Solved

Permissions Necessary To Refresh Links

Posted on 2008-11-02
16
305 Views
Last Modified: 2012-05-05
What permissions do I need to give the users so that they can refresh links to linked tables. I use the refreshlink method to refresh at login. Also, I have seperated my front-end from back-end (I did this after creating my workgroup).
0
Comment
Question by:bejhan
  • 7
  • 4
  • 4
  • +1
16 Comments
 
LVL 75
ID: 22863998
The folder containing an MDB must have 100% Full Permissions in order to function correctly.

mx
0
 
LVL 84
ID: 22865704
Users must have Read Design ability for Tables in the BE, and must have the permission to Add New Tables in the FE. Also must have basic Read/Write for those tables as well.
0
 
LVL 57

Accepted Solution

by:
Jim Dettman (Microsoft MVP/ EE MVE) earned 100 total points
ID: 22866573
Take a look at:

Microsoft Access Security FAQ available in the Download Center
http://support.microsoft.com/kb/207793

  The permissions required to relink tables varies by the method you use.  The answer to your question is in there along with a whole lot more then you problably want to know about security<g>.

  Well worth a read.

JimD.
0
 
LVL 75
ID: 22868915
Of course, my assumption is ... that once the links are 'refreshed', the users will then be using the MDB - requiring full permissions.

mx
0
 
LVL 57
ID: 22869906
<<Of course, my assumption is ... that once the links are 'refreshed', the users will then be using the MDB - requiring full permissions.>>

  Yeah, but you need those with or without user level security in place.  One would assume they are already in place since the database was already being used.

JimD>
0
 
LVL 75
ID: 22869917
You know ... I missed the 'workgroup' part, sorry.

mx
0
 
LVL 57
ID: 22869966
<<You know ... I missed the 'workgroup' part, sorry.>>

  Been there done that!

JimD.
0
 
LVL 1

Author Comment

by:bejhan
ID: 22870412
I think I might actually ditch MS Access security all together and just implement my own. The Access security is pretty annoying to use. Is there any reason you would recommend against this?
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 75
ID: 22870567
It's not going to be that easy really to roll your own.  Not sure I would reinvent the wheel in this case ... assuming you really need security.

mx
0
 
LVL 57

Assisted Solution

by:Jim Dettman (Microsoft MVP/ EE MVE)
Jim Dettman (Microsoft MVP/ EE MVE) earned 100 total points
ID: 22870882

  Access user level security is the only real way to protect your tables but it's a pain to use (now that I say that, I'm wondering if a database level password would be sufficent now that it's been beefed up).  But since it's easy to crack (to a Google search) it doesn't seem worth the effort.

  If you goal is to control access to forms and reports, then yes, I would just roll your own.  If security is really a concern because of the data itself, then I'd be looking to use SQL server as a back end with your own security in the front end to control form and report access.

FWIW,
JimD.
0
 
LVL 1

Author Comment

by:bejhan
ID: 22871423
Well I may just be being overly paranoid here. The application is for a group of under 20 users. I have 3 levels of users: team leads, full users, partial users. Team leads have access to admin tools etc., Full users can do everything except admin tools, and partial users can add additional information to records and pull reports. I have already coded it to check user type, show them the appropriate menu, and show them only the records that belong to them, etc. I have startup so you need the shift key to even access database objects.

Now I am fairly new to Access, this is really my first application that was more than a few users and where more than one user would be on at a time so I figured I should set permissions as secure as possible, only let them read/write tables that forms they were accessing were bound to, only let them read forms they were allowed to access, etc. Now I am running into problems where the permissions I have set is not allowing the user to do things I want them to (such as refresh links). Would compiling this into an MDE and disabling the shift button be sufficient with the coding I have already done to keep my database secure and just giving all users full permissions (and my backend with a password)?
0
 
LVL 75

Assisted Solution

by:DatabaseMX (Joe Anderson - Access MVP)
DatabaseMX (Joe Anderson - Access MVP) earned 100 total points
ID: 22871504
"Would compiling this into an MDE and disabling the shift button be sufficient with the coding I have already done to keep my database secure and just giving all users full permissions (and my backend with a password)?"

And MDE will prevent users from being able to:
1) See any code

2) Make design changes to Forms, Reports  (and Modules 1 above).

It does nothing to protect or secure data in any way.  However, with the shift key scenario, then assuming they cannot get to the database window (in the MDE) ... AND ... you have the back end Password protected - along with whatever code you already have - you *might* be ok.  Note that the database password in A2003 and prior is easily hacked.

mx
0
 
LVL 1

Author Comment

by:bejhan
ID: 22871778
Its just I don't have any reason to think that someone would be trying to get at the data. The application is for use in a government office so the security is already pretty good there for people trying to hack their way in. I really just wanted to stop users from doing things like: "I made a small mistake in the data and now I can't change it I'll just quickly go into the tables and change it".
0
 
LVL 75

Assisted Solution

by:DatabaseMX (Joe Anderson - Access MVP)
DatabaseMX (Joe Anderson - Access MVP) earned 100 total points
ID: 22871797
Gov't = Secure = Oxymoron, LOL.

OK ... based on what you are saying, I would say MDE + BackEnd Password = Reasonable.

mx
0
 
LVL 1

Author Comment

by:bejhan
ID: 22872579
Thanks for all your help guys.
0
 
LVL 75
ID: 22872597
You are welcome.

mx
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

Introduction When developing Access applications, often we need to know whether an object exists.  This article presents a quick and reliable routine to determine if an object exists without that object being opened. If you wanted to inspect/ite…
Introduction The Visual Basic for Applications (VBA) language is at the heart of every application that you write. It is your key to taking Access beyond the world of wizards into a world where anything is possible. This article introduces you to…
In Microsoft Access, learn different ways of passing a string value within a string argument. Also learn what a “Type Mis-match” error is about.
In Microsoft Access, learn the trick to repeating sub-report headings at the top of each page. The problem with sub-reports and headings: Add a dummy group to the sub report using the expression =1: Set the “Repeat Section” property of the dummy…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now