Jasinski Technical Wiki

Navigation

Home Page
Index
All Pages

Quick Search
»
Advanced Search »

Contributor Links

Create a new Page
Administration
File Management
Login/Logout
Your Profile

Other Wiki Sections

Software

PoweredBy

Page History: Enabling Security - Microsoft Access

Compare Page Revisions



« Older Revision - Back to Page History - Current Revision


Page Revision: Sun, Dec 21, 2008, 9:25 AM


{outline||Step <1> - |

.<1> - }

Taken from the Microsoft Access 2.0 Help File

The following procedure will secure a MS-Access database so that it can be opened only by (1) a Username of the database owner or (2) a Username granted Open/Run access either directly (to the Username) or indirectly (to a Group the Username is a member of); or (3) by re-creating the System Database, knowing the UserNames, Password, PIDs, etc.

Create or Choose a Workgroup

1. Create a workgroup in the System Database

  • Launch the MS-Access Workgroup Administrator (WRKGADM.EXE). If necessary, re-install MS-Access and be sure to include Tools in your Setup Options.

  • Record the Name, Organization, and Workgroup ID (1-20 alphanumerics), including case-sensitivity. If lost, it cannot be recovered.

Security Risk
If you don’t specify a WID, any user can re-create the workgroup using the same Name and Organization.


2. For any additional stations on the network, use the Workgroup Administrator to join the System Database you just created.

Create the New Database Owner

1. Create the user account for the new database owner.

  • Usernames can be 1 to 20 characters, including letters, numbers, spaces, symbols, and accented characters. They cannot include leading spaces, controls characters (ASCII 00 to ASCII 31), or any of the following characters: " / \ : < > + = ; , ? *. If you are re-creating a user account that has been deleted, the username must be an exact case-sensitive match of the original name.

  • Personal IDs can contain from 4 to 20 characters, including only letters and numbers. They are case-sensitive.

2. Record the Username and Personal ID, including case-sensitivity.

3. Add the new user account to the Admins group.

Activate the Logon Procedure

1. Assign a password to the Admin account. Passwords can be 1 to 14 characters and are case-sensitive.

2. Record the password, including case-sensitivity

Change the Database and Object Ownership

1. Re-launch Access, logging on as the new owner.

2. Create a new database, then import the database you want the new owner to own.

Caution
MS-Access imports only the objects for which you have permissions.

3. Assign a Password to the New Owner. Passwords can be 1 to 14 characters and are case-sensitive.

4. Record the password including case-sensitivity

Remove Default Permissions and Assign New Permissions

Security Risk
Remove the permissions of the Admin user and the Users group, which includes all users in a workgroup. Until you remove those permissions, users may have unintended permissions for objects.

1. Remove Open/Run permission for the Database for the group Users

2. Remove the user Admin from the Group Admins

Caution
If you close the Permissions dialog without clicking the Assign button, the permissions are not assigned.

Verify Security



1. Re-launch Access, logging on as Admin.

2. Attempt to open the new database file. You should get an error stating that you don’t have the proper permission to open the database.

3. Re-launch MS-Access, log on as the new owner,

4. Attempt to open the new database file. You should have complete access to all database objects.

Rename the Database Files

1. Archive the old database file

2. Rename the new (protected) database file to the old names.

ScrewTurn Wiki version 3.0.1.400. Some of the icons created by FamFamFam. Except where noted, all contents Copyright © 1999-2024, Patrick Jasinski.