Re: user level security wizard

Joan,
Thank you again. I think I will build a dummy database and try to figure
this all out.

Thanks,
Debbie

"Joan Wild" wrote:

"Debbie S." <DebbieS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:7CFBA97B-3C7D-4158-80CD-85EE4AF96F0D@xxxxxxxxxxxxxxxx
Joan,
Thank you for your time and attention to my onslaught of questions.

In answer to your question:

My shortcut file path does not look anything like the one you outlined
(“path to msaccess.exe” “path to secure mdb”/wrkgrp “path to secure mdw”).

So what does it look like? That is the source of your problem.

When I click on the shortcut on the desktop, the error message box shows the
following path:

C:\DocumentsandSettings\system-username-here\MyDocuments\nameof-folder-containing-the-database-here\name-of-database-here\Se

Note: the name of the database in this shortcut was not the copy, it was the
original, which is even more confusing, because I did not do anything with
the original, all of this was done on the copy, which has the word “copy” in
the name of the database.

But the error message you got I thought was in reference to the mdw file, not the mdb. Therefore 'copy of' doesn't enter into it. Is the message really cut off like that? That too could be part of the problem. The target is just too long.

Then it says: This file is required for startup.

A few clarifying questions:

1) You said that every mdw file has two groups, Admins and Users. In
addition, you said that every mdw file has the admin user and the Users Group
in common. Do I understand correctly from this that you are making a
distinction between the Admin group and the Admin user.

Note that it's the Admins group not the Admin group (there's a 's').

Every mdw has two groups
Admins
Users
and one user
Admin
The Admin user and the Users Group is the same in every mdw file. The Admins Group however is different in different mdw files.

Furthermore, you said
that it is necessary to remove all permissions from the admin user and the
Users Group. Is this correct?

Yes, and the security wizard does this for you.

Lastly, is the admin user stored in the Admin
Group or the Users Group?

Every user (Admin included) is a member of the Users Group - you can't remove a user from the Users Group.

This is why when you secure a mdb, you want to remove permissions from the Users Group and the Admin user.

2) If it is necessary to remove all permissions from the Users Group, then
where in the wizard do you tell it who the users are, if not in the “users
group.”

During the wizard, you are given an opportunity to choose the groups you want. Then you create your users, and put them in the groups that you want.

This is the disadvantage of using a wizard, when you don't understand what it is doing. All the wizard does is a series of steps for you. Everything it does, you could do yourself manually (and perhaps in doing so, you'd understand better).

3) If I understood you correctly regarding front end/back end, then you are
saying that the back end needs to be on the server or in the shared drive
folder, so that changes made in the front end copies that are on individual
PC’s will automatically be saved in the back end. Is that correct?

Yes

(Is there
a difference between putting a back end database file on a server versus a
shared drive folder on a network

same thing

—if in a shared drive folder, would the
individual front end copies have to be in the same folder, or would you have
to link each front end copy on each pc to the file path of the back end in
the shared folder? What I don’t understand is, if I put a back end copy in
the shared folder, how will I distribute the front end copies to each user,
and how will the front and back ends be linked if the front ends are on
individual pc’s and the back end is in a shared folder on the network?)

The best thing to do is:
1. put the backend in the shared folder on the network
2. open your copy of the frontend
3. Tools, Database Utilities, Linked table manager
4. Put a check in the box at the bottom, Select All, click OK
5. In the next dialog locate the backend by using My Network Places (don't find it via the mapped drive letter).

This will ensure that the table links use what's called the UNC path to the backend file.
Next copy your frontend mdb to the shared drive. Then copy from the shared drive to each person's computer. You won't have to relink, as the links in the frontend will still point to the correct location of the backend.


4) Regarding where to employ the user level access and permissions—do I
understand correctly that you would use the wizard on both the front end and
the back end, individually (making sure to put the same users and levels of
access as on both) ? Or if you employ the wizard just on the back end should
it automatically be saved on the front end? Or vice versa?

The users/groups would be the same for both. You'd just need to be sure that you use the same mdw file when you secure the backend. You'd open the frontend via the shortcut (once you get it working properly). Then hit Ctrl-O and open the backend. Then you can run the wizard, paying carefull attention to the information at each step - choose to modify the current workgroup file (don't create a new one).


5) I had asked if the windows user name becomes the “admin” because when I
was working through the wizard, I noticed that my user name (for my pc) has
been automatically included in the user group. (I think it was the user
group). I got the two confused; I understand now that there is a user called
admin. Is it typical for access to take your system user name and put it in
the users group automatically?

Yes
If so, do I want to put that user in a
different group (since I would be removing permissions from the User Group)
or do I just want to create a different user name for myself for this
database? If you work with several different databases, is it advisable to
use the same user name for your self in each one, or use different ones, or
does it not matter?

You don't need to create a different username. Yes the wizard picks up your Windows username as a username to put in the mdw. You'd want this user to be a member of the Admins Group, plus any other groups you choose.



.

Relevant Pages

  • Re: How can I stop people have access to my MS Access Tables and Queries via Import?
    ... My objective is to prevent an average user from being able to gain ... Can I password only the Admin leaving the Users with Full data ... 3.If I do manage to do 1) and 2) above can a user delete the MDW file ... to gain access to my database or will the database cease to function? ...
    (comp.databases.ms-access)
  • Re: user level security wizard
    ... But the error message you got I thought was in reference to the mdw file, ... you said that every mdw file has the admin user and the Users Group ... and the security wizard does this for you. ... the shared folder, how will I distribute the front end copies to each user, ...
    (microsoft.public.access.security)
  • Re: user level security wizard
    ... But the error message you got I thought was in reference to the mdw file, ... you said that every mdw file has the admin user and the Users Group ... and the security wizard does this for you. ... the shared folder, how will I distribute the front end copies to each user, ...
    (microsoft.public.access.security)
  • Copy secured database to include security
    ... What do I have to do to get a secured database to work on another computer? ... needed to set the security on both Front End and Backend. ... mdw file (Don't know if this is a good idea or not but wanted to keep files ... I then have an Admin ...
    (microsoft.public.access.security)
  • Re: Access security - is it just a joke?
    ... If the mdw file is available, the $12 software will hand you the ... the more expensive tool could remove the User Level Security ... Admin is recognized in access from ANY workgroup file. ... "Admin" your database is not secure. ...
    (microsoft.public.access.security)
Loading