Results 1 to 5 of 5
  1. #1
    alsaf is offline Novice
    Windows XP Access 2003
    Join Date
    Aug 2011
    Posts
    12

    Alternative to user level security?


    There is a process in my work that requires two authorisations. This is done by the first authoriser sending an email with an attached process request to the second authoriser who then forwards it my team. I am working on an idea to convert this authorisation process converted to an Access database. The only requirement is security as obviously the first authoriser is unable to second authorise a request. I propose to do this by encrypting the database, set startup options to limit access and implement user-level security. One of the complaints in my team is that we have too many passwords to remember. Adding user-level security will require us to remember another password. I was thinking, is it possible, rather than using user-level security, to totally limit access to tables and forms via the vba environ("username") value?

  2. #2
    rpeare is offline VIP
    Windows XP Access 2003
    Join Date
    Jul 2011
    Posts
    5,442
    yes, you can do it this way you would just have to have a table within your database with the correct permissions for every person that may access your database, and if they are not have a pop up warning them that they are not set up and they need to contact you.

  3. #3
    alsaf is offline Novice
    Windows XP Access 2003
    Join Date
    Aug 2011
    Posts
    12
    Thanks rpeare. I had thought this could be another solution but I wanted to if there was any known security/design flaws with using the environ method. Is there any good tutorials about splitting a database into back-end and front-end as welling as dealing with security/design issues?

  4. #4
    rpeare is offline VIP
    Windows XP Access 2003
    Join Date
    Jul 2011
    Posts
    5,442
    the front end/back end question is simple. There's a tool within access that will do the work for you, you don't really have to do anything. Other than that a back end ONLY contains tables a front end contains linked tables (to the back end) and all the forms, queries, reports etc. There's no magic to it really it's just separating your raw data from the users so they can't change the design of the tables.

    Security and access do not go hand in hand, if someone knows their way around access they can likely get around most of the mundane stumbling blocks you put on them. The only real way that I know of to prevent users from doing things they shouldn't is to make your database an .mde (self executable database) and only give them the run time components to work the database. If they have a full version of access, and they know what they're doing they can pretty much do what they want. I haven't worked with workgroups but there may be a way to limit data access etc through that method as well.

    For the average user any simple roadblock will likely keep them from doing something crazy to your database. As far as flaws with the environ username the biggest problem would be if someone sits at someone else's computer and starts using the database, if you can prevent that by office policy then I don't think you'll have to much trouble otherwise.

  5. #5
    alsaf is offline Novice
    Windows XP Access 2003
    Join Date
    Aug 2011
    Posts
    12
    I didn't realise the FE/BE design was that easy! In regards to your reply about security, it put a smile on my face. The other concern about my idea was the question of technical support which I found incredible as it will only be a simple database with a forms front-end! There is a ignorance that databases are so complex and it really annoys me with my work as a lot of data is stored on spreadsheets whereas if it was changed to database format, a lot of manual tasks around it could be eliminated. Tbh, I could give the people in at work any old flannel and they would be none the wiser but I want to get it right so I can make the case for greater use of MS Access.

Please reply to this thread with any new information or opinions.

Similar Threads

  1. Get User Automatically and Security Level example
    By pkstormy in forum Code Repository
    Replies: 2
    Last Post: 12-10-2015, 12:11 PM
  2. User Level Security eliminated?
    By mjhopler in forum Security
    Replies: 6
    Last Post: 09-29-2011, 05:14 PM
  3. Replies: 1
    Last Post: 08-13-2011, 04:44 AM
  4. Replies: 8
    Last Post: 06-30-2010, 10:57 PM
  5. User level security question
    By genesis in forum Security
    Replies: 1
    Last Post: 07-08-2009, 10:10 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Other Forums: Microsoft Office Forums