Access 2003 permissions question

We are using an Access 2003 front-end/back-end program that was created by a vendor. The database uses a WG file for security. I was recently asked to provide some additional functionality to the program. I didn't want to mess with the vendor's front-end, so I created my own. I created the db, joined it to the existing WG, and everything tested fine while I was logged in as admin. However, when logging in as a regular user and opening the main form or any queries I get the following error: "You do not have the necessary permissons to use the backend.mdb object." OK, so I checked the WG permissions on the back-end and saw that the admin user had "Open/Run" permission for the database, while regular users did not. So I gave the Open/Run database permission to a regular user, logged in as the user and everything worked fine. My question is, if regular users did not need the open/run database permission to use the vendor's front-end, why do they need it for the front-end that I created? I did some research and came across the "Run Permissions" property for queries. Thinking this might be the solution, I went into all my queries and changed Run Permissions from User's to Owner's. This did not help though. Can anyone shed some light on this? Is there a way to assign permissions to a form or query rather than to a user?
Who is Participating?
Scott McDaniel (Microsoft Access MVP - EE MVE )Infotrakker SoftwareCommented:
I would strongly suspect that your "vendor" did not properly apply security, or was simply using security for navigation purposes instead of true data security. In a FE/BE secured setup, you must use the exact same workgroup file to secure both, else you'll be locked out of one or the other. In this case it's hard to say, as we haven't seen it.

I would suggest you make a COPY of the vendor's FE database and make your changes to that, then deploy a new COPY of that database to your users after you've finished testing. To insure that you've logged in correctly to that database, build a shortcut with this as the Target:

"full path to msaccess.exe" "full path to your database" /wrkgrp "full path to the workgroup"

Use that shortcut when you need to make changes, then deploy a COPY of those changes to the users when needed. By a "Copy" I mean you use copy/paste to provide an entirely new FE to each user - don't try to move objects into the user's FEs.

I would encourage you to NOT modify permissions unless you are very clear as to what you're doing.
anthonypgAuthor Commented:
Thanks, hadn't thought of that. I will create a copy of the vendor's FE and use that vs starting from scratch.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.