Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Securing .mdb and .mdw Files On A Network Share Location

Posted on 2009-05-14
5
621 Views
Last Modified: 2013-12-04
We have user-level security setup on our frontend and backend .mdb files.

However, the backend is located on a network share location so all users can link to the database when they start their local copy of the frontend (which they also copy from a network location).

I want to know:

1) Is their is anything more I can do to stop users copying / deleting / moving the frontend and backend .mdb and .mdw files?

2) If so, what permissions would I need to set on the server?


I'm just getting 2nd opinion as in the book I've been reading, "Alison Balter's Mastering Microsoft Office Access 2003 by Alison Aalter, p.53) it says:

"An additional weakness is that the network share where the Access .mdb and .mdw files are located also needs to have read, write, and delete permissions, which means you can't prevent users from deleting or copying the .mdb and .mdw files. The only alternative is to create an n-tier application where the middle-tier objects alone have access to the physical files. However, this means that you need to write the application "unbound," since the users will no longer be directly connected to the database. When you get to that point, you'll probably be considering SQL Server or another database platform that is capable of scaling to support more users and larger volumes of data."

0
Comment
Question by:CuriousOne1
  • 3
  • 2
5 Comments
 
LVL 84

Accepted Solution

by:
Scott McDaniel (Microsoft Access MVP - EE MVE ) earned 500 total points
ID: 24391379
No. As the book said, users must have read, write and delete permissions on that folder, which means any user who has permissions to access the database will also have permissions to copy the files in that folder. You could architect an app in the manner the book describes, but you're looking at a lot of work, and if you're going to do this, you'll be a lot better off moving to a true server database.

You can name the database with a non-standard name (like gwpdxg.ocx or something), and name the files and such something that would be non-ituitive. That's about as far as you can really go.
0
 

Author Comment

by:CuriousOne1
ID: 24391460
Okay, I guess the contingency plan will be to maintain periodic backups.

- Data .mdb file is backed up every hour for a week (auto when user starts the application - if not already backed up for the present hour).

- workgroup file is backed up monthly

- frontend files are backed up monthly and after each upgrade.

- data file backup up monthly also.

What about securing the backup folder then?

I'm just thinking, the application automatically copies the data .mdb file to the the backup folder location, so if I was to secure it, I'd still need copy permissions for users.
0
 
LVL 84

Assisted Solution

by:Scott McDaniel (Microsoft Access MVP - EE MVE )
Scott McDaniel (Microsoft Access MVP - EE MVE ) earned 500 total points
ID: 24391479
Yes, if your app automatically does this, then users would need at least write permissions on that folder (and probably others as well).
0
 

Author Comment

by:CuriousOne1
ID: 24391512
So the network folder needs the following permissions because:

- read: to allow users to read the data in the backend .mdb file?
- write: to allow users to write to the data .mdb file?
- delete: to allow JET to auto delete the locking file created when a users connects to the data .mdb file?
0
 

Author Comment

by:CuriousOne1
ID: 24392234
Thanks LSM, I'll assume I've got it right.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
OfficeMate Freezes on login or does not load after login credentials are input.
Familiarize people with the process of utilizing SQL Server stored procedures from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Micr…
Show developers how to use a criteria form to limit the data that appears on an Access report. It is a common requirement that users can specify the criteria for a report at runtime. The easiest way to accomplish this is using a criteria form that a…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question