Solved

Securing .mdb and .mdw Files On A Network Share Location

Posted on 2009-05-14
5
625 Views
Last Modified: 2013-12-04
We have user-level security setup on our frontend and backend .mdb files.

However, the backend is located on a network share location so all users can link to the database when they start their local copy of the frontend (which they also copy from a network location).

I want to know:

1) Is their is anything more I can do to stop users copying / deleting / moving the frontend and backend .mdb and .mdw files?

2) If so, what permissions would I need to set on the server?


I'm just getting 2nd opinion as in the book I've been reading, "Alison Balter's Mastering Microsoft Office Access 2003 by Alison Aalter, p.53) it says:

"An additional weakness is that the network share where the Access .mdb and .mdw files are located also needs to have read, write, and delete permissions, which means you can't prevent users from deleting or copying the .mdb and .mdw files. The only alternative is to create an n-tier application where the middle-tier objects alone have access to the physical files. However, this means that you need to write the application "unbound," since the users will no longer be directly connected to the database. When you get to that point, you'll probably be considering SQL Server or another database platform that is capable of scaling to support more users and larger volumes of data."

0
Comment
Question by:CuriousOne1
  • 3
  • 2
5 Comments
 
LVL 84

Accepted Solution

by:
Scott McDaniel (Microsoft Access MVP - EE MVE ) earned 500 total points
ID: 24391379
No. As the book said, users must have read, write and delete permissions on that folder, which means any user who has permissions to access the database will also have permissions to copy the files in that folder. You could architect an app in the manner the book describes, but you're looking at a lot of work, and if you're going to do this, you'll be a lot better off moving to a true server database.

You can name the database with a non-standard name (like gwpdxg.ocx or something), and name the files and such something that would be non-ituitive. That's about as far as you can really go.
0
 

Author Comment

by:CuriousOne1
ID: 24391460
Okay, I guess the contingency plan will be to maintain periodic backups.

- Data .mdb file is backed up every hour for a week (auto when user starts the application - if not already backed up for the present hour).

- workgroup file is backed up monthly

- frontend files are backed up monthly and after each upgrade.

- data file backup up monthly also.

What about securing the backup folder then?

I'm just thinking, the application automatically copies the data .mdb file to the the backup folder location, so if I was to secure it, I'd still need copy permissions for users.
0
 
LVL 84

Assisted Solution

by:Scott McDaniel (Microsoft Access MVP - EE MVE )
Scott McDaniel (Microsoft Access MVP - EE MVE ) earned 500 total points
ID: 24391479
Yes, if your app automatically does this, then users would need at least write permissions on that folder (and probably others as well).
0
 

Author Comment

by:CuriousOne1
ID: 24391512
So the network folder needs the following permissions because:

- read: to allow users to read the data in the backend .mdb file?
- write: to allow users to write to the data .mdb file?
- delete: to allow JET to auto delete the locking file created when a users connects to the data .mdb file?
0
 

Author Comment

by:CuriousOne1
ID: 24392234
Thanks LSM, I'll assume I've got it right.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Describes a method of obtaining an object variable to an already running instance of Microsoft Access so that it can be controlled via automation.
This article describes two methods for creating a combo box that can be used to add new items to the row source -- one for simple lookup tables, and one for a more complex row source where the new item needs data for several fields.
Familiarize people with the process of utilizing SQL Server views from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Access…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question