eemmpph
asked on
How can I give permissions for some users to "update" an Access 2002 database (which is located in a folder on the Server), while limiting others to "read" only?
I have a Microsoft Access 2002 database located on the Server: C:\AA\Vault\clients.mdb
Currently, all users have full access (add / change / delete / read / write / modify) to C:\AA\Vault\clients.mdb
Our new office policy wants to limit access as follows:
2 users (A and K) should be allowed to update (add / change / delete / read / write / modify) database records
3 users (C, J and S) should "only" be allowed to "read/search" database records
How would I go about setting permissions, to enforce the new policy?
Two thoughts come to mind:
Create two separate folders, one for updates and one for read only. Then have a scheduled task copy clients.mdb from the "updates" folder to the "read" only folder.
or
Create two database access groups in Active Directory, assign the 2 users to Update_Group, and assigned the 3 users to a "read_only group", then assign those permissions to the database: C:\AA\Vault\clients.mdb
However, I would prefer to check with you experts, who are more knowledgeable than myself.
Thanks for your help.
Currently, all users have full access (add / change / delete / read / write / modify) to C:\AA\Vault\clients.mdb
Our new office policy wants to limit access as follows:
2 users (A and K) should be allowed to update (add / change / delete / read / write / modify) database records
3 users (C, J and S) should "only" be allowed to "read/search" database records
How would I go about setting permissions, to enforce the new policy?
Two thoughts come to mind:
Create two separate folders, one for updates and one for read only. Then have a scheduled task copy clients.mdb from the "updates" folder to the "read" only folder.
or
Create two database access groups in Active Directory, assign the 2 users to Update_Group, and assigned the 3 users to a "read_only group", then assign those permissions to the database: C:\AA\Vault\clients.mdb
However, I would prefer to check with you experts, who are more knowledgeable than myself.
Thanks for your help.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
To McKnife, while that solution did work, it brought up additional issues: For example, it said this to the "read only" user: "This database is read only, to make design changes, save a copy of the database. Save-As ..." This kind of defeats the purpose for securing the original database file.
To Jim Dettman, I believe your solution would work for me, by allowing the app to control "access" to the database.
To Jim Dettman, I believe your solution would work for me, by allowing the app to control "access" to the database.
ASKER
Thank you. I appreciate your help in finding the solution which would work best for me.
To help with that, you would use code in the app (similar to the code below) o determine the user.
Then based on that, you might enable/disable various menu options, or in opening a form, set AllowEdits to False for example.
Jim.
Then based on that, you might enable/disable various menu options, or in opening a form, set AllowEdits to False for example.
Jim.
Private Declare Function GetComputerNameA Lib "kernel32" (ByVal lpBuffer As String, nSize As Long) As Long
Private Declare Function GetUserNameA Lib "advapi32.dll" (ByVal lpBuffer As String, nSize As Long) As Long
Public Function WhoAmI(bReturnUserName As Boolean) As String
' Function returns either user name or computer name
Dim strName As String * 255
10 If bReturnUserName = True Then
20 GetUserNameA strName, Len(strName)
30 Else
40 GetComputerNameA strName, Len(strName)
50 End If
60 WhoAmI = left$(strName, InStr(strName, vbNullChar) - 1)
End Function
ASKER