Results 1 to 7 of 7
  1. #1
    Star Lounger
    Join Date
    Apr 2006
    Location
    California
    Posts
    69
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Jet Security (2007)

    The good news is the business of one of my clients has grown as a result of the Access application, now my challenge is to implement a multi-user security system. I've just read the chapters on Jet security in Access 2007 Bible. I'll need to read through it a couple of more times, but I think I understand most of the concepts. However, I have a basic question regarding FE+BE databases. Am I correct in understanding the process of creating groups, users and assigning permissions in the FE only secures user access to the BE tables via the FE, to secure the BE tables I need to separately secure the backend database with at least a password?

    Of course any additional tips are most welcomed.
    Marty

  2. #2
    Gold Lounger
    Join Date
    Feb 2004
    Location
    Cape Town, RSA
    Posts
    3,444
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Jet Security (2007)

    This is just my <img src=/S/2cents.gif border=0 alt=2cents width=15 height=15>, but I have always had the impression that one should secure the backend of the database where your data is stored. It is this database that needs the link to the workgroup info file that defines the users and groups that will access the data. If this database is secured, it does not matter what users do in the frontend. Unless you do not want users to modify the frontend, there is no need to secure it, which will provide them the ability for continued frontend development based on their needs. A good user/group level security on the backend is sufficient to keep the data safe.

    For more info about BE-FE security, have a look at this MSDN article: Securing a Front-end/Back-end Solution
    Regards,
    Rudi

  3. #3
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Jet Security (2007)

    Please keep in minde that Jet Security doesn't work in the new .accdb database file format introduced in Access 2007, only in the older .mdb format. And you need to use a trick to open the Workgroup Administrator tool that was available as a menu item in earlier versions.
    See:
    Set or change Access 2003 user-level security in Access 2007
    What happened to user-level security?
    How to use the Workgroup Administrator utility in Access 2007
    Security Considerations and Guidance for Access 2007

  4. #4
    Star Lounger
    Join Date
    Apr 2006
    Location
    California
    Posts
    69
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Jet Security (2007)

    Rudi,

    Thanks for the input and reference. Actually, in my case the data is not very sensitive, but it is complex and I only want changes made through the FE. Additionally, I don't want any changes made to the FE. I'll probably have more questions once I've read through what you and Hans have pointed me to.

    Marty

  5. #5
    Star Lounger
    Join Date
    Apr 2006
    Location
    California
    Posts
    69
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Jet Security (2007)

    Hans,

    Being brand new to the security scene I'm not exactly sure what your telling me. Are you saying the whole Groups, Users & Permissions don't work on .accdb's or that its different than the older .mdb security? I'm in the process of converting both the BE and therefore the FE to .accdb to take advantage of some of the new 2007 features. There seems to be Ribbon controls to set Groups, Users & Permissions and to create a secure accdb.

    In the meantime thanks for the references, I'll probably have more questions once I've read through the information.
    Marty

  6. #6
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Jet Security (2007)

    I don't have Access 2007 myself, but from the articles I posted links to I gather that user-level security with groups, users and permissions does *not* work in .accdb databases, only in .mdb databases.

  7. #7
    Gold Lounger
    Join Date
    Feb 2004
    Location
    Cape Town, RSA
    Posts
    3,444
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Jet Security (2007)

    Just to confirm what Hans is saying;

    If you open a 2003 database in 2007, all the 2003 security features are present on the ribbon, incl. the User Level Security Wizard. But when you create a new database in 2007, you do not get those options, only the Make ACCDE option.
    Attached Images Attached Images
    Regards,
    Rudi

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •