User-level Security Beginner

[Monty51]

As a follow-up to a previous post (again, my thanks to those that suggested things), I decided to purchase Access Password from thegrideon.com and was able to recover user names, passwords, and IDs from an Access application written by someone who passed away and left no documentation.

I'm a beginner to user-level security and I've only ever written databases for limited and special use, and not a lot of them at that, so the ins and outs of ULS is foreign. I'm pursuing information on the subject on-line, but I'd like to ask a simple question: now that I have user information, do those users need to exist on the Windows system I'm using or do they exist somewhere within Access? Also, the IDs I've recovered, are they the 'workgroup' these users need to belong to, and are those Windows workgroups?

Thanks.

[Xipooo]

That entirely depends on how the database was designed. You can use the Windows Login, or you can have database specific user accounts that don't tie in at all to Windows Logins.

Do a quick text search through the VBA code for Environ("username")

If you see it, that means you're using windows logins for something. If you don't then all accounts are being handled internally within the database.

[Monty51]

So far I'm not able to open the app code without executing it because there's still something I don't know about USL. I have however, the user names, groups, and IDs from the System.mdw file that is associated with and came with the application. You'd think that was all I needed, but since I'm still a beginner at this subject, I don't know if the user info I've extracted refers to logons to the system or to Access.

There's plenty of info on implementing USL, but not much on reverse engineering it. That's where I stand: still researching and studying.

[ssanfu]

Just found these... might be worth a read:
https://www.accessforums.net/code-re...iles-7703.html
http://www.nirsoft.net/utils/accesspv.html