• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 357
  • Last Modified:

Granulated security

Hello everybody and thank you in advance for helping me. I would like to know if there is a way to specify in Access that a person can add or delete users and also reset passwords, and that such user doesn't have to be the database owner or administrator.

Reason: We have a lot of applications in place, but we have the philosophy that the Technical are shouldn't be responsible to maintain all of the departments systems. The idea is to give liaisons permission to manage their security permission but not to give them access to manage the database.
0
insight974
Asked:
insight974
1 Solution
 
DeebzCommented:
You'll need a security table that includes three fields: User IDs, passwords and security level.  Have the user open the database to a sign-in form.  If what's entered into the form matches what is stored in the security table, allow the database to open.  If not, quit the application.  Include an "administration" tab or button which is enabled only for certain security levels.  This button will lead to a form maintaining the security table.  
0
 
Jim Dettman (Microsoft MVP/ EE MVE)PresidentCommented:
<<Hello everybody and thank you in advance for helping me. I would like to know if there is a way to specify
in Access that a person can add or delete users and also reset passwords, and that such user doesn't
have to be the database owner or administrator.>>

  Using the built-in Access security, the answer is no.  You need to be an admin to do any of that.  However, in code, you could open another workspace and embed a username/password, which would not be exposed to the user.  By doing this, a "normal" user could then do the stuff you want.

Take a look at:

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q165009

  Which tells you how to download the security FAQ, which has the code to do what you want.  I'd also suggest the Access Developers Handbook, published by Sybex for information/code for manipulating user security.

  Outside of that, you'd have to create your own security system withing Access as has already been suggested.

Jim.
0
 
bob_onlineCommented:
Actually, you can do it using the built in Access security.

1)  You'll need to create for form for adding users, changing passwords and the like.  You can make it look like the built in form if you want.  The form will execute update queries as needed using Owners permissions rather than user permissions.

2)  In a workgroup secured database, create a single admin type group that has rights to the form.  No other group has any rights to the form.

I did this before and it does work.  Basically you're re inventing the wheel by duplicating the built in access processes in code, but that is the only way to restrict it to a specific group.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now