Enabling Security - Microsoft Access
{outline||Step <1> - |<H2>.<1> - }
Taken from the Microsoft Access 2.0 Help File
The following procedure will secure a MS-Access database so that it can be opened only by (1) a Username of the database owner or (2) a Username granted
Open/Run
access either directly (to the Username) or indirectly (to a Group the Username is a member of); or (3) by re-creating the System Database, knowing the UserNames, Password, PIDs, etc.
Create or Choose a Workgroup
¶
1. Create a workgroup in the System Database
Launch the MS-Access Workgroup Administrator (
WRKGADM.EXE
). If necessary, re-install MS-Access and be sure to include
Tools
in your
Setup Options
.
Record the
Name
,
Organization
, and
Workgroup ID
(1-20 alphanumerics), including case-sensitivity. If lost, it cannot be recovered.
Security Risk
If you don’t specify a WID, any user can re-create the workgroup using the same Name and Organization.
2. For any additional stations on the network, use the
Workgroup Administrator
to join the System Database you just created.
Create the New Database Owner
¶
1. Create the user account for the new database owner.
Usernames
can be 1 to 20 characters, including letters, numbers, spaces, symbols, and accented characters. They
cannot
include leading spaces, controls characters (ASCII 00 to ASCII 31), or any of the following characters:
" / \
: < > + = ; , ? *
. If you are re-creating a user account that has been deleted, the username must be an
exact
case-sensitive match of the original name.
Personal ID
s can contain from 4 to 20 characters, including only letters and numbers. They are case-sensitive.
2. Record the
Username
and
Personal ID
, including case-sensitivity.
3. Add the new user account to the
Admins
group.
Activate the Logon Procedure
¶
1. Assign a password to the
Admin
account. Passwords can be 1 to 14 characters and are case-sensitive.
2. Record the password, including case-sensitivity
Change the Database and Object Ownership
¶
1. Re-launch Access, logging on as the new owner.
2. Create a new database, then import the database you want the new owner to own.
Caution
MS-Access imports only the objects for which you have permissions.
3. Assign a Password to the New Owner. Passwords can be 1 to 14 characters and are case-sensitive.
4. Record the password including case-sensitivity
Remove Default Permissions and Assign New Permissions
¶
Security Risk
Remove the permissions of the Admin user and the Users group, which includes all users in a workgroup. Until you remove those permissions, users may have unintended permissions for objects.
1. Remove
Open/Run
permission for the
Database
for the group
Users
2. Remove the user
Admin
from the Group
Admins
Caution
If you close the
Permissions
dialog without clicking the
Assign
button, the permissions are not assigned.
Verify Security
¶
1. Re-launch Access, logging on as
Admin
.
2. Attempt to open the new database file. You should get an error stating that you don’t have the proper permission to open the database.
3. Re-launch MS-Access, log on as the new owner,
4. Attempt to open the new database file. You should have complete access to all database objects.
Rename the Database Files
¶
1. Archive the old database file
2. Rename the new (protected) database file to the old names.