General :: Securing And Maintaining A Stand-alone Unsecured Db?
Dec 3, 2012
I have an application that is used by individual teachers to generate reports for central admin. It is not secured except I have locked out access to all objects, Navigation pane is hidden, etc to protect the integrity of the tool. I must also maintain this as changes are propagated. I am trying to find a way to upgrade forms, functions, queries, etc without manually having to unlock and relock every db for each school site when changes are required. I have tried importing and exporting from a master db, turning objects on and off by recognizing my password, splitting code and data (db's are on flash drives and path changes every time they are inserted, many teachers cannot handle refreshing table links), I have tried writing code to import the changes at next startup, etc. It is written on Access 2003.
I'm trying to secure my database so users can't edit tables, forms, reports, queries, etc.I'm splitting the database, making an ACCDE for users:
1. I inserted code to disable the bypass key. 2. I inserted code to hide the Quick Access Toolbar (QAT) in the On_Load sub of the form that opens with the DB. 3. Deselect Navigation Pane, Allow Full Menus and Allow Default Shortcut Menus are deselected 4. Then, I use the immediate window to show the QAT, I then create an ACCDE.
How do I link this ACCDE with the original ACCDB? Am I supposed to delete tables from the front end and link the forms/reports to the back end DB?
I'd like to secure my frontend by disabling access to the linked tables, queries etc. I thought converting to .accde would do this but apparently not. Is there a way that this can be achieved?
I am aware that I can disbale the ribbons etc but they can all be turned back on using the options menu.
I've made a few databases in the past for an engineering test facility with some (limited) success. Recently we purchased a time sheet program that works as a stand alone program, but uses Microsoft Access to operate. Everything is table driven and there are filters and all the good stuff from Access, but it's a seperate program - I don't have to open Access to run this program. This would be great if I could make database programs that could run on their own, so to speak. Any chance one of you could point me in the right direction on how to learn to do that kind of thing? Do you need stand-alone Visual Basic or can I make the program within the limitations of Access? I have both so it doesn't really matter, but outisde of VBA within Office products, I'm a programming noob. Thanks in advance.
Hello. I have tried using the search function on the board but I cannot find an answer.
Is it possible to create an executable program to run the database?
I would like to have a computer that does not have Access installed, to be able to load and run the user interface that allows them to manipulate the database, as well as write to it. It doesn't matter if the tables are encrypted or not.
Thanks for your time.
EDIT: It appears that after writing this post, I realized I hadn't used the search term "executable." I found an answer here (http://www.access-programmers.co.uk/forums/showpost.php?p=586646&postcount=2).
I have just upgraded to office 2007 and was wondering if it was possible to make my access database into a stand alone application so users cannot edit it?
Using the MDE-menu function in MS Access it returns an error. MS Access is not able to make a MDE-file of my database. I prefer to make a runtime of my database, but surfing the internet I can not find a way to do this. Can you give me directions for this?
Some time ago I saw a presentation of access 2007. It got me very enthousiastic. But before I start working with it I want to know if it is possible to deploy Stand alone applications I am gonna build in Access 2007? And how???
How can I turn my DB into an Executable file, or "stand alone"...Id like to have the end users when opening the DB see only the forms and reports without the Access Background.
I've set up a database for product tracking. It is going to be used by several users at one time. I'm going to implement it in stages as inevitably there is going to be some fine tuning to be done etc. I have a few questions with regards to editing.
1, I presume that I cant alter the database while it is being accessed by others?
2, Is it better to alter another copy of the database and the import the data being generated and then copy it to back the server in one go?
3, If so how do i do this as I’ve had a trial go and failed miserably?
4, Is there another way of doing this minimising the down time of the database?
Being relatively new to access your help would be gratefully appreciated.
I am creating a database for a company that sells a product with a variety of options.
They have all their previous orders in a works spreadsheet file. Each customer has their own file with every order for the past 15 years. There are probably about 1.5 million records.
The company wants all those 1.5 million records accessible in their access database.
I've brought in about 20 records for the history and they can run a query to see a customer's past orders by their account number.
My question: Should I put all the history into one gigantic table or would it be best to try and create separate tables for the history? (Maybe history by state.)
The history table then will take the new orders each year and add to that table.
(Eventually, once the database gets done I'm thinking we'll have to step up to SQL but not sure.)
I have an issue using the Simple Query Wizard in Access.
I am attempting to Group by the field 'HouseName' and to group by the Max 'Area'. However I also want to retrieve from the query the County which is associated with this.
I have included a sample table below. I wish for my output table to be as follows;
HouseName: County: Area: Park 1 A 100 Park 2 C 78 Park 3 A 70
(Where Park 1 is HouseName attribute, A is County attribute and 100 is Area attribute)
Sample Input Table:
HouseName: County: Area: Park 1 A 100 Park 1 B 60 Park 1 A 85 Park 2 C 78 Park 2 D 34 Park 3 A 70
In SQL View my query looks like this;
SELECT TableExample.[HouseName], Max(TableExample.Area) AS MaxOfArea FROM TableExample GROUP BY Table.[HouseName];
i inherited a database created i believe in access 2000 everytime i need to update a report or what not i must find a machine runnning 2000 how do i go about working on this database with access 2003
Hello. I have just started work at a new company and have been asked to 'Network' 5 different DB's to enable multiple users (around 5) simultaneous access (Dept A - DBa / Dept B - DBb etc.....) Currently if User A accesses the DB User B gets read only access.
I have googled and also searched forum + read some posts here but have failed to answer my questions (Spilt Database / FE BE??).
I have also played with a copy of an existing DB to add security by way of Security Groups (Managed this!!).
A desktop shortcut was created:
"C:Program FilesMicrosoft OfficeOFFICE11MSACCESS.EXE" "C:Documents and SettingsPhilip HoranMy DocumentsAccessFE BEFE BE.mdb" /WRKGRP "C:Documents and SettingsPhilip HoranMy DocumentsAccessFE BESecurity.mdw"
Could I move files and manually amend to a unc path? Advice, links to answers very much appreciated. Kind Regards, Phil.
I have a form with a "WorkerID" field. Once the worker enters his ID once, I want the same ID to show up for all the subsequent records so that he doesn't have to type it over and over again. Is there any way to do this? Sorry if I sound totally new to this (I am)!
How do I maintain referential integrity between a main form and a subform, each based upon different (but joined with integrity enforced) table?
Here's the situation: I have two tables: tblContracts and tblPayments. tblContracts has an autonumber field called IDKey as its primary key. tblPayments also has an IDKey field (Integer datatype). The two tables are linked in a one-to-many relationship on the field IDKey with referential integrity enforced.
I have a main form based upon tblContracts (the "one" side of the relationship) that has an embedded subform based upon tblPayments. the two forms are linked Parent/Child on the IDKey field.
Here's the problem: If a user goes to a new record in the main form, it allows them to enter information in the subform without entering information in the main form. This means that a new record (and its corresponding autonumber IDKey field value) does not get generated in tblContracts and I have an orphan record in tblPayments that is not linked to any record in tblContracts - which violates the referential integrity that is supposedly enforced between the two tables.
Any guidance on how to deal with this would be greatly appreciated.
I have a table for logging experience for employees related to a given requirement.
The requirement is that any employee, to maintain proficiency ("be current") , must maintain an event count of minimum 5 within last 3 months. Or else the employee is not current and other measures must be taken.
I want to know when the currency expires for each employee (= at which date does the employee no longer have a count of minimum 5 within last 3 months).
I need to create buyer and seller invoices within my access 2003 databases, my sister in law runs an antiques auction house and I'm working on a database to capture all their information.
I've created a 2 queries (a buyer invoice and seller invoice), show all unsettled items with the relevant item information and fee's.
However, I would like it to automatically allocate an invoice number, and store the information back to a table (seller and buyer ID, total number of items on the invoice, total fee etc)
I'd like store the invoices as well, so within the customer record form, I can include a box showing a list of the buyer invoices on one side and seller invoices in another (not all customers are buyers and sellers).
Once I've issued an invoice, can I automate it to show that item as then as invoiced?
Can the invoices be editable at all?
When they come in and settle their account, I also need to feed this information back in as well.
Can i arrange an invoice for seller's particularly, to show all sold items, and the fee's associated with them
Returned items as well as any associated fee's with them?
I have been looking at the Northwind example.
I see how they have an orders details table and orders table, I could replicate this.
I could have an Buyers Invoice table and Buyers Invoice Details table, but how do I generate an invoice, pull the next Invoice number from my (currently blank) invoice table, and pull in the outstanding items for that buyer for that specific auction date (I have a query), and then populate back information from the invoice?
I like the fact that their order form is editable, do any changes go back to the query, that then populate the invoice when you click print invoice?
I need to be able to (at the end of the auction) pull all items from my item log, for that buyer, and print them an invoice, automatically saving all the invoice details back into my database.
I need be able to automatically flag the items in my items table, as invoiced and pull the invoice number in?
I can see how all the Northwind tables, queries, and forms relate to each other and subforms, but I'm not sure how to actually create an invoice, get invoice number, merge with my query, and then feedback in.
I am trying to make a basic database system to track orders and contacts and the like for my small business. I have created a series of databases that look pretty standard, something like this example:
I want to create a form that I will open and complete every time I process an order. I want to fill out both the customer info and the order details at one time.
Assuming that the "CustomerID" in the "Customers" table is set to Autonumber in order to create a unique ID, how do I keep from creating multiple new "customers" every time I enter a new order regardless of whether or not that customer already has an ID number from a prior order?
It seems that I would need to make some sort of Macro that would say something like, if the "CompanyName" entered is already listed in the 'Customer' table, use the existing CustomerID, if it is not listed in the Customer table create a new CustomerID.
Should I be looking into Macros, and if so should the macro be built into the form or the database?
I have two questions. All of my experience has been in Access 2003. My work just upgraded to 2007. I am ready to secure a database that I have now converted to a 2007.
1. Is it possible to set the db to open as read only for everyone on staff except for a few people?
2. How do I set security levels where some can view all tables and others can only view specific tables?
For example, I only want 2 people to be able to modify any data. And I don't want anyone to view the accounts receivables, but they need to see other data on the customers.
As I promised earlier, here is my suggestion to secure an MS-Access database. The explanation below is applicable for MS-Access 2000 and XP versions, I haven't tested it on Access 2003.
This way of securing a database is a bit different from the one I posted earlier, but more secure.
Disclaimer: This explanation of securing a database is based on MY experineces. I mean I've been doing it in this way, and it worked OK for me. I DO NOT say that there is no other method of securing a database. I will NOT take responsibility for any problems caused by securing your databases either in this or in any other way. Use this guide on your own risk.
Pre-reading notice: Menu paths and commands may be different in the English version of MS-Access. I use Hungarian MS-Access, but I am doing my best to remember (or translate to) the English menus and commands. Where I'm in doubt about the exact English menu path or command and there are more than one possible translations, I enclose the alternative between parentheses. Menu paths are indicated like this: File -> Get external data -> Import... Command buttons are indicated like this: <OK>
To secure a database: 1. close the database you want to secure. BEFORE closing it: - If a database password is set, then clear it. - If the VB Project is protected then unprotect it. To unprotect the VB Project go to Tools -> [project_name] options... in VB Editor and click the Protection tab. Remove the tick from the 'Lock Project from viewing' check box and clear the password. 2. CREATE a new blank database; 3. Check and make a note of the path of the default Workgroup Information File (.mdw). - to do this, go to Tools -> Security -> Workgroup Administrator, and read the file path indicated. 4. create a new .mdw file using the Workgroup Administrator, and stay joined to it. - to create a new Workgroup Information File go to Tools -> Security -> Workgroup Administrator, and click <Create...>. Provide the required information, click <OK>, click <Browse...>, and type a name. - I usually use the name of my database which I want to secure. - Note: if you wish your .mdw file to be unique, then you need to provide a workgroup code. - If you provide a workgroup code, it's strongly recommended to make a note of and keep it in a safe place. Should the the .mdw file be lost, you will need this information to create the "same" .mdw file. 5. create a User with your logon name and put this user to the group called 'Admins'; - to create a new user go to Tools -> Security -> User and Group accounts... Click <New...> on the Users tab. Type a logon name, and a PID. - Note: users are identified by their PID, not by their logon name. Anytime you create a user, it's strongly recommended to make a note of the PID and keep it in a safe place. Should the the .mdw file be lost, you will need the PIDs to create the same users in a new .mdw file. - It's enough to create a user account for yourself. You can create the other users' after the whole process. - Don't forget to put yourself into the 'Admins' group. 6. Create a password for the default Admin user (which you are at the moment). - To enforce users to provide a logon name and a password, you need to set a password for the default Admin user. If the default Admin user has a blank password (in other words: no password set for it), then Access automatically starts with the default Admin user, and does not require user authentication. - To create a password for the default Admin user, go to Tools -> Security -> User and Group accounts... and select the Change Password tab. Leave the Current Password blank, then type & confirm the new password. - The default Admin user does not need a difficult password, because this user will not have any permission on the secured database at the end. We need the password only to enforce user authentication. 7. Close the database. 8. CREATE an OTHER new blank database. - If a password has been set for the default Admin user, it will prompt for a password. - Delete the "Admin" and type the user name you just created. NO PASSWORD REQUIRED for this user, so just click <OK>. - From now on, you are logged on as the user that you've just created. Note: if you haven't put this user into the Admins group, you won't be able to continue. - IMPORTANT NOTICE: the reason of creating an other blank database instead of just doing the whole process WITHIN the database to be secured, is that the only way to take the ownership of a 'Database' object is to create it as YOU, and not as the default Admin user. As I experineced, 'Database' ownership CANNOT BE TAKEN AWAY from the creator of the 'Database' object. 9. Go to Tools -> Security -> User and Group accounts... and REMOVE the user 'Admin' from the 'Admins' group. - Clck Users tab, and select 'Admin' from the drop-down list. Select 'Admins' in the list box 'Member' ('Member of'), and click <Remove>. - If you haven't added the new user to the Admins group, then you won't be able to remove the default Admin user from the Admins group because Access will not let you to have no users in the Admins group. At least one user must be in Admins group. - If you can remove the default Admin user from the Admins group, then, from now on, you are the only user with administrative permissions for this database and in this .mdw file. 10. Set a password for yourself. - How? See point 6. - Memorize your password, because it can only be retrieved by using certain Password Recovery processes and softwares. As far as I know, there is NO WAY to retrieve a password via VBA or MS-Access for a normal user, it needs someone with deep hacking knowledge... 11. Import all objects from your database that you want to secure. - Go to File -> Get external data -> Import..., and browse to your database. - Select ALL objects: tables, queries, forms, reports, macros and modules, and click <Import>. - If you haven't unprotect the VB Project, it WILL NOT import any VB code even behind the forms. - From now on, the owner of the 'Database' object and all tables, queries etc. is YOU. 12. Run User Level Security wizard and make the permission settings. - It's recommended to select all objects and grant only data modification rights to the 'Users' group. - After running the wizard, it's recommended to restrict all rights of the default Admin user manually. This will ensure that if your database is opened with the default system.mdw file (which is automatically created when MS-Access is being installed), then the default Admin user will not have any permission to any data or object. 13. Join to the default Workgroup Information File, and close the database. - to do this, go to Tools -> Security -> Workgroup Administrator, and click <Join...>, click <Browse...> and navigate to the default .mdw file you've hopefully made a note of.
After this process, if you just open your secured database then you will open it as the default Admin user. It will not require a password, because in the default .mdw file, the Admin user does not have a password. And, if you've restricted all permissions of the deafault Admin user, you won't be able to make any data or design modifications, and even open any objects. The reason of it is that the default Admin user's PID is the same in all .mdw files. The default Admin user is automatically created when you create a new .mdw file. The default Admin user also CANNOT BE deleted. The default Admin user uses the same PID everywhere, so regardless of how many .mdw files you have on your system, Admin user logically is the same for all databases.
So then how to open your secured database? You need to use the .mdw file you created. So open your database with the /wrkgrp switcher. Create a shortcut and use this in the Target field:
If you open your secured database in this way, then it will require a password (of course, because the default Admin user in your .mdw file has a password). Log on as yourself, and you now can add other users.
NOTE VERY CAREFULLY: 1. BEFORE starting the whole process ALWAYS make at least one backup copy of your unsecured database. 2. NEVER delete this backup copy UNLESS you're ABSOLUTELY SURE that everything is approved and tested and IS WORKING OK in your secured database. 3. DO NOT LET anyone to make any changes in data or design in your backup copy until you're absolutely sure that everything is working OK. Otherwise your backup copy will not be anymore a clone of your database.
Other notice: I've been blocked out from my own databases many times while I was searching for a right way of securing. Unfortunately, HELP provides a likely poor aid.
If you encounter problems, I'll do my best to help you as my time allows me to.
I kindly ask the members that feel themselves more or less experienced to make a test and post any notes/suggestions/bugs/mistakes to this thread, PLEASE.
REMEMBER: IF YOU HAVE A BACKUP COPY YOU WON'T GET TROUBLE.
This is my 2nd thread on the topic...I've searched the forums....
I have a database. It is on the shared folder on the server. I ran the security wizard and created a shortcut. On my machine it works perfectly...asks for a login, has a couple user groups etc...
When I run it off the server though, the shortcut doesn't work....refers to files on my machine?? and the database is unsecured.
Do I have to run the security wizard on every machine? Do I need to run the security wizard from the server? Or do I even need to run the security wizard at all??? My 2-day access course is failing me miserably...
I have just put together a small database, and have used the user-level security wizzard to set up groups so i can restrict access to the database.
I have also been through all the user and group permissions and tried to set the security up so that the data entry staff can enter data but not change any of the forms or queries.
This is where i am hitting the wall.... although i have set up this protection, when i access the database under the staff name and password I am still able to view the forms and queries in design view and change them.
Can someone plaese point out where I am going wrong
Have created a database that will be placed on a shared drive, giving access to others to add, delete, modify records. That aspect of it is fine -- but how to I prevent someone from deleting a field?
I've been using MS Access 2007 for years to manage some Excel data. running some queries etc. Just recently I've been encountering problems when importing data into an existing table. When I do it now, I get a "Subscript out of Range" error. To troubleshoot, I imported into a new table and when doing so, the fields no longer match the column order of the spreadsheet. They all get imported but appears in a different order. I think this is why I am getting the error message. How can I go about ensuring that the data gets imported properly into my already existing table? My fields in "Design View" will match the order of the Columns in the Excel spreadsheet.
