Re: User Level Security Malfunction
- From: "Rick Brandt" <rickbrandt2@xxxxxxxxxxx>
- Date: Thu, 7 Feb 2008 07:56:22 -0600
mikeycan wrote:
That is just my dilemma. According to the User and Group Permissions
menu, the Users group has no rights to open the database, and it also
shows that my personal User ID is the owner of the database (as well
as, all the objects individually). So again, I don't understand why
the default system.mdw will allow the database to be opened. But
bottom line, can I fix it?
I can only suggest finding one of the on-line explicit step by step instructions
for securing a file and starting over with one of those. It is too easy to miss
a step otherwise. On those rare occassions where I create a secured file I do
it the sort of the other way around. I first create a blank secured file that I
verify cannot be opened except with my workgroup file and THEN I build my app
with it. I just did this excercise last night and it worked for me.
Create workgroup and join it.
(close and re-open Access (use any file you like)
Create new user, and place in Admins group
Remove Admin from Admins group
Give Admin a password
(close and re-open Access as new user)
Create new blank file
(it will be owned by my new user since he just created it).
Give new user a password
Remove all permissions to database object from Admin
Remove all permissions to "new" objects (every type) from Admin
Remove all permissions to database object from Users group
Remove all permissions to "new" objects (every type) from Users group
(notice you only have to do this for the "new" object of each type since no
objects exist yet)
I should now find that if I close and reopen as Admin that I cannot open the
blank file. I should also find that if I rejoin System.mdw that I cannot open
the blank file.
Now that I have a properly secured file I can create objects in it. Since Admin
and Users have no permissions to "new" objects, anything I add will
automatically be an object that they have no permissions to. This also applies
to objects that are imported so I can now import all of the objects from an
existing file into this new secured file and all of those objects should be
locked down with respect to Admin and Users. Then I should be able to create
more users and groups and assign permissions as desired.
What I like about this procedure is that I don't waste time creating groups and
users and assigning permissions until after I have established that my file is
correctly secured. Another thing you can do with this method is take the
secured blank file and before you put any objects in it you can make a copy and
call that your secured template file. Any time you want another secured file
that will use the same workgroup you just copy the template file and off you go.
--
Rick Brandt, Microsoft Access MVP
Email (as appropriate) to...
RBrandt at Hunter dot com
.
- Follow-Ups:
- Re: User Level Security Malfunction
- From: mikeycan
- Re: User Level Security Malfunction
- References:
- User Level Security Malfunction
- From: mikeycan
- RE: User Level Security Malfunction
- From: Olduke
- RE: User Level Security Malfunction
- From: mikeycan
- Re: User Level Security Malfunction
- From: Rick Brandt
- User Level Security Malfunction
- Prev by Date: Re: User Level Security Malfunction
- Next by Date: Re: User Level Security Malfunction
- Previous by thread: Re: User Level Security Malfunction
- Next by thread: Re: User Level Security Malfunction
- Index(es):
Relevant Pages
|
|
