Security Question Regarding Data Deletion

[swaggel1]

I am attempting to secure a database in Access 2000 and have used the User-Level Security Wizard to begin the process. The database is opening via a shortcut requiring a password, and, for the most part, I am seeing the results I expect (the correct users are accessing/not accessing the database objects as planned).

Although things went well to this point, I am experiencing a problem with data deletion. The individuals assigned to the Users group are supposed to be able to go into a data entry form and read/update/insert data as necessary. I have set the permissions on the underlying table for Read, Update and Insert, but NOT Delete. However, when the users go into the form, they can read/update/insert, but they are also able to delete any and all of the data on any of the records.

What am I doing wrong? How can I allow the data updates without allowing deletions? Any help would be greatly appreciated.

 

[psemianonymous]

If for nothing else, go check my FAQ because it links to Microsoft's superior FAQ. I don't know if you created a new workgroup file before running the security wizard. If not, then you will have to start over. Check out my FAQ, or check out the Microsoft FAQ, or both.


Fixing some Access/JET security setups faq181-3950

 

[swaggel1]

Thanks for your reply.

I have read both the MS Access Security document and your FAQ. As a novice, the information I need may be in there and I'm just overlooking it.

I am using a tiny, "test" database to try and teach myself security before applying it to our production database. On my first attempt, I used the Wizard to create a new workgroup file and set up security. When I saw that there were a few things not working the way I wanted, I deleted the first workgroup information file and used the MS Security document to create a new workgroup file and set up security manually. Still not quite right. I then deleted this information and used the Wizard again to set up a new workgroup file and security settings - this time everything worked the way I expected.

As I said, all of my other settings are working as expected. Since my original post, I investigated some other options. In addition to the security settings, I tried to create a "Cancel = True" event procedure for the form's On Delete property, and I tried setting the form's Allow Deletions property to No. In all instances, users logged into the database can still delete the data.

I must be overlooking something very simple. Any suggestions?

 

[psemianonymous]

A "good practice" for securing databases is to remove all permissions from the (universal) Admin user and the (universal) Users group. Then, "work upwards" from zero permissions to some permissions using special groups.

Maybe you forgot to remove permissions for the Admin user? Or the Users group?

I can't help specifically with the Access 2000 security wizard because (1) I've never seen that specific wizard, and they change from version to version, and (2) The one for my version (97) isn't too useful. So I don't know specifically what's going on. Sorry. But I think the previous paragraph has your answer.


Pete