I have a somewhat complex problem. Our Access97 database has been developed and maintained over the past five years and consists of a significant number of Access objects. It implements user level security and is maintained in a SourceSafe repository for configuration control. Apparently we used a copy of the default system.mdw when we added security since we now have the following situation:
1) The database can be opened by double-clicking without logging on and the Admin username permissions are inherited from the default workgroup.
2) SourceSafe removes all permissions when the database is stored.
3) The current system.mdw contains a number of username/password and groups which are not standard.
4) All permissions are reset by using a form developed locally.
5) The Access97 contains a number of user developed toolbars.
Issue: As I understand it, when the workgroup is associated with the database and usernames/groups are added the database and the workgroup contain the SID of the workgroup used. If the workgroup was a copy of the default workgroup then that SID will be the same SID as the default workgroup and anyone using the default workgroup can then open the database and will be assigned the 'Admin' permissions associated with the application database 'Admin' permissions.
Proposed Solution:
1) Create a new workgroup (not a copy)
2) Create a totally unsecured copy of the application database by importing the Access objects into Access 2000 (since I also want the toolbars) and then saving as an earlier version database (Access 97).
3) Associate the new workgroup and database.
4) Create a new username with admin permissions.
5) Remove 'Admins' group permissions from the 'Admin' username.
6) Use the Security Wizard to create a secure database.
Problem: The wizard fails with no information about what caused the failure.
Any ideas about what may be causing the wizard failure or a better process?
Steve King
1) The database can be opened by double-clicking without logging on and the Admin username permissions are inherited from the default workgroup.
2) SourceSafe removes all permissions when the database is stored.
3) The current system.mdw contains a number of username/password and groups which are not standard.
4) All permissions are reset by using a form developed locally.
5) The Access97 contains a number of user developed toolbars.
Issue: As I understand it, when the workgroup is associated with the database and usernames/groups are added the database and the workgroup contain the SID of the workgroup used. If the workgroup was a copy of the default workgroup then that SID will be the same SID as the default workgroup and anyone using the default workgroup can then open the database and will be assigned the 'Admin' permissions associated with the application database 'Admin' permissions.
Proposed Solution:
1) Create a new workgroup (not a copy)
2) Create a totally unsecured copy of the application database by importing the Access objects into Access 2000 (since I also want the toolbars) and then saving as an earlier version database (Access 97).
3) Associate the new workgroup and database.
4) Create a new username with admin permissions.
5) Remove 'Admins' group permissions from the 'Admin' username.
6) Use the Security Wizard to create a secure database.
Problem: The wizard fails with no information about what caused the failure.
Any ideas about what may be causing the wizard failure or a better process?
Steve King
