I use a tUser table:
userID
userName
Dept
Level
This does not store passwords. Users already have this using the Windows Login, to authenticate.
The tUsers table just validates that they can USE this database and their dept, and/or level (manager, etc)
you can further distribute the user's frontEnd using their network folder. So now you have permissions on this folder.
you make a form with text boxes for UserID, Password, Domain.
It checks this and lets them in the db.
1.check if user is in the tUser table
2.check with windows authentication. If they pass both, show the menu, else quit.
you would also build Level access in the forms (M=manager, A=admin):
btnFinance.enabled = goUser.Level = "M" or goUser.Level = "A"
btnAdmin.enabled = goUser.Level = "A"
CODE FOR USER AUTHENTICATION:
Code:
'form code
'-------------
Private Sub btnLogin_Click()
'-------------
Dim sUser As String, sPass As String, sDom As String
dim vID, vDbID
sUser = txtUser
sPass = txtPass
sDom = txtDom
vID= Environ("Username")
vDbID = Dlookup("[userId]","tUsers","[UserID]='" & vID & "'"
If WindowsLogin(sUser, sPass, sDom) and vID = vDbID Then
mbSafe = True
DoCmd.OpenForm "frmMainMenu"
DoCmd.OpenForm "frmLogin"
DoCmd.Close
Else
MsgBox "LOGIN INCORRECT", vbCritical, "Bad userid or password"
End If
End Sub
'-------------
Public Function WindowsLogin(ByVal strUserName As String, ByVal strpassword As String, ByVal strDomain As String) As Boolean
'-------------
'Authenticates user and password entered with Active Directory.
On Error GoTo IncorrectPassword
Dim oADsObject, oADsNamespace As Object
Dim strADsPath As String
strADsPath = "WinNT://" & strDomain
Set oADsObject = GetObject(strADsPath)
Set oADsNamespace = GetObject("WinNT:")
Set oADsObject = oADsNamespace.OpenDSObject(strADsPath, strDomain & "\" & strUserName, strpassword, 0)
WindowsLogin = True 'ACCESS GRANTED
ExitSub:
Exit Function
IncorrectPassword:
WindowsLogin = False 'ACCESS DENIED
Resume ExitSub
End Function
Code:
Public Function GetUserName()
Dim vName, vUserName, vUserDomain
Dim i As Integer
Set WSHnet = CreateObject("WScript.Network")
vUserName = WSHnet.UserName
vUserDomain = WSHnet.UserDomain
Set objUser = GetObject("WinNT://" & vUserDomain & "/" & vUserName & ",user")
i = InStr(objUser.FullName, "(")
If i = 0 Then
vName = objUser.FullName
Else
vName = Left(objUser.FullName, i - 1)
End If
GetUserName= vName
End Function