Eye Ess
asked on
ACCDB databases and Active Directory
We are upgrading a database from MDB to ACCDB format. As such, workgroup security is no longer available.
I need to restrict use of the database. Specific reports/forms are executed by a macro that's linked to a button on a form (menu).
How can I leverage Active Directory groups inside the ACCDB database to control the security? Specifically, how can I script the macro to evaluate the active user's security and determine if they can/can't be let in?
I need to restrict use of the database. Specific reports/forms are executed by a macro that's linked to a button on a form (menu).
How can I leverage Active Directory groups inside the ACCDB database to control the security? Specifically, how can I script the macro to evaluate the active user's security and determine if they can/can't be let in?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ParisBP,
oK, I re-read your post when I read unknown_routine's post.
You need to clearly state what you mean by "Security" in this case.
You said:
You also stated:
Again AFAIK, this is not possible with AD.
JeffCoachman
oK, I re-read your post when I read unknown_routine's post.
You need to clearly state what you mean by "Security" in this case.
You said:
Specifically, how can I script the macro to evaluate the active user's security and determine if they can/can't be let in?As was mentioned, you can certainly use AD to stop a user from opening a db file, ...but as I stated, AD will not restrict what objects they can access once they are allowed in.
You also stated:
How can I leverage Active Directory groups inside the ACCDB database to control the security?...this implies that you may also want to control what a user can, and cannot do once inside the DB.
Again AFAIK, this is not possible with AD.
JeffCoachman
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I think we're going to be OK with the Environ() approach, possibly using sort of user table along with it. For the most part, it's a wide-open internal database...but there's a handful of screens that need to be restricted and that's where this particular issue comes in.
Thanks a lot for your input.
Thanks a lot for your input.
If you need a higher level of security then consider moving to one of the SQL Server variants for the backend.
JeffCoachman