Why does access security does not work under a different user acc.

[Alfons]

I have tried to set the ms-access security and created a new user account via
Extras - Security - user and group accounts (I try to translate it from the
German language version, so I 'm not sure whether it is exactly what apperas
in the English version, sorry!). Then I activated the login password by
setting it with the administrator account and - after a new start of access -
with one of the newly created user accounts. Everything works just fine! I
had to select the user and to supply the password in order to open the
database.

But when I login to my computer using a different Windows account and open
the Access database, the security settings are gone. Everybody can do
everything with the database. Logon to Windows (Win2000Pro) using the account
under which I created the access security restores the database security, I
have to provide the account name and passwrod when trying to open the
database.

I though it might be that the system.mdw file is created in the profile of a
specific Windows user. So, I deleted that file and created a new one with the
access procedure but placed that system.mdw file now in that directory which
has the database itself and which is accesible to all users. No better, same
behaviour as described above.

So what does access ecurity mean if everybody else has full access to the
database ecxept me?

Any suggestions out there? Thanks
Alfons

 

[Roger Carlson]

Get and read and re-read the MS Security FAQ. You can find a copy from
Microsoft or I have a copy on my website
(http://www.rogersaccesslibrary.com/knowledge.html) (top link).

Two things jump out at me. You should NOT use System.mdw for your security
file. You should give it another name. And second, you should create a
user with ADMIN rights and then give the Admin User minimal rights. When
Admin has full rights, if any user opens it with their own System.mdw file,
they will be Admin and have full rights.

Check the FAQ.

--
--Roger Carlson
Access Database Samples: www.rogersaccesslibrary.com
Want answers to your Access questions in your Email?
Free subscription:
http://peach.ease.lsoft.com/scripts/wa.exe?SUBED1=ACCESS-L

 

[alfonsweig]

Hi, I have read the FAQ (although it is obviously not for Access XP) and
followed the proposed steps.

- I created a new workgroup information file and stored it ina folder which
is accessible for every user (is this wrong? I thought if the mdw file is
somwhere within an user profile, another user will not be able to read it
(except system administrators).

- I created a new user and added this user to the administrator group;

- I removed the built-in administrator from the administrato group;

- I run the security wizard and created a new database;

- I gave the new administrator account all right (via the group policy)

- I removed all right from the built-in administrator account (although this
administrator was no longer member of the administrator group, it inherited
the full right from the original settings!!! does it make sense that a user
is removed from the administrator group but the rights do not change?)

- Now, the database seemed to be secured. Administrators do have full right,
users can only add entries but not change or delete.

But:
When I log on to Win2000 under a different account and open the database, I
was not asked for an Access user name nor a password I looked at the
security and found, the the database was opened using "administrator", the
default Access account. Moreover, none of the other users, I created before,
were available (which explains that no login information were asked while
opening the database).
Only the fact that I removed most of the right from the default
Administrator account prevented any other user to change or even delet my
database.

So, is it really true if I run the security wizard and do all the settings
described above, that it does not care if any other Windows user is openening
the database. We are using this database in our institute with 20+ coworkers.
Every user is accessing thid database from it own Windows account. How can I
make sure, that every user is asked to type in a user account and password
when opening the database?

Thanks (e.g. to those who already replied!)
Alfons

 

[hunanchangsha-1234]

Hi, I have read the FAQ (although it is obviously not for Access XP) and
followed the proposed steps.

- I created a new workgroup information file and stored it ina folder which
is accessible for every user (is this wrong? I thought if the mdw file is
somwhere within an user profile, another user will not be able to read it
(except system administrators).

- I created a new user and added this user to the administrator group;

- I removed the built-in administrator from the administrato group;

- I run the security wizard and created a new database;

- I gave the new administrator account all right (via the group policy)

- I removed all right from the built-in administrator account (although this
administrator was no longer member of the administrator group, it inherited
the full right from the original settings!!! does it make sense that a user
is removed from the administrator group but the rights do not change?)

- Now, the database seemed to be secured. Administrators do have full right,
users can only add entries but not change or delete.

But:
When I log on to Win2000 under a different account and open the database, I
was not asked for an Access user name nor a password I looked at the
security and found, the the database was opened using "administrator", the
default Access account. Moreover, none of the other users, I created before,
were available (which explains that no login information were asked while
opening the database).
Only the fact that I removed most of the right from the default
Administrator account prevented any other user to change or even delet my
database.

So, is it really true if I run the security wizard and do all the settings
described above, that it does not care if any other Windows user is openening
the database. We are using this database in our institute with 20+ coworkers.
Every user is accessing thid database from it own Windows account. How can I
make sure, that every user is asked to type in a user account and password
when opening the database?

Thanks (e.g. to those who already replied!)
Alfons