How To Secure Passwords Stored On Access Or Implement Server Security Over Jet?
Nov 21, 2007
I'm not sure which is the better of two options-
My problem is I need to make it easy for my users by authenticating themselves once when they open the database. User-level security is adequate for that job, but when I need to use the authentication information for connection string, I'm a bit antsy about storing it somewhere in Access, as I understand that passwords shouldn't be stored in the database itself (and as far as I can tell, it's not even encrypted or hashed!)
I am wondering if converting it to MDE would be sufficient to encrypt the password or will it still be apparent using a hex editor? I also know that Jet can try to use its own security to authenicate to the back-end, but not sure what I need to do to prompt Jet to pass along the credentials.
Alternatively, would it be better to somehow implement login using backend's security model, if even possible?
I've create an ms access security workgroup and put .mdb and .mdw file to a folder under any acount on a server. When these files in my local machine it work properly. But when these files on server I myself cannot open .mdb file. How to make ms access security on a server ?
I have just started working with a team on a database that is available to everyone in this office. We have tried to lock it out and assign permissions by using workgroups, running security wizard, giving users no permissions, and deleting the Admin user, however none of this has sealed the database. The workgroup file is seperate folder on the server and the shortcut we make people use links to that workgroup. However Access is still defaulting to seperate workgroups on users personal computers. Is there anyway we can prevent this? Thanks.
I have created a database with multiple user and I have stored it on a file server. The remote users have been given read write permission on the server. However when the person opens the database it is read only. I have not to my knowledge made the file read only as I am able to work off the same file from the server. I made sure that no one was using the database when It was opened but it still comes up as read only. She is able to access the database and work in it but she is not able to modify anything and she does have permission within the database to do so.
I have created a stored procedure parameter query and using access created a report that runs the procedure and creates a report based on a parameter entered:
1) I wanted to know if I can specify a default paramter so if I do not input it returns all records?
2) Can I create a stored procedure so it asks for month, for example if I had a createdDate field of data type datetime and wanted to return records for a specific month?
I have a database that currently has security in place so that users input their own usernames and passwords to access the database. The users have recently been added to a windows 2000 server and I want to be able to use their windows 2000 server logon credentials to provide them with automatic access to the database. Is there anyone out there who knows how to set this up? It is a rather urgent request if you could get back to me either on this forum or via email
1.st Job: I have an access 2003 db. I want to implement barcode system to the DB in which I can print barcodes in any kind of barcode printer and also when imputing an order read data from barcode scanner etc.
2nd Job: I want to put access db to a server so I can view reports, forms, imput data and retrive data from internet explorer window (with a password).
I will give my DB to you so you can work on it. Please do the pricing seperate for each job.
Please PM or Reply if you have more than 500 posts. PLEASE RESPOND IF YOU REALLY KNOW HOW TO DO IT.
I'd like to know how to implement a pop-reminder that runs reminding the user of the database of :
1. some to-do actions for the current day or, for example, a week ahead of a certain event, that is related to some date previously entered in a table.
2. this should be within the access database.
3. I saw something like that in the [URL]... website, but actually couldn't understand it.
I've placed my database on our office server. The database has a security file attached to it and must be launched via a shortcut.
I've copied the shortcut on to the desktop of another machine, and when I launch the short cut, it prompts for the password and all that, but won't open the file. You get a message saying something like: "File is not on the Intranet or may not be from a trusted source. Could not open this file at this time."
is there a way i can use substitution variables in access 2007, i wrote a query that returns rows which have a word okeu in them but i want to use substitution variables so that i can retrieve any word i want and if the word i want is not there i want to pop a message saying word not there its easier to do it in oracle sqlplus but how can i apply it in access using sql queries? This is my sql i made in access
Code:
SELECT MENU.NAME_REC, MENU.C_REC, AUTO.C_GROUP FROM MENU, AUTO WHERE (((MENU.NAME_REC)="okeu"));
I am in need of some assistance regarding SQL Server ODBC links and security. This is for a project at work...
1) I have an MDB that has linked tables through ODBC to a SQL Server 2000 database. This is how I chose to write this multi-user application (instead of the ADP method).
2) My IT department created a user ID that the application will use to connect to the database. They chose this method instead of having to create many user accounts with varying permissions. I have programmed permissions within the application.
3) After linking the tables through ODBC, it defaults to my Windows User ID for the connection. Because of this, I have used a connection string with the application's User ID/Password and perform a RefreshLink on all linked table definitions on startup to ensure valid connection.
This is successful, but my IT department is seeing that another user is attempting access to the SQL Server database--the username in the LDB/MDW file! This is what I don't understand. If I open the database without going through workgroup security, the word "Admin" is passed and the authentication fails. If my users would login through the MDW file, their user IDs would be passed and again, authentication will fail as they are not valid users (only the application ID would be valid).
What is really going on here? :confused: How can I prevent the "Microsoft Access User ID" from being passed through the ODBC link?
Here is a sample of the connection string I'm using: Driver={SQL Server};Server=ServerName;PersistSecurityInfo=Yes; AnsiNPW=No;Database=DBName;Uid=Username;Pwd=Passwo rd;
I have Access 2003 in my computer and I have developed an application which I want to share with my co-workers. But they have only Access 2000. Since MDE is only in 2003, I had to convert my 2003 application to 2000. Is there a way to secure 2000 application? I dont want anyone to change my code or import or read my code..I am not sure what is possible..Could someone please tell me how I can do that?
I am kinda new to 2007 and have at the moment a simple database.
I want three things
A: Use the database on a server.
B: Restrict the use to users etc as i used to be a ble to do in Access 97 i think (do i have to make a MDW if so how ?) 9I tried ACCDE but does not seem to do anything)
C: When users use the datavase not see all the normal access editing stuf..
This morning I accidently ran the "User-Level security wizard" on a secure database that we use. I meant to add a member but clicked the wrong thing and followed suite by hitting "Finish" instead of cancel because I wasn't paying attention. Aside from creating a "Security.mdw" file which isn't being used at all, it also somehow managed to lock everyone but the administrator out.
I checked the Users/Groups and Permissions, they are all there and correct, nothing seems to have been changed at all but when anyone tries to log in now they get the following error:"You do not have the necessary permissions to use the '...mdb' object. Have your system administrator or the person who created this object establish the appropriate permissions for you."
I've read some posts with similarish issues that recommended recreating the .mdw file and importing the data over. The file is encrypted so I wasn't able to do that but I did try making a copy and renaming it then changing the path in the Access shortcut to the copy instead. What all files/settings handle this and if the Users/Groups show up correctly in the database, what could be preventing the users from getting in?
I have finished my database and I have started getting the user level security all setup. I have all the permissions and users working fine except that as I was creating the accounts I entered phony passwords thinking that once i had everything worked out, it would be easy to edit them or change them to real ones, but I cannot figure out how to do that.
How to secure SQL data when my MS Access database must access it using linked tables. Generally speaking on the Internet, assertions that migrating to SQL is more "secure" are rampant; explanations of just how that is are scarce.
Sure I can restrict access and put different roles on different tables, then put different people in those roles, but that doesn't really do me any good. Ultimately I want to achieve the following: Allow them to do all kinds of stuff (including Update, Delete, Insert) using my access application, but I would NOT want them to have those same rights if they installed SQL Server Management Studio, or for that matter, simply created an ODBC connection using another access or excel application.
In other words, ideally, I'd like to have SQL server view my Access application as a user in its own right. Not sure if that type of impersonation or identity is possible to achieve.
I have a question about sending secure emails by VBA code in MS-Access. I have a Access application within you also can also send emails by VBA code using outlook. Everything works fine, but now the recipient wants to receive the mails with a digital signature by S/MIME.
I got a digital certificate from the recipient as a pfx-file.
I've read and gone though quite a few of the scrips and examples for creating logins and security and i'm getting to the stage when i need to have good understanding of the different methods.
Some of the examples whilst create a user login do not really allow for security within the database whilst the build in security wizard would appear to offer that functionality.
I am thinking that I will use the Workgroup file and that method. My question is am i able to utilise the fact that if a person 'AdamA' logs onto the database which is built into the workgroup security file. am I then able to take 'AdamA' to populate a table which records actions by a user? (I can't seem to find any thread or book reference to doing this)
I have an Access mdb that has a bunch of tables linked from a SQL Server. On the SQL Server I have some stored procedures that do inserts into various tables. In the Access db I have some local (lookup) tables, queries, and other things that for various reasons can't/don't need to be stored in the SQL server. I'm using Windows authentication to connect to the SQL server because the security is managed through our domain.
I want to write a form that has unbound text fields that, when I submit the form passes all of those values as parameters to a stored procedure in the SQL server. I have written just such a form in an .adp file, which handles the integrated security nicely.
However, I'd rather do this in a regular .mdb file. I've read up on how I can use an ADO connection to do this, then create a SQL string to EXECUTE the stored proc, grab all the values off the form, and build the SQL.
But the problem with this solution is the authentication - I can't use the SA user and password in this connection string, I'd have to utilize the logged-in user's information.
Is there an easier way to execute the stored procedure from an .mdb? Using the integrated authentication?
Failing that, is there a way that I can create "local" (to the .adp) tables, queries, and so on in an .adp?
Hello, can we create a stored prodecure in Access 2000 and call it from VB. I've created in SQL Server with ASP but have no idea in Access. Can anyone please tell me how to do it. If so kindly specify some resources from where i can learn more related to this. thank you.
I have a MS SQL 2000 stored procedure that acepts a parameter and returns a recordset.
I want to run this Stored procedure from an Access 2000 report and use the recordset for the report.
I want to pass a field off of a form that is user entered to the stored procedure.
Is this possible. Any help is appreciated.
I can figure out how to attach the stored procedure to the report as the dataset but cannot seem to figure out how to pass the dynamic parameter to the Pass-Through Query.
I know this isnt strictly an sql server problem but I am currently using an access data project as a front end to my sql server database. Trying to upsize from access 97. On one of my forms I have two sub forms which take their parameters from the parent form. In the input parameters box of the sub form I currently have: @param1 = forms![parent form name]![field name]
i want
@param1 = me.parent.[field name]
I know this works as i ran the code on a command buttton and it returned the correct values. Yet in the input parameters box doesnt work any suggestions?
[Note: This pertains to an Access Data Project (ADP).] I modified a stored procedure on SQL Server, and later discovered that my changes had disappeared. I'm wondering if there's any possiblity that my Access ADP might have been the culprit.
I would think the answer is no. When I open an ADP in design mode, I think of the the top three displayed categories (Tables, Queries and Diagrams) as "windows" (binoculars, whatever) onto SQL Server. My understanding is, ADPs do not directly store any data in these categories.
Since Access lumps stored procedures under "Queries" I would think they would be no exception. The one thing that makes me a bit suspicious is, when I look at the stored procedure from the Access side, it begins with "ALTER PROCEDURE", whereas SQL Server stores it as "CREATE PROCEDURE". I see why it makes sense to implement it this way, but it makes me wonder if Access is actually storing a local version of the script.
I need to open an Excel file that has been stored in the Access Database using the insert Object functionality of MS Access manually.
What i am aware of is that i cant just read the field containing the Excel File into a Byte Array and pass it to the Excel object in C#,as the file is wrapped in the OLE Wrapper used by Access while inserting the file in database.
I have tried locating the Header of Excel file from the byte array and read the file from there on but it is not working.
while (true) { if (0xE11AB1A1E011CFD0 == BitConverter.ToUInt64(byStream, i)) break; i++; } output.Write(byStream, i, byStream.Length - i-1);
byStream is a byte array into which i have read the Excel file from Database. I am locating the Excel file header in the byte stream and am writing the byte array to a file from that location.But on opening the written file it dosent work. Similar approach had worked in case of Images but now in this case.
Can some one please tell me as to how i can open the Excel File. Can I use Interop.Access object to achieve the goal??
It may seem a really silly question but is there any restrictions as to the file types that can be stored in an Access DB.
I havent used Access in a while, but have been asked by a friend to create a simple DB holding info about cars he is selling, he only wants to hold thumbnail images of the cars so I can either link or embed the pics! However if I try to link or embed a jpeg image nothing appears in the bound object frame except for the image title i.e. bmw325i.jpg if I do exactly the same with a bitmap image the pic is displayed???
The only other difference I have noticed is that in table view of the relevant table a bitmap appears as Bitmap Image whereas a JPEG appears as Package????
I have a Splash Screen type deal that loads after the user logs in I wanted to know if there was a way that I could add a Loading Bar that would say different things like Are you having a nice day?