• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 657
  • Last Modified:

Securing .mdb and .mdw Files On A Network Share Location

We have user-level security setup on our frontend and backend .mdb files.

However, the backend is located on a network share location so all users can link to the database when they start their local copy of the frontend (which they also copy from a network location).

I want to know:

1) Is their is anything more I can do to stop users copying / deleting / moving the frontend and backend .mdb and .mdw files?

2) If so, what permissions would I need to set on the server?


I'm just getting 2nd opinion as in the book I've been reading, "Alison Balter's Mastering Microsoft Office Access 2003 by Alison Aalter, p.53) it says:

"An additional weakness is that the network share where the Access .mdb and .mdw files are located also needs to have read, write, and delete permissions, which means you can't prevent users from deleting or copying the .mdb and .mdw files. The only alternative is to create an n-tier application where the middle-tier objects alone have access to the physical files. However, this means that you need to write the application "unbound," since the users will no longer be directly connected to the database. When you get to that point, you'll probably be considering SQL Server or another database platform that is capable of scaling to support more users and larger volumes of data."

0
CuriousOne1
Asked:
CuriousOne1
  • 3
  • 2
2 Solutions
 
Scott McDaniel (Microsoft Access MVP - EE MVE )Infotrakker SoftwareCommented:
No. As the book said, users must have read, write and delete permissions on that folder, which means any user who has permissions to access the database will also have permissions to copy the files in that folder. You could architect an app in the manner the book describes, but you're looking at a lot of work, and if you're going to do this, you'll be a lot better off moving to a true server database.

You can name the database with a non-standard name (like gwpdxg.ocx or something), and name the files and such something that would be non-ituitive. That's about as far as you can really go.
0
 
CuriousOne1Author Commented:
Okay, I guess the contingency plan will be to maintain periodic backups.

- Data .mdb file is backed up every hour for a week (auto when user starts the application - if not already backed up for the present hour).

- workgroup file is backed up monthly

- frontend files are backed up monthly and after each upgrade.

- data file backup up monthly also.

What about securing the backup folder then?

I'm just thinking, the application automatically copies the data .mdb file to the the backup folder location, so if I was to secure it, I'd still need copy permissions for users.
0
 
Scott McDaniel (Microsoft Access MVP - EE MVE )Infotrakker SoftwareCommented:
Yes, if your app automatically does this, then users would need at least write permissions on that folder (and probably others as well).
0
 
CuriousOne1Author Commented:
So the network folder needs the following permissions because:

- read: to allow users to read the data in the backend .mdb file?
- write: to allow users to write to the data .mdb file?
- delete: to allow JET to auto delete the locking file created when a users connects to the data .mdb file?
0
 
CuriousOne1Author Commented:
Thanks LSM, I'll assume I've got it right.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now