|
dev
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
MS Access SecurityCan someone please advise me on Access security (generally I use SQL Server,
where security is much more straight forward to set up). I have an Access db with users setup using Tools->Security->User and Group Accounts. I then create the various permissions using Tools->Security->User and Group Permissions. This all works fine when using Access to open mdb files, i.e. the users are prompted for username and password and only have the permissions on each table appropriate to that user. However, if I use .NET to access the database I must enter nothing for the username and password or I get a failed access error (if I enter nothing then I have full access to the database). What is going wrong, can I not have users when accessing an Access database from .NET? Thanks. On Mon, 19 Jun 2006 14:04:01 +0100, "JosephByrns" <josephby***@yahoo.com> wrote: ¤ Can someone please advise me on Access security (generally I use SQL Server, ¤ where security is much more straight forward to set up). ¤ ¤ I have an Access db with users setup using Tools->Security->User and Group ¤ Accounts. ¤ I then create the various permissions using Tools->Security->User and Group ¤ Permissions. ¤ ¤ This all works fine when using Access to open mdb files, i.e. the users are ¤ prompted for username and password and only have the permissions on each ¤ table appropriate to that user. ¤ ¤ However, if I use .NET to access the database I must enter nothing for the ¤ username and password or I get a failed access error (if I enter nothing ¤ then I have full access to the database). What is going wrong, can I not ¤ have users when accessing an Access database from .NET? What is the error you are getting? Can you post an example of your connection string? If you can open the database without a user ID and password it sounds as if the database has not been secured. Paul ~~~~ Microsoft MVP (Visual Basic) If you can get in entering nothing for the user name and password,
then you've left out a step securing the database, which is easy to do. I assume that you realize that Access security isn't really secure -- an Internet search will yield an awful lot of hits of people willing to crack it for you for a small fee. Access security is good for deterrence only, which is why many people opt to junk it entirely because it's so hard to get right and of such limited use. You can download the security FAQ from http://www.mvps.org/access/resources/techpapers.htm. That being said, you also need to specify the name and location of the workgroup file (.mdw) in the connection string: "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=c:\mydb.mdb;Jet OLEDB:System Database=c:\system.mdw;" --Mary On Mon, 19 Jun 2006 14:04:01 +0100, "JosephByrns" <josephby***@yahoo.com> wrote: Show quote >Can someone please advise me on Access security (generally I use SQL Server, >where security is much more straight forward to set up). > >I have an Access db with users setup using Tools->Security->User and Group >Accounts. >I then create the various permissions using Tools->Security->User and Group >Permissions. > >This all works fine when using Access to open mdb files, i.e. the users are >prompted for username and password and only have the permissions on each >table appropriate to that user. > >However, if I use .NET to access the database I must enter nothing for the >username and password or I get a failed access error (if I enter nothing >then I have full access to the database). What is going wrong, can I not >have users when accessing an Access database from .NET? > >Thanks. > I'm not at work at the moment so haven't got the connection string or error.
Reading Mary's post I have not created a work group file etc.. so will give that a try first. I realise that Access security isn't the best, but it should be enough in this instance. Thanks. Show quote "Mary Chipman [MSFT]" <mc***@online.microsoft.com> wrote in message news:cijd92pb0n2rjuo76g8naqdkatchv7ph1e@4ax.com... > If you can get in entering nothing for the user name and password, > then you've left out a step securing the database, which is easy to > do. I assume that you realize that Access security isn't really secure > -- an Internet search will yield an awful lot of hits of people > willing to crack it for you for a small fee. Access security is good > for deterrence only, which is why many people opt to junk it entirely > because it's so hard to get right and of such limited use. You can > download the security FAQ from > http://www.mvps.org/access/resources/techpapers.htm. > > That being said, you also need to specify the name and location of the > workgroup file (.mdw) in the connection string: > > "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=c:\mydb.mdb;Jet > OLEDB:System Database=c:\system.mdw;" > > --Mary > > On Mon, 19 Jun 2006 14:04:01 +0100, "JosephByrns" > <josephby***@yahoo.com> wrote: > >>Can someone please advise me on Access security (generally I use SQL >>Server, >>where security is much more straight forward to set up). >> >>I have an Access db with users setup using Tools->Security->User and Group >>Accounts. >>I then create the various permissions using Tools->Security->User and >>Group >>Permissions. >> >>This all works fine when using Access to open mdb files, i.e. the users >>are >>prompted for username and password and only have the permissions on each >>table appropriate to that user. >> >>However, if I use .NET to access the database I must enter nothing for the >>username and password or I get a failed access error (if I enter nothing >>then I have full access to the database). What is going wrong, can I not >>have users when accessing an Access database from .NET? >> >>Thanks. >>  |
|||||||||||||||||||||||
Other interesting topics