If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Wise to set up user level security for a multi FE MDB ??
Sunny Ho wrote:
I am currently using MS 2003 and work on a multi-user database. I have reviewed previous posts in the forum and followed their advise achieved in spliting the database to FE and BE, and converting the FE as MDE file to protect the codes and Forms in the database. I am proceeding to User Level Security but encountered couples of problem. Which increased my concerned if it is wised to setup user level security for the multi FE MDB. 1) I could not could not set User Level Security in an MDE file?? is that true?? 2) I am now sharing the database by deploying FE copies of MDE file to the other users' PC, is it the same after setting User Level Security MDB?? 3) I found that there is a MDW file as well, and another shortcut was created for logging to the protected MDB, whenever each time I deploy them as 2) at above, errors comes with not having permission in access to the MDB, likely due to lost of linking with the MDW file and the MDB file how to solve that?? Do I really need to modify the properties inside the "short cut for the secured database" everytime for every users' PC manually?? 4) I have tried to use the wizard to create the User Level Security, but it seems that it had limited the "permissions", I would like to create my own define permission, how could that be?? It is appreciated if any senior could share their experience in setting up user level security in MS 2003 as well as if they how they encounter and fixed the above problems that I have met. Sincerely yours Put your shared MDW in the same location as your shared back end. Secure your MDB the way you want and the MDE files that you create and give your users will have the identical settings. You should only have to create a custom shortcut specifying your MDW file ONCE for each user and that shortcut should never have to be replaced or altered again. If they do not use your MDW file they should not be able to open your file at all. If they can then you did security incorrectly. |
#2
|
|||
|
|||
Wise to set up user level security for a multi FE MDB ??
I am currently using MS 2003 and work on a multi-user database.
I have reviewed previous posts in the forum and followed their advise achieved in spliting the database to FE and BE, and converting the FE as MDE file to protect the codes and Forms in the database. I am proceeding to User Level Security but encountered couples of problem. Which increased my concerned if it is wised to setup user level security for the multi FE MDB. 1) I could not could not set User Level Security in an MDE file?? is that true?? 2) I am now sharing the database by deploying FE copies of MDE file to the other users' PC, is it the same after setting User Level Security MDB?? 3) I found that there is a MDW file as well, and another shortcut was created for logging to the protected MDB, whenever each time I deploy them as 2) at above, errors comes with not having permission in access to the MDB, likely due to lost of linking with the MDW file and the MDB file how to solve that?? Do I really need to modify the properties inside the "short cut for the secured database" everytime for every users' PC manually?? 4) I have tried to use the wizard to create the User Level Security, but it seems that it had limited the "permissions", I would like to create my own define permission, how could that be?? It is appreciated if any senior could share their experience in setting up user level security in MS 2003 as well as if they how they encounter and fixed the above problems that I have met. Sincerely yours |
#3
|
|||
|
|||
Wise to set up user level security for a multi FE MDB ??
"Rick Brandt" wrote: Sunny Ho wrote: I am currently using MS 2003 and work on a multi-user database. I have reviewed previous posts in the forum and followed their advise achieved in spliting the database to FE and BE, and converting the FE as MDE file to protect the codes and Forms in the database. I am proceeding to User Level Security but encountered couples of problem. Which increased my concerned if it is wised to setup user level security for the multi FE MDB. 1) I could not could not set User Level Security in an MDE file?? is that true?? 2) I am now sharing the database by deploying FE copies of MDE file to the other users' PC, is it the same after setting User Level Security MDB?? 3) I found that there is a MDW file as well, and another shortcut was created for logging to the protected MDB, whenever each time I deploy them as 2) at above, errors comes with not having permission in access to the MDB, likely due to lost of linking with the MDW file and the MDB file how to solve that?? Do I really need to modify the properties inside the "short cut for the secured database" everytime for every users' PC manually?? 4) I have tried to use the wizard to create the User Level Security, but it seems that it had limited the "permissions", I would like to create my own define permission, how could that be?? It is appreciated if any senior could share their experience in setting up user level security in MS 2003 as well as if they how they encounter and fixed the above problems that I have met. Sincerely yours Put your shared MDW in the same location as your shared back end. Secure your MDB the way you want and the MDE files that you create and give your users will have the identical settings. You should only have to create a custom shortcut specifying your MDW file ONCE for each user and that shortcut should never have to be replaced or altered again. If they do not use your MDW file they should not be able to open your file at all. If they can then you did security incorrectly. I would like to further clarify if the following step is the right sequence for doing the above: 1) setting the user level security in a non splitted MDB 2) split the MDB in to FE MDB and BE MDB 3) transcript the FE MDB to FE MDE 4) put the BE MDB file and the FE MDW file into the server 5) share the FE MDE file to clients 6) customize the linkage of MDW and FE MDB in each client PC Please correct me if anything wrong, thanks!! |
#4
|
|||
|
|||
Wise to set up user level security for a multi FE MDB ??
On Mon, 10 May 2010 01:40:01 -0700, Sunny Ho
wrote: I am currently using MS 2003 and work on a multi-user database. I have reviewed previous posts in the forum and followed their advise achieved in spliting the database to FE and BE, and converting the FE as MDE file to protect the codes and Forms in the database. I am proceeding to User Level Security but encountered couples of problem. Which increased my concerned if it is wised to setup user level security for the multi FE MDB. One thing to consider is: what is it that you're trying to secure? Who is the target of the security? If you're just trying to keep your authorized users from getting into the wrong part of the program or snoop around, security on the frontend may be appropriate. If you're trying to protect your data, you (also?) need security on the backend. If you're trying to protect the data from skilled and determined hackers, Access security simply isn't good enough: a web search will find dozens of ways to crack the protection. 1) I could not could not set User Level Security in an MDE file?? is that true?? Yes. Set the security on the objects in your master MDB; make a MDE file from it, and distribute that secured MDE. 2) I am now sharing the database by deploying FE copies of MDE file to the other users' PC, is it the same after setting User Level Security MDB?? Yes. 3) I found that there is a MDW file as well, and another shortcut was created for logging to the protected MDB, whenever each time I deploy them as 2) at above, errors comes with not having permission in access to the MDB, likely due to lost of linking with the MDW file and the MDB file how to solve that?? There should be one central MDW file, probably on the same folder as the backend. Do I really need to modify the properties inside the "short cut for the secured database" everytime for every users' PC manually?? No. Create a shortcut referencing the frontend and the mdw and distribute the same shortcut to all the users, along with their copy of the frontend. 4) I have tried to use the wizard to create the User Level Security, but it seems that it had limited the "permissions", I would like to create my own define permission, how could that be?? The wizard lets you set whatever permissions you choose. You can then use Tools... Security to fine tune the read/write/execute permissions on any object. It's tedious, it's complicated, and it's more than any generic wizard could be expected to do - the wizard programmers didn't know what YOU wanted secured, of course! It is appreciated if any senior could share their experience in setting up user level security in MS 2003 as well as if they how they encounter and fixed the above problems that I have met. Download the Microsoft Access 2000 Security FAQ: http://support.microsoft.com/kb/207793/en-us Print it out. Read it carefully. Get a good night's sleep; read it *again*, even more carefully! Follow the instructions scrupulously (I'd get a marker and check off each step on the paper copy). Do be aware that A2007 and A2010 still support security on the older .mdb format, but the newer .accdb format databases are NOT supported. Security is just too easily broken. If you want to secure your data, your best bet is to upsize the backend to SQL/Server (or another client-server database) and use the frontend you now have linked to that server database. -- John W. Vinson [MVP] |
#5
|
|||
|
|||
Wise to set up user level security for a multi FE MDB ??
Thanks John for answers in detail.
I have print at least 2 inches of FAQ from the troubleshoot of A2003, it is good for general use, but when I need to integrated different steps together, it seems that it so difficult to work in a right sequence of steps, or otherwise, error or hinderance would be resulted. On top of the help from Rick and John I have a follow-up operational problem that I cannot find from the FAQ. I would like to further clarify if the following step is the right sequence to achieve: a) setting user level security, b) splitting the database into FE and BE c) converted the FE to MDE 1) setting the user level security in a non splitted MDB 2) split the MDB in to FE MDB and BE MDB 3) transcript the FE MDB to FE MDE 4) put the BE MDB file and the FE MDW file into the server 5) share the FE MDE file to clients 6) customize the linkage of MDW and FE MDB in each client PC (As I noticed that in each shortcut, there would be a part of the link pointing to the FE file, which would be different for each users in my case as the users have their unique login account for their win XP, i.e: C:\Documents and Settings\User acc\desktop\???) Please correct me if anything wrong, thanks!! Very appreciate John and Rick's help "John W. Vinson" wrote: On Mon, 10 May 2010 01:40:01 -0700, Sunny Ho wrote: I am currently using MS 2003 and work on a multi-user database. I have reviewed previous posts in the forum and followed their advise achieved in spliting the database to FE and BE, and converting the FE as MDE file to protect the codes and Forms in the database. I am proceeding to User Level Security but encountered couples of problem. Which increased my concerned if it is wised to setup user level security for the multi FE MDB. One thing to consider is: what is it that you're trying to secure? Who is the target of the security? If you're just trying to keep your authorized users from getting into the wrong part of the program or snoop around, security on the frontend may be appropriate. If you're trying to protect your data, you (also?) need security on the backend. If you're trying to protect the data from skilled and determined hackers, Access security simply isn't good enough: a web search will find dozens of ways to crack the protection. 1) I could not could not set User Level Security in an MDE file?? is that true?? Yes. Set the security on the objects in your master MDB; make a MDE file from it, and distribute that secured MDE. 2) I am now sharing the database by deploying FE copies of MDE file to the other users' PC, is it the same after setting User Level Security MDB?? Yes. 3) I found that there is a MDW file as well, and another shortcut was created for logging to the protected MDB, whenever each time I deploy them as 2) at above, errors comes with not having permission in access to the MDB, likely due to lost of linking with the MDW file and the MDB file how to solve that?? There should be one central MDW file, probably on the same folder as the backend. Do I really need to modify the properties inside the "short cut for the secured database" everytime for every users' PC manually?? No. Create a shortcut referencing the frontend and the mdw and distribute the same shortcut to all the users, along with their copy of the frontend. 4) I have tried to use the wizard to create the User Level Security, but it seems that it had limited the "permissions", I would like to create my own define permission, how could that be?? The wizard lets you set whatever permissions you choose. You can then use Tools... Security to fine tune the read/write/execute permissions on any object. It's tedious, it's complicated, and it's more than any generic wizard could be expected to do - the wizard programmers didn't know what YOU wanted secured, of course! It is appreciated if any senior could share their experience in setting up user level security in MS 2003 as well as if they how they encounter and fixed the above problems that I have met. Download the Microsoft Access 2000 Security FAQ: http://support.microsoft.com/kb/207793/en-us Print it out. Read it carefully. Get a good night's sleep; read it *again*, even more carefully! Follow the instructions scrupulously (I'd get a marker and check off each step on the paper copy). Do be aware that A2007 and A2010 still support security on the older .mdb format, but the newer .accdb format databases are NOT supported. Security is just too easily broken. If you want to secure your data, your best bet is to upsize the backend to SQL/Server (or another client-server database) and use the frontend you now have linked to that server database. -- John W. Vinson [MVP] . |
#6
|
|||
|
|||
Wise to set up user level security for a multi FE MDB ??
User Level Security was removed because it's not effective, and not
secure it's best to move to SQL Server if you want real security for your data that way, your employees can't just bring a copy of it home (and sell your customers info over IRC) On May 10, 1:40*am, Sunny Ho wrote: I am currently using MS 2003 and work on a multi-user database. I have reviewed previous posts in the forum and followed their advise achieved in spliting the database to FE and BE, and converting the FE as MDE file to protect the codes and Forms in the database. I am proceeding to User Level Security but encountered couples of problem.. Which increased my concerned if it is wised to setup user level security for the multi FE MDB. 1) I could not could not set User Level Security in an MDE file?? is that true?? 2) I am now sharing the database by deploying FE copies of MDE file to the other users' PC, is it the same after setting User Level Security MDB?? 3) I found that there is a MDW file as well, and another shortcut was created for logging to the protected MDB, whenever each time I deploy them as 2) at above, errors comes with not having permission in access to the MDB, likely due to lost of linking with the MDW file and the MDB file how to solve that?? Do I really need to modify the properties inside the "short cut for the secured database" everytime for every users' PC manually?? 4) I have tried to use the wizard to create the User Level Security, but it seems that it had limited the "permissions", I would like to create my own define permission, how could that be?? It is appreciated if any senior could share their experience in setting up user level security in MS 2003 as well as if they how they encounter and fixed the above problems that I have met. Sincerely yours |
#7
|
|||
|
|||
Wise to set up user level security for a multi FE MDB ??
"Sunny Ho" wrote in message ... I am currently using MS 2003 and work on a multi-user database. I have reviewed previous posts in the forum and followed their advise achieved in spliting the database to FE and BE, and converting the FE as MDE file to protect the codes and Forms in the database. I am proceeding to User Level Security but encountered couples of problem. Which increased my concerned if it is wised to setup user level security for the multi FE MDB. 1) I could not could not set User Level Security in an MDE file?? is that true?? 2) I am now sharing the database by deploying FE copies of MDE file to the other users' PC, is it the same after setting User Level Security MDB?? 3) I found that there is a MDW file as well, and another shortcut was created for logging to the protected MDB, whenever each time I deploy them as 2) at above, errors comes with not having permission in access to the MDB, likely due to lost of linking with the MDW file and the MDB file how to solve that?? Do I really need to modify the properties inside the "short cut for the secured database" everytime for every users' PC manually?? 4) I have tried to use the wizard to create the User Level Security, but it seems that it had limited the "permissions", I would like to create my own define permission, how could that be?? It is appreciated if any senior could share their experience in setting up user level security in MS 2003 as well as if they how they encounter and fixed the above problems that I have met. Sincerely yours |
#8
|
|||
|
|||
Wise to set up user level security for a multi FE MDB ??
help
"Sunny Ho" wrote in message ... I am currently using MS 2003 and work on a multi-user database. I have reviewed previous posts in the forum and followed their advise achieved in spliting the database to FE and BE, and converting the FE as MDE file to protect the codes and Forms in the database. I am proceeding to User Level Security but encountered couples of problem. Which increased my concerned if it is wised to setup user level security for the multi FE MDB. 1) I could not could not set User Level Security in an MDE file?? is that true?? 2) I am now sharing the database by deploying FE copies of MDE file to the other users' PC, is it the same after setting User Level Security MDB?? 3) I found that there is a MDW file as well, and another shortcut was created for logging to the protected MDB, whenever each time I deploy them as 2) at above, errors comes with not having permission in access to the MDB, likely due to lost of linking with the MDW file and the MDB file how to solve that?? Do I really need to modify the properties inside the "short cut for the secured database" everytime for every users' PC manually?? 4) I have tried to use the wizard to create the User Level Security, but it seems that it had limited the "permissions", I would like to create my own define permission, how could that be?? It is appreciated if any senior could share their experience in setting up user level security in MS 2003 as well as if they how they encounter and fixed the above problems that I have met. Sincerely yours |
#9
|
|||
|
|||
Wise to set up user level security for a multi FE MDB ??
On Thu, 13 May 2010 14:57:01 +0100, "martin" wrote:
help Martin, if you want help about your Microsoft Access database, just create a new message (rather than replying to someone else's old message). If you want help about something else, use Google Groups to find an appropriate newsgroup. -- John W. Vinson [MVP] |
#10
|
|||
|
|||
Wise to set up user level security for a multi FE MDB ??
"a a r o n . k e m p f @ g m a i l . c o m"
wrote: User Level Security was removed because it's not effective, and not secure This statement is wrong. ULS has been removed from the ACCDB format files but is still present and supported in MDB files. it's best to move to SQL Server if you want real security for your data That I'd agree with. Of course it depends on how secure the data has to be. Tony -- Tony Toews, Microsoft Access MVP Tony's Main MS Access pages - http://www.granite.ab.ca/accsmstr.htm Tony's Microsoft Access Blog - http://msmvps.com/blogs/access/ For a convenient utility to keep your users FEs and other files updated see http://www.autofeupdater.com/ Granite Fleet Manager http://www.granitefleet.com/ |
Thread Tools | |
Display Modes | |
|
|