steps of the
wizard - is that so?
--
Joan Wild
Microsoft Access MVP
Dan wrote:
I assigned each user a unique password "ex: sunset" for each user.
I also used the security wizard to do this so I don't know how I
missed a step.
"Joan Wild" wrote:
Dan wrote:
I have set user level security up on the database used by my
department, which I'm the owner of all the tables, queries,
etc.. I have given everyone in my department a user name,
assigned them to groups and gave each a password.
How did you give each a password? I'm asking because I suspect
you think the PID you assigned to the username is a password, it
isn't.
While the security works on my
computer others in my department who access the database through
the server are not prompted for their user name or password.
While other are not allowed access because they do not have
permission. What have I done wrong? Does the security in Access
only work on stand alone computers? Does it work when the
database is on the server?
It does work on shared databases. You've missed a step in
securing it if someone is able to open it without
username/password (i.e. they're likely using the default
system.mdw workgroup file). They are being silently logged in
as 'Admin', and they shouldn't even be able to open the mdb as
this user.
Security is complex, and you need to ensure you follow every
step. Missing one step, or doing things out of order can result
in an unsecure mdb. Security FAQ
http://support.microsoft.com/?id=207793
Security Whitepaper
http://support.microsoft.com/?id=148555
Although the whitepaper is old, it contains information to help
you understand security.
I've also outlined the detailed steps at
www.jmwild.com/AccessSecurity.htm
--
Joan Wild
Microsoft Access MVP
.
- Follow-Ups:
- Re: User access on a company intranet
- From: Dan
- Re: User access on a company intranet
- References:
- Re: User access on a company intranet
- From: Joan Wild
- Re: User access on a company intranet
- From: Joan Wild
- Re: User access on a company intranet
- From: Dan
- Re: User access on a company intranet
- From: Joan Wild
- Re: User access on a company intranet
- From: Dan
- Re: User access on a company intranet
- Prev by Date: Re: Macro Sercurity
- Next by Date: Re: Front End Linked Tables Aren't Secured
- Previous by thread: Re: User access on a company intranet
- Next by thread: Re: User access on a company intranet
- Index(es):
Relevant Pages
|
Loading
