Administrator Security

[aceavl via AccessMonster.com]

hi!
i'm having a problem, i have converted the DB into a MDE and split it.
have asigned user security.
the problem is that the "boss" wants to be able to change passwords and
add/delete users and asign level security. BUT what i don't want him to be
able to do is to change MY password or delete me from the DB! how do i give
him permision to do all those things?
I'm the owner of the DB, if i give him administrator priviledge he can change
the owner!

thanks

 

[Joan Wild]

If you give him permission to add/delete users, then you can't deny him the ability to delete your username.

I would suggest that you give him the necessary permissions, but keep a backup of the mdw that does have your username in it.

 

[8020]

I have a related problem that I hope you can help me with. I want a user to
be able to add/remove users and allocate them to groups but, I don't want
them to be able to change the permissions on any objects. How can this be
done? Thanks in advance.

If you give him permission to add/delete users, then you can't deny him the ability to delete your username.

I would suggest that you give him the necessary permissions, but keep a backup of the mdw that does have your username in it.

 

[Joan Wild]

Check out section 33 of the security FAQ.

http://support.microsoft.com/?id=207793

You set up a separate mdw for production use. The Admins Group in it is different than the one in your development mdw, and therefore can't change permissions, but can add/delete users. Read the section for more details.

 

[aceavl via AccessMonster.com]

Thank you Joan!
that was what i was looking for!

 

[8020]

Thanks for the link, much appreciated. Also, thanks to Jack for his
excellent article on security found at http://www.geocities.com/jacksonmacd/