Secure shortcut Unsecure File

[Matt W.]

When opening the shortcut, security works fine. When opening the main .mdb it
opens without security. Well if people learn the path won't they be able to
open the original file and see everything? If I have the original .mdb put in
a network folder that is inaccessible to them, will they be able to view the
information in the database via shortcut?

-Since they can't open your secure mdb while joined to the system.mdw, that's
-a good sign that you secured it properly. Leave them joined to system.mdw
-and provide a desktop shortcut for your secure mdb.

-All sessions will default to using system.mdw. When they use the desktop
-shortcut, the default mdw is over-ridden and your secure mdw is used. The
-target of the shortcut would look like:

-"path to msaccess.exe" "path to mdb" /wrkgrp "path to secure mdw"

 

[Joan Wild]

When opening the shortcut, security works fine. When opening the main .mdb
it
opens without security.

If that's the case, then you missed a step in securing it. They shouldn't
be able to even open the mdb unless they use the right mdw file.

Well if people learn the path won't they be able to
open the original file and see everything? If I have the original .mdb put
in
a network folder that is inaccessible to them, will they be able to view
the
information in the database via shortcut?

All users need modify permission on the folder where the mdb is located.

 

[Matt W.]

Joan,
I followed your instructions
http://www.jmwild.com/security02.htm

I did steps 1-15, then 22-32. Step 21 says it is recommended to choose "i
want to create a shortcut to open my secured database" Your instructions had
me skip this step as i started with step 1. Do you think this is where my
problem lies? If so, is there a way i can modify this mdw or do i need to
create a new one and should i start with step 16?

Thanks for your help.

 

[Joan Wild]

That particular step wouldn't cause your problem.

As I understand you, you have a shortcut with the following in the target:
"path to msaccess.exe" "path to mdb" /wrkgrp "path to secure mdw"

What do you mean when you say 'open the main mdb'?

As for the security, it is impossible for me to know what step you
overlooked. Can you verify (via the Tools, Security, permissions dialog)
what user owns every object, and also verify that the Users Group does not
have permission to anything.

 

[Matt W.]

I own every object. The users group has permission to open/run in the
Database object type. Should this be unchecked?

What do you mean when you say 'open the main mdb'?

I mean by not using the shortcut

 

[Joan Wild]

I own every object. The users group has permission to open/run in the
Database object type. Should this be unchecked?

Yes it should; that group should have no permission to anything.

I mean by not using the shortcut

So just a double-click in Windows Explorer? Once you remove permissions to
the Users Group, you shouldn't be able to do this.