Link to home
Start Free TrialLog in
Avatar of leeroypitre
leeroypitre

asked on

Lockout Admin privileges in MS Access 2007

We have an application in MS Access 2007.  There are no access user accounts.  Instead the application is on a protected network share.   What I need is a way to prevent end users from going into administrative mode in the production copy of the file.
Avatar of Dale Fye
Dale Fye
Flag of United States of America image

When you say the "application is on a protected network share" do you mean the data, the application, or both?

Generally, in a multi-user environment it is beneficial to split the application into two parts (Front-End and Backend).  The Front-end is where all of the forms, reports, queries, and code reside.  The backend contains only data.  The front-end should exist on the users individual PCs and it is best to save the file as an mde or accde file to prevent users from messing with code.  

The backend should sit on the server and the tables in the back-end should be linked to the front-end.  The backend must be sitting in a folder on the server that everyone useing the front-end has read/write privileges to.  But that doesn't mean you have to tell the users where it is located.  There are no foolproof ways to prevent a user from opening an Access backend directly, although there are a number of techniques for "hiding" the backend from users.  If you really need to lock-down your data, my recommendation would be SQL Server or SQL Server Express (free).  

There are a bazillion google posting and EE questions that use this code

Function ReturnUserName() As String
' returns the NT Domain User Name
Dim rString As String * 255, sLen As Long, tString As String
    tString = ""
    On Error Resume Next
    sLen = GetUserName(rString, 255)
    sLen = InStr(1, rString, Chr(0))
    If sLen > 0 Then
        tString = Left(rString, sLen - 1)
    Else
        tString = rString
    End If
    On Error GoTo 0
    ReturnUserName = UCase(Trim(tString))
End Function

It originally comes from the Access Web http://access.mvps.org/access/

It is used very simply
Put it in a module, then use it like below

Private sub WhoAreYou
    msgbox ReturnUserName
end sub

Now, you have the ability to detect the NT login name, think of the possibilities.
The app, each form, each report--they all have open events

Private myform_Open(cancel as integer)
select case returnusername
    case "leeropitre"
       'do nothing
    case else
        Msgbox "sorry, not authorized"
        Cancel = true
    end select
end sub

Catch my drift?
ASKER CERTIFIED SOLUTION
Avatar of peter57r
peter57r
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial