Securing A Shared Database

Jul 17, 2007

Have created a database that will be placed on a shared drive, giving access to others to add, delete, modify records. That aspect of it is fine -- but how to I prevent someone from deleting a field?

View Replies


ADVERTISEMENT

Securing A Database

Jul 24, 2007

I have two questions. All of my experience has been in Access 2003. My work just upgraded to 2007. I am ready to secure a database that I have now converted to a 2007.

1. Is it possible to set the db to open as read only for everyone on staff except for a few people?

2. How do I set security levels where some can view all tables and others can only view specific tables?

For example, I only want 2 people to be able to modify any data. And I don't want anyone to view the accounts receivables, but they need to see other data on the customers.

Thanks in advance.

View 2 Replies View Related

Securing A Database

Dec 18, 2003

All,

As I promised earlier, here is my suggestion to secure an MS-Access database. The explanation below is applicable for MS-Access 2000 and XP versions, I haven't tested it on Access 2003.

This way of securing a database is a bit different from the one I posted earlier, but more secure.

Disclaimer:
This explanation of securing a database is based on MY experineces. I mean I've been doing it in this way, and it worked OK for me.
I DO NOT say that there is no other method of securing a database.
I will NOT take responsibility for any problems caused by securing your databases either in this or in any other way.
Use this guide on your own risk.

Pre-reading notice:
Menu paths and commands may be different in the English version of MS-Access. I use Hungarian MS-Access, but I am doing my best to remember (or translate to) the English menus and commands.
Where I'm in doubt about the exact English menu path or command and there are more than one possible translations, I enclose the alternative between parentheses.
Menu paths are indicated like this: File -> Get external data -> Import...
Command buttons are indicated like this: <OK>

To secure a database:
1. close the database you want to secure.
BEFORE closing it:
- If a database password is set, then clear it.
- If the VB Project is protected then unprotect it. To unprotect the VB Project go to Tools -> [project_name] options... in VB Editor and click the Protection tab. Remove the tick from the 'Lock Project from viewing' check box and clear the password.
2. CREATE a new blank database;
3. Check and make a note of the path of the default Workgroup Information File (.mdw).
- to do this, go to Tools -> Security -> Workgroup Administrator, and read the file path indicated.
4. create a new .mdw file using the Workgroup Administrator, and stay joined to it.
- to create a new Workgroup Information File go to Tools -> Security -> Workgroup Administrator, and click <Create...>. Provide the required information, click <OK>, click <Browse...>, and type a name.
- I usually use the name of my database which I want to secure.
- Note: if you wish your .mdw file to be unique, then you need to provide a workgroup code.
- If you provide a workgroup code, it's strongly recommended to make a note of and keep it in a safe place. Should the the .mdw file be lost, you will need this information to create the "same" .mdw file.
5. create a User with your logon name and put this user to the group called 'Admins';
- to create a new user go to Tools -> Security -> User and Group accounts... Click <New...> on the Users tab. Type a logon name, and a PID.
- Note: users are identified by their PID, not by their logon name. Anytime you create a user, it's strongly recommended to make a note of the PID and keep it in a safe place. Should the the .mdw file be lost, you will need the PIDs to create the same users in a new .mdw file.
- It's enough to create a user account for yourself. You can create the other users' after the whole process.
- Don't forget to put yourself into the 'Admins' group.
6. Create a password for the default Admin user (which you are at the moment).
- To enforce users to provide a logon name and a password, you need to set a password for the default Admin user. If the default Admin user has a blank password (in other words: no password set for it), then Access automatically starts with the default Admin user, and does not require user authentication.
- To create a password for the default Admin user, go to Tools -> Security -> User and Group accounts... and select the Change Password tab. Leave the Current Password blank, then type & confirm the new password.
- The default Admin user does not need a difficult password, because this user will not have any permission on the secured database at the end. We need the password only to enforce user authentication.
7. Close the database.
8. CREATE an OTHER new blank database.
- If a password has been set for the default Admin user, it will prompt for a password.
- Delete the "Admin" and type the user name you just created. NO PASSWORD REQUIRED for this user, so just click <OK>.
- From now on, you are logged on as the user that you've just created. Note: if you haven't put this user into the Admins group, you won't be able to continue.
- IMPORTANT NOTICE: the reason of creating an other blank database instead of just doing the whole process WITHIN the database to be secured, is that the only way to take the ownership of a 'Database' object is to create it as YOU, and not as the default Admin user. As I experineced, 'Database' ownership CANNOT BE TAKEN AWAY from the creator of the 'Database' object.
9. Go to Tools -> Security -> User and Group accounts... and REMOVE the user 'Admin' from the 'Admins' group.
- Clck Users tab, and select 'Admin' from the drop-down list. Select 'Admins' in the list box 'Member' ('Member of'), and click <Remove>.
- If you haven't added the new user to the Admins group, then you won't be able to remove the default Admin user from the Admins group because Access will not let you to have no users in the Admins group. At least one user must be in Admins group.
- If you can remove the default Admin user from the Admins group, then, from now on, you are the only user with administrative permissions for this database and in this .mdw file.
10. Set a password for yourself.
- How? See point 6.
- Memorize your password, because it can only be retrieved by using certain Password Recovery processes and softwares. As far as I know, there is NO WAY to retrieve a password via VBA or MS-Access for a normal user, it needs someone with deep hacking knowledge...
11. Import all objects from your database that you want to secure.
- Go to File -> Get external data -> Import..., and browse to your database.
- Select ALL objects: tables, queries, forms, reports, macros and modules, and click <Import>.
- If you haven't unprotect the VB Project, it WILL NOT import any VB code even behind the forms.
- From now on, the owner of the 'Database' object and all tables, queries etc. is YOU.
12. Run User Level Security wizard and make the permission settings.
- It's recommended to select all objects and grant only data modification rights to the 'Users' group.
- After running the wizard, it's recommended to restrict all rights of the default Admin user manually. This will ensure that if your database is opened with the default system.mdw file (which is automatically created when MS-Access is being installed), then the default Admin user will not have any permission to any data or object.
13. Join to the default Workgroup Information File, and close the database.
- to do this, go to Tools -> Security -> Workgroup Administrator, and click <Join...>, click <Browse...> and navigate to the default .mdw file you've hopefully made a note of.

After this process, if you just open your secured database then you will open it as the default Admin user. It will not require a password, because in the default .mdw file, the Admin user does not have a password. And, if you've restricted all permissions of the deafault Admin user, you won't be able to make any data or design modifications, and even open any objects.
The reason of it is that the default Admin user's PID is the same in all .mdw files. The default Admin user is automatically created when you create a new .mdw file. The default Admin user also CANNOT BE deleted. The default Admin user uses the same PID everywhere, so regardless of how many .mdw files you have on your system, Admin user logically is the same for all databases.

So then how to open your secured database?
You need to use the .mdw file you created. So open your database with the /wrkgrp switcher. Create a shortcut and use this in the Target field:

[drive]:[database_path][database_file] /wrkgrp [drive]:[mdw_file_path][mdw_file]

Example:

"C:MyDatabasesMyDatabase.mdb" /wrkgrp "C:MyDatabasesMyDatabase.mdw"

If you open your secured database in this way, then it will require a password (of course, because the default Admin user in your .mdw file has a password). Log on as yourself, and you now can add other users.

NOTE VERY CAREFULLY:
1. BEFORE starting the whole process ALWAYS make at least one backup copy of your unsecured database.
2. NEVER delete this backup copy UNLESS you're ABSOLUTELY SURE that everything is approved and tested and IS WORKING OK in your secured database.
3. DO NOT LET anyone to make any changes in data or design in your backup copy until you're absolutely sure that everything is working OK. Otherwise your backup copy will not be anymore a clone of your database.

Other notice:
I've been blocked out from my own databases many times while I was searching for a right way of securing. Unfortunately, HELP provides a likely poor aid.

If you encounter problems, I'll do my best to help you as my time allows me to.

I kindly ask the members that feel themselves more or less experienced to make a test and post any notes/suggestions/bugs/mistakes to this thread, PLEASE.

REMEMBER: IF YOU HAVE A BACKUP COPY YOU WON'T GET TROUBLE.

View 14 Replies View Related

Securing Access Database

Nov 7, 2005

This is my 2nd thread on the topic...I've searched the forums....

I have a database. It is on the shared folder on the server. I ran the security wizard and created a shortcut. On my machine it works perfectly...asks for a login, has a couple user groups etc...

When I run it off the server though, the shortcut doesn't work....refers to files on my machine?? and the database is unsecured.

Do I have to run the security wizard on every machine? Do I need to run the security wizard from the server? Or do I even need to run the security wizard at all??? My 2-day access course is failing me miserably...

View 5 Replies View Related

Tough Issue Securing Database

Aug 23, 2005

Hello,

for our company we have an access application we use to keep track of our customer-info.

The databse consists of 3 parts:
The (replicated) frontend
The databse holding the changing data
The database holding the unchanged data (lookup db)

We have the following problem:
somewhere in our front-end db is a bug that allows users to change the contents of the lookup db. In our case this can result in a major problem because the users are able to change the city-zip code table.
I have tried to figure out where things go wrong but so far no result.

We have picked up the idea of making the lookup db read-only for normal users. This will prevent them from modifying the contents, and will also result in error messages. Hopefully will these error messages point me in the right direction of the bug.

Problem is that the ldb, created when opening the mdb, inheritates the same security settings of the mdb. If we set the mdb to read only, the user gets an error-message stating it can not find the lookup db or that the lookup mdb is locked. This is because the user can not create or modify the ldb. On the other hand, if we set the security to create and modify for the mdb, the user still is able to change the data in our lookup db.

I have never worked with the security in access itself. and I want to try to avoid that. Is there a way of securing the data in our lookup db. So I'm able to figure out what really goes wrong.

Can someone help me out on this major problem.

View 10 Replies View Related

Securing The Database So Only Admin Can Make Changes.

Feb 7, 2006

I've been fiddling around with the Tools>>Security settings but I can't seem to find a way where only I can make changes to the database and the users can't just use the switchboard. If you are regular user you don't need password but if you are admin you do.

How do I do that?

View 1 Replies View Related

Securing A Split Mutli-User Database

Jun 16, 2006

I don't have the database finished so I can't really comment on the structure. However, I know the database will be used by multiple people, very likely at the same time. I've heard it's a good idea to split the mdb into a frontend and a backend so I've already started that process. I have no idea how this would fit into a security scheme though. Do I have to set up user-level security on both ends? Without actually implementing it I kind of think it would be secure if the backend had a master password and the frontend had user-level access. What do you all think?

View 1 Replies View Related

Problem With MouseTrap Sample After Securing Database

Oct 14, 2005

ghudson:

I am experiencing a problem with the mousetrap sample after I secured my database.

When I save on my main form and I try to go to my subform I keep getting the "Please Save this Record! You can not advance to another record until you either 'Save' the changes made to this record or 'Undo' your changed."

I have saved but it is still preventing me from going to the my subform. I numbered the Save Required msgs so that I know which one I am getting and I am getting the one from:

Private Sub Form_BeforeUpdate(Cancel As Integer)
On Error GoTo Err_Form_BeforeUpdate

Me.tbHidden.SetFocus

If Me.tbProperSave.Value = "No" Then
Beep
MsgBox "Please Save This Record!" & vbCrLf & vbLf & "You can not advance to another record until you either 'Save' the changes made to this record or 'Undo' your changes.7", vbExclamation, "Save Required"
DoCmd.CancelEvent
Exit Sub
End If

Exit_Form_BeforeUpdate:
Exit Sub

Err_Form_BeforeUpdate:
If Err = 3020 Then 'Update or CancelUpdate without AddNew or Edit
Exit Sub
Else
MsgBox Err.Number, Err.Description
Resume Exit_Form_BeforeUpdate
End If

End Sub


Above it is checking if tbProperSave.Value = "No" and in bSave you have
Case vbYes: 'Save the changes
Me.tbProperSave.Value = "Yes"
DoCmd.RunCommand acCmdSaveRecord
Me.tbProperSave.Value = "No"

So it's setting the value to no again?

I know it's not a permissions thing because I am admin and have full permissions on the forms.

Any suggestions?

View 7 Replies View Related

Modules & VBA :: Securing Access 2010 Split Database?

Dec 9, 2013

I have a split db with tables in the back end and my forms, reports, code etc. in the front end.

I encrypted the back end with a password. That worked fine.

I deleted and relinked my tables to the encrypted back end. That worked fine as well.

I have a function that will disable the shift key bypass. If I run that in my front end db then I can't save it as an accde because I can't get to the HOME screen. If I save it as an accde first then I can't run my 'disable shift key bypass' function because I can't get to the modules!

How can I secure a split Access 2010 database so that the user cannot execute shift bypass on the front end or make any changes to the code?

View 7 Replies View Related

Database External User Not On Same Server And Securing Info

Mar 6, 2015

Is it possible for me to give them access to part or all of the database so that they can run queries to target venue mailshots etc if so how would i do this?Secondly my concern is that the database is valuable and I want to protect myself from potential theft of info, ie what stops them taking the database and using it for there own purposes?

View 2 Replies View Related

General :: Securing A Database / Can't Edit Forms / Reports / Queries

Jan 21, 2014

I'm trying to secure my database so users can't edit tables, forms, reports, queries, etc.I'm splitting the database, making an ACCDE for users:

1. I inserted code to disable the bypass key.
2. I inserted code to hide the Quick Access Toolbar (QAT) in the On_Load sub of the form that opens with the DB.
3. Deselect Navigation Pane, Allow Full Menus and Allow Default Shortcut Menus are deselected
4. Then, I use the immediate window to show the QAT, I then create an ACCDE.

How do I link this ACCDE with the original ACCDB? Am I supposed to delete tables from the front end and link the forms/reports to the back end DB?

View 7 Replies View Related

Jet Database Engine Error On Non-shared Database

Jul 7, 2005

I have a problem that seems to be happening on several users' databases and is causing a big problem. None of the databases is a shared database...they are all single-user databases on stand-alone computers. I have tried looking for help within previous posts, but all seem to be related to shared databases.

I am getting an error message: "The Microsoft Jet database engine stopped the process because you and another user are attempting to change the same data at the same time." The database cannot be opened, imported, repaired...nothing seems to work.

Again...these are NOT shared databases. I appreciate any help I can get. I created the database for all of the secretaries in our school district to keep up with absence data. It involves many tables, queries, forms and reports, and has generally worked well. However I am now seeing several that are getting similar errors as mentioned.

Thanks!

View 3 Replies View Related

Securing Backend Like Webserver Database And Linking Via Odbc Or Roaming User Profile

Apr 29, 2006

On a webserver certian files are stored above the root directory. Therefor the user of the website can never access those files directly. But he is utlizing that file.

For example:
We use Hotmail to see our mails. but we never download the complete database.

So is there a method that we can secure the backend using roaming profiles or something else so the user has a link to the backend but cant directly access the backend.

View 2 Replies View Related

Shared Database

Nov 2, 2007

Hello,

Im having some problems sharing a database. I need multiple users to be able to open the database at the same time. I have check TOOLS - OPTIONS - ADVANCED and my option is set to shared, but for some reason it will still only allow 1 user to open it at a time.
Does anyone know why this could be?

Thanks

View 2 Replies View Related

Shared Database Problems

Dec 19, 2006

hello everyone... with the help i have gotten from this site I embarked upon producing a online booking databse for my workplace ...

since the work enjoys having an intranet i simply placed the database in a shared folder and things have worked great for nearly a year ...

Ive tinkered and modified and everyone is happy till today ....


while an administrator was deleting a booking things went haywire ....

a message came up about couldnt delete because someone else was deleting ...things froze and a message about path problems came on the screen..

the only thing we could do was delete the database and replace it with the backup copy we have.... everything worked great for an hour or so and then things went wonky again with same error messages...

also I noticed that the database grew in size from 1.6md to 2.5 mb ....

again I replaced it with the backup copy and did a repair and compress ..and it seems to be ok ..

but im dreading tommorrw since i anticpate it happening again ..any suggestions appreciated... ps ..the databse is a booking form for booking ict suites in a school and I am the schools technician

cheers

harry

View 14 Replies View Related

Shared Access To A Database Problem

Dec 27, 2007

I have a problem related to shared access to a MDB file:

- I designed an Acccess Database and need shared access to everybody for read forms , and also I need (just for me) to do some "real time" modifications in the tables. I work in a huge company and cannot make changes in the Access of each user, just can work on my laptop. The file is placed in a shared folder.

- I can assign policies to the folders (for example I made a read only folder, with admin rights for me, but when somebody opened the mdb, I got an 'open only advice, and couldn't update any table; It's curious because the users coudn't generate the LDB file but still the access denied me the chance to modify any table when the file is opened by anybody).

- I tried playing with tools-security, but I cannot change every user settings, it didn't helped me.

I've been looking for related links to this problem but still I couldn't solve it. And at this point I wonder if it's just possible to do that?

Thank you very much

View 1 Replies View Related

General :: Security For Database On Shared Drive

Oct 3, 2013

I need securing an Access database. I am about to put the database on a shared drive. I want myself to be able to do anything (of course), my co-worker Paul to be able to ONLY enter information (along with being able to view everything like forms and reports), and my boss to ONLY be able to view everything (form/report wise).

I found this post [URL] .... about how to secure a database. I spent all day doing it, but it didn't work at all! I just got a bunch of errors whenever I tried to do anything, so I deleted the database and re-used an earlier version.

View 6 Replies View Related

Forms :: Split Database In A Shared Folder

Nov 9, 2014

I have recently been experimenting with adding an Access database to a shared folder (in a network HomeGroup) and have it working on two networked PCs. Then tried the same with the database split but I get a path error on the PC joined to the HomeGroup (where the database resides) whenever the backend (tables) are accessed by a form or from the Tables listing. If I however open the backend file directly from the file directory, the tables all open as expected.

The path stated as being invalid in the error message starts with "C:Usersetc..... instead of LAF-PCUsersetc..... so it looks (to me at least) that it is attempting to load the file from the local hard drive rather than the host computer.

Why a split database works differently in this situation than a non-split.

View 13 Replies View Related

Using User-level Security On A Shared Database?

Jan 9, 2012

I am going to put my access database on a network drive so that four different computers can have access it. However will user-level security work if I implement it? For example, from one of the computers I implement 2 different usernames and passwords. If one of the other computers tries to access the database will they also be presented with the logon screen?

If not, how can I go about setting this up?

View 6 Replies View Related

Cells Not Appearing On A Shared Drie Split Database

Aug 22, 2005

I have made this database for a company that I work at, and I seem to be haveing some problems. I split the Database and placed the "'back-end" on the company's shared drive, however it seems that only when I log in as myself, on any computer, that it works. On other people's profiles, when a form is opened, there is nothing there, it is blank, no textboxes, labels or anything. However, if you use the database window to open one of the linked tables, you can see all of the existing data and cells just fine. I am only 17, and I have used Access for only two weeks, so I may have missed some setting in the splitting, or a database property that is affecting it. Please help me, as I need to finish this DB ASAP.

PS: the folder settings for the shared drive (at least as far as i know...) allow full access, so there should not be an issue there.

Thank you

View 2 Replies View Related

Accommodation Database - Availability With Shared Room Capacity

Feb 6, 2007

Hi,
I have been reading throguh various articles and learning a lot from you guys, so thank you very much. This place is a fantastic source of information, by far the best of anything i have found online.

I have a question which i would be grateful if someone could advise upon.

Access 2003. I have 4 tables:

list_accommodation (holding host family address details who offer accommodation to students)
id (autonum)
name (text)
address (text)
etc.....

list_rooms (table of rooms offered by host families)
room_id (autonum)
host_id (number) - joined to list_accommodation.id
room_name (text)
capacity (number)

students (student contact details who want accommodation!)
id (autonumber)
name (text)
dateofbirth (date)
address (text_
etc.....


bookings_accommodation (to hold the accomm bookings)
booking_id (autonum)
room_id (num) - joined to list_rooms.room_id
student_id (num) - joined to students.id
start_date (date)
end_date (date)

This structure therefore enables me to query if rooms are booked between dates:

SELECT bookings_accommodation.room_id, bookings_accommodation.start_date, bookings_accommodation.end_date
FROM list_rooms INNER JOIN bookings_accommodation ON list_rooms.room_id = bookings_accommodation.room_id
WHERE (((bookings_accommodation.start_date) Between DateAdd("d",0,[Forms]![workflow]![workflow_sub_add_accom_booking]![cbo_start_date]) And DateAdd("d",-1,[Forms]![workflow]![workflow_sub_add_accom_booking]![cbo_end_date]))) OR ((([end_date]-1) Between DateAdd("d",0,[Forms]![workflow]![workflow_sub_add_accom_booking]![cbo_start_date]) And DateAdd("d","0",[Forms]![workflow]![workflow_sub_add_accom_booking]![cbo_end_date]))) OR (((bookings_accommodation.start_date)<DateAdd("d",0,[Forms]![workflow]![workflow_sub_add_accom_booking]![cbo_start_date])) AND (([end_date]-1)>DateAdd("d","-1",[Forms]![workflow]![workflow_sub_add_accom_booking]![cbo_end_date])));


and therefore, using the 'booked' query i can therefore find out rooms are available.

SELECT list_rooms.room_id, list_rooms.room_name, list_rooms.capacity, list_rooms.description, list_rooms.host_id
FROM list_rooms LEFT JOIN qry_rooms_reserved ON list_rooms.room_id = qry_rooms_reserved.room_id
WHERE (((qry_rooms_reserved.room_id) Is Null));

----

so, now i have found out that there is a necessity to enable students to share a room (the bookings for a room may not happen at the same time). This means that i have to determine the capacity of a room and therefore if
the capacity is not full, then show as available.

I was wondering what the best approach to this may be?
I have added 'capacity' to list_rooms, but i am unsure as to how to go from there....

Any thoughts and advice woudl be really appreciated.

Many thanks

Phil.

View 2 Replies View Related

General :: Database Opens As Read Only When Opened From Shared Location

Jul 15, 2012

We have a database on a PC located on our network. The database is located in this computer's shared folder. Another database grabs data from this database occasionally. We're running into a problem where we cannot open the DB located in the shared folder (permissions granted) without it being a read only instance even with no users accessing the DB.

View 6 Replies View Related

Securing + FE BE?

Aug 10, 2006

Hello. I have just started work at a new company and have been asked to 'Network' 5 different DB's to enable multiple users (around 5) simultaneous access (Dept A - DBa / Dept B - DBb etc.....) Currently if User A accesses the DB User B gets read only access.

I have googled and also searched forum + read some posts here but have failed to answer my questions (Spilt Database / FE BE??).

I have also played with a copy of an existing DB to add security by way of Security Groups (Managed this!!).

A desktop shortcut was created:

"C:Program FilesMicrosoft OfficeOFFICE11MSACCESS.EXE" "C:Documents and SettingsPhilip HoranMy DocumentsAccessFE BEFE BE.mdb" /WRKGRP "C:Documents and SettingsPhilip HoranMy DocumentsAccessFE BESecurity.mdw"


Could I move files and manually amend to a unc path?
Advice, links to answers very much appreciated.
Kind Regards,
Phil.

View 3 Replies View Related

Securing The Application From Theft

Apr 28, 2006

Well after nine months of intensive development I have completed my first application for distribution.

Now the hard part.

It needs to be nearly impossible for people to make unauthorized copies.

I'm thinking I would like to do some kind of internet authorization but I don’t have a clue.

It's definitely going be a stand alone product, not requiring the customer to have Access installed on their PC.

Any thoughts?

View 14 Replies View Related

Securing Forms And Queries

Aug 28, 2007

Hi

I have just put together a small database, and have used the user-level security wizzard to set up groups so i can restrict access to the database.

I have also been through all the user and group permissions and tried to set the security up so that the data entry staff can enter data but not change any of the forms or queries.

This is where i am hitting the wall.... although i have set up this protection, when i access the database under the staff name and password I am still able to view the forms and queries in design view and change them.

Can someone plaese point out where I am going wrong


Thanks very much :)

View 5 Replies View Related

General :: Securing And Maintaining A Stand-alone Unsecured Db?

Dec 3, 2012

I have an application that is used by individual teachers to generate reports for central admin. It is not secured except I have locked out access to all objects, Navigation pane is hidden, etc to protect the integrity of the tool. I must also maintain this as changes are propagated. I am trying to find a way to upgrade forms, functions, queries, etc without manually having to unlock and relock every db for each school site when changes are required. I have tried importing and exporting from a master db, turning objects on and off by recognizing my password, splitting code and data (db's are on flash drives and path changes every time they are inserted, many teachers cannot handle refreshing table links), I have tried writing code to import the changes at next startup, etc. It is written on Access 2003.

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved