• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 193
  • Last Modified:

Lockout Admin privileges in MS Access 2007

We have an application in MS Access 2007.  There are no access user accounts.  Instead the application is on a protected network share.   What I need is a way to prevent end users from going into administrative mode in the production copy of the file.
0
leeroypitre
Asked:
leeroypitre
1 Solution
 
Dale FyeCommented:
When you say the "application is on a protected network share" do you mean the data, the application, or both?

Generally, in a multi-user environment it is beneficial to split the application into two parts (Front-End and Backend).  The Front-end is where all of the forms, reports, queries, and code reside.  The backend contains only data.  The front-end should exist on the users individual PCs and it is best to save the file as an mde or accde file to prevent users from messing with code.  

The backend should sit on the server and the tables in the back-end should be linked to the front-end.  The backend must be sitting in a folder on the server that everyone useing the front-end has read/write privileges to.  But that doesn't mean you have to tell the users where it is located.  There are no foolproof ways to prevent a user from opening an Access backend directly, although there are a number of techniques for "hiding" the backend from users.  If you really need to lock-down your data, my recommendation would be SQL Server or SQL Server Express (free).  

0
 
Nick67Commented:
There are a bazillion google posting and EE questions that use this code

Function ReturnUserName() As String
' returns the NT Domain User Name
Dim rString As String * 255, sLen As Long, tString As String
    tString = ""
    On Error Resume Next
    sLen = GetUserName(rString, 255)
    sLen = InStr(1, rString, Chr(0))
    If sLen > 0 Then
        tString = Left(rString, sLen - 1)
    Else
        tString = rString
    End If
    On Error GoTo 0
    ReturnUserName = UCase(Trim(tString))
End Function

It originally comes from the Access Web http://access.mvps.org/access/

It is used very simply
Put it in a module, then use it like below

Private sub WhoAreYou
    msgbox ReturnUserName
end sub

Now, you have the ability to detect the NT login name, think of the possibilities.
The app, each form, each report--they all have open events

Private myform_Open(cancel as integer)
select case returnusername
    case "leeropitre"
       'do nothing
    case else
        Msgbox "sorry, not authorized"
        Cancel = true
    end select
end sub

Catch my drift?
0
 
peter57rCommented:
If you are using an accdb file then there is no longer a way of achieving this if users have a full copy of Access installed.
You can do various things to discourage users by hiding the Navigation pane and removing ribbons and menus, disabling the Shift-Bypass key and converting the app into an accde file.

This will be quite enough for 99.9% of users but if you have a knowledgable and meddling user then they can still find a way through all this.

If you can install the Access runtime version on users' machines instead of full Access then you immediately disable all design features.  
If you have not already done so then you should use a split application and put the backend tables into a hidden folder so that users don't find it while browsing through folders.



0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Tackle projects and never again get stuck behind a technical roadblock.
Join Now