I was wondering if any of you experts out there can point me in the right direction or if it is even possible. What I would like to do is have a form alowing a user to add users and set permissions for an Access Database. The db is locked from intrusion so tables,menus ect. are not available but if I could write a vb script to add users and then run it from a form it would be wonderfull, cause it would save me going and manually unlocking the db and adding them using Access when the client hired someone new. All help will be much appreciated
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Add users Set Permissions 2
- Thread starter glenmac
- Start date
-
1
- #2
add a new table which has only UserNames and passwords
Every time you open the database create a little form, that is the startup form. This prompts for a Username and Password. compare it to see if that name and password is in the Users Table and let him open the Main form, if not just quit Access completely.
This the way I have all my Access Databases secured.
Hope this helps;
Every time you open the database create a little form, that is the startup form. This prompts for a Username and Password. compare it to see if that name and password is in the Users Table and let him open the Main form, if not just quit Access completely.
This the way I have all my Access Databases secured.
Hope this helps;
-
1
- #4
LittleSmudge
Programmer
I only finished this a few hours ago - so its quite topical.
Remember that the current user must be a member of the Admins group in order to be able to change the Cat.Users
( And you'll need the ADOX 2.5 for Dll and Security libraty linked in )
'ope-that-'elps.
G LS
accessaceNOJUNK@valleyalley.co.uk
Remove the NOJUNK to use.
Code:
Function SetUser(strName As String, _
strPassword As String) As Boolean
On Error GoTo ExitSetUser
Dim cat As ADOX.Catalog
Set cat = New ADOX.Catalog
cat.ActiveConnection = CurrentProject.Connection
cat.Users.Append strName, strPassword
cat.Users.Refresh
cat.Groups("DataWorker").Users.Append strName, strPassword
cat.Groups.Refresh
SetUser = True
ExitSetUser:
Set cat = Nothing
Exit Function
ErrorSetUser:
MsgBox Err.Description, , Err.Number
SetUser = False
Resume ExitSetUser
End FunctionRemember that the current user must be a member of the Admins group in order to be able to change the Cat.Users
( And you'll need the ADOX 2.5 for Dll and Security libraty linked in )
'ope-that-'elps.
G LS
accessaceNOJUNK@valleyalley.co.uk
Remove the NOJUNK to use.
LittleSmudge
Programmer
zevw,
I hope you are not under the missapprehention that using that sort of technique is in any way 'secure' !
Why do people do about inventing their own security sustems when Access has it's own Security Model built in?
G LS
accessaceNOJUNK@valleyalley.co.uk
Remove the NOJUNK to use.
I hope you are not under the missapprehention that using that sort of technique is in any way 'secure' !
Why do people do about inventing their own security sustems when Access has it's own Security Model built in?
G LS
accessaceNOJUNK@valleyalley.co.uk
Remove the NOJUNK to use.
LittleSmudge!
My Opinion:
Microsoft Access Security - sucks!
and it is totally complicated, and not at all user friendly.
Believe me! there is a lot things to do with your own that can really secure your database.
1. Disbaling the Shify Key
2.adding your own passwords on the complete database to view properties, etc.
But everyone is entitled to their approach.
My Opinion:
Microsoft Access Security - sucks!
and it is totally complicated, and not at all user friendly.
Believe me! there is a lot things to do with your own that can really secure your database.
1. Disbaling the Shify Key
2.adding your own passwords on the complete database to view properties, etc.
But everyone is entitled to their approach.
- Thread starter
- #7
I appreciate your input ZEVW but I need the person logged on through Access security as I use current user for much of my code.
GLS Your code looks interesting. I only have Access 2K so I don't have ADOX 2.5, I don't think. I agree with your analysis of "reinventing the wheel" and I use current user for a lot of my code. Is a similar function possible for ADO 2.1 or DAO?
GLS Your code looks interesting. I only have Access 2K so I don't have ADOX 2.5, I don't think. I agree with your analysis of "reinventing the wheel" and I use current user for a lot of my code. Is a similar function possible for ADO 2.1 or DAO?
I really appreciate the help given on this site and would like add to this discussion about Access security. I am trying to understand Access security in XP so does anyone know where I can find a step by step guide to setting up security? Also does Access security work with run time versions? I could do as ZEVW suggests and build my own with a table of user names and passwords but I also need the CurrentUser field.
- Thread starter
- #9
I'd be carefull using ZEVW's method as it depends on having the shift key disabled. As soon as people can bypass the startup using the shift key there're in the database. They then can alter the password table, and they're in.
There are utilities available quite readily that enable you to enable the shift key. For instance you can go to and download (after registering) a cool little db that fits on a floppy to do just that. While I'm at it I'd like to give credit to Ricky Hicks for sharing the application. As for using Access XP security (if it's the same as Access 2K) the help file is quite comprehensive. Just my 2 cents.
There are utilities available quite readily that enable you to enable the shift key. For instance you can go to and download (after registering) a cool little db that fits on a floppy to do just that. While I'm at it I'd like to give credit to Ricky Hicks for sharing the application. As for using Access XP security (if it's the same as Access 2K) the help file is quite comprehensive. Just my 2 cents.
Well Guys!
I disable the shiftKey and hide my password somewhere in the DB and have to enter the db just like any other, know the place where to click so can reenable the shift key and naturally it will only allow me if I enter the password that is hidden in the db.
I am using this for a while and it has not given me any problems.
I disable the shiftKey and hide my password somewhere in the DB and have to enter the db just like any other, know the place where to click so can reenable the shift key and naturally it will only allow me if I enter the password that is hidden in the db.
I am using this for a while and it has not given me any problems.
LittleSmudge
Programmer
Glenmac
GLS Your code looks interesting. I only have Access 2K so I don't have ADOX 2.5,
Actually you NEED A2k to get ADOX2.5 Just look in the References list and you'll see it down near the bottom of the Microsoft ADO section of the list.
MoiraT
All the info is in the Access Help file - there's no better source of info that I've come across.
( There's a lot of it - I accept - but wade through it a couple of times then dip in to the bits you need. )
Zevw
Your description sounds like a lot of faff to do what Access security will do for you automatically.
But HEY. You get that star and I don't !
As with many things in Access - There more than one way of skinning a cat.
( But it still tastes like chicken ).
Regards,
G
GLS Your code looks interesting. I only have Access 2K so I don't have ADOX 2.5,
Actually you NEED A2k to get ADOX2.5 Just look in the References list and you'll see it down near the bottom of the Microsoft ADO section of the list.
MoiraT
All the info is in the Access Help file - there's no better source of info that I've come across.
( There's a lot of it - I accept - but wade through it a couple of times then dip in to the bits you need. )
Zevw
Your description sounds like a lot of faff to do what Access security will do for you automatically.
But HEY. You get that star and I don't !
As with many things in Access - There more than one way of skinning a cat.
( But it still tastes like chicken ).
Regards,
G
psemianonymous
Programmer
Blah - forget all the SHIFT key nonsense.
1. Open a new database (db1.mdb)
2. Import all objects from the "secured" database.
3. Delete the autoexec macro.
4. Your "secure" database is now completely stripped of security, and all this using common (uncomplicated?) tasks.
If nothing else, this is why you use Access security.
--
Find common answers using Google Groups:
Corrupt MDBs FAQ
1. Open a new database (db1.mdb)
2. Import all objects from the "secured" database.
3. Delete the autoexec macro.
4. Your "secure" database is now completely stripped of security, and all this using common (uncomplicated?) tasks.
If nothing else, this is why you use Access security.
--
Find common answers using Google Groups:
Corrupt MDBs FAQ
psemianonymous
Programmer
Tools->Options.
Go to the View tab (open by default).
Go to the "Show" frame.
Check Hidden Objects and System Objects.
It's still available, just a few more steps. I guess you could say the same thing about the built-in security, but the few more steps involve getting hold of a security cracker program of some sort.
Blah. There are uses for non-Access security, and we can agree to dislike many things about Access security: thread181-598990
--
Find common answers using Google Groups:
Corrupt MDBs FAQ
Go to the View tab (open by default).
Go to the "Show" frame.
Check Hidden Objects and System Objects.
It's still available, just a few more steps. I guess you could say the same thing about the built-in security, but the few more steps involve getting hold of a security cracker program of some sort.
Blah. There are uses for non-Access security, and we can agree to dislike many things about Access security: thread181-598990
--
Find common answers using Google Groups:
Corrupt MDBs FAQ
Follio12!
This option is great if you want the users to see the objects. I rather that they do not see the object and again are not able to modify the table design. In that case it will not export to another table either.
I am therefore using the Shift Key disable option, and when I need to modify something, I can enter the DB and re-enable the Shift Key.
I am open for easier and more secure solutions.
This option is great if you want the users to see the objects. I rather that they do not see the object and again are not able to modify the table design. In that case it will not export to another table either.
I am therefore using the Shift Key disable option, and when I need to modify something, I can enter the DB and re-enable the Shift Key.
I am open for easier and more secure solutions.
psemianonymous
Programmer
I've written a (too-large) FAQ, and that's why I was cruising for these types of posts in the first place. If you're interested, head here: FAQ181-3893
Responses go here: thread181-602333
Responses go here: thread181-602333
- Thread starter
- #18
LittleSmudge I'm having a Problem getting the function you provided to work for me from a form. What I've done is call the function using variables from textboxes.
IE. textbox Un and Pw.
then with a command button called the function on click. Like so, SetUser(Me!Un,Me!Pw). Am I doing something Wrong here.
IE. textbox Un and Pw.
then with a command button called the function on click. Like so, SetUser(Me!Un,Me!Pw). Am I doing something Wrong here.
WB786
MIS
- Mar 14, 2002
- 610
Instead of using Access security and re-designing the wheel has anyone thought of network security. If you have network login you will have access to the database.
I have over 200 users setup this way and they can only make changes or update records that belong to them via login name.
Just a thought.
WB
I have over 200 users setup this way and they can only make changes or update records that belong to them via login name.
Just a thought.
WBWB786, that is an excellent idea, of course, when it is a possibility. Some of us are forced to use Windows 98. Maybe when Microsoft drops the price of XP Pro to something reasonable then my very small non-profit will be able to afford to implement that....... I'm thinking it'll happen sometime in the next 1000 to 2000 years.
Also, zevw, while your solution has a certain elegance, pseale was pointing out how insecure that system is. Any user can easily import hidden tables/queries and not only have all your data, but also your usernames and passwords.
The fact is, no single programmer will likely match a team of programmers working on a complex security issue like Microsoft Access, so if you learn it, you'll be ahead of the hackers.
-- WillYum
- William ~^~ ~^~
~ W . I . L . L . Y . U . M ~
wOrLd WiDe WhAt?
Also, zevw, while your solution has a certain elegance, pseale was pointing out how insecure that system is. Any user can easily import hidden tables/queries and not only have all your data, but also your usernames and passwords.
The fact is, no single programmer will likely match a team of programmers working on a complex security issue like Microsoft Access, so if you learn it, you'll be ahead of the hackers.
-- WillYum
- William ~^~ ~^~
~ W . I . L . L . Y . U . M ~
wOrLd WiDe WhAt?
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question
- Locked
- Question