Results 1 to 12 of 12
  1. #1
    Star Lounger
    Join Date
    Jan 2008
    Posts
    51
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I have a database created with Access 2003. In hindsight, I should have purchased the Office 2003 Developer edition, but I just have the professional version of Office. I now need to create a version of the database that runs on machines without MS Office, so I need the Developer Extensions or VSTO. VSTO is no longer available for Office 2003, so I looked at Access 2007 since the runtime can be created and distributed for free from that product. This does not appear to support user logins, however, since that feature is no longer supported under Access 2007. Is there any alternative to using Access logins to restrict entry to a database? This database is split (front-end with forms, queries and reports, back-end on the file-server), but the user wants to limit access to authorized personnel. The database was fine when only 2 or three people accessed it, but they want to expand to 14, and don't want to buy 12 new copies of Access 2007. A simple database password is not going to be good enough because they want to restrict the data that can be viewed based on the user login in which case each user needs their own login. Access 2003 user security was perfect. What do I do now?

  2. #2
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts
    I don't have Access 2007 or its runtime myself, so I can't test.

    Access 2007 doesn't support user-level security in the new .accdb format. User-level security still works in .mdb databases under Access 2007 ([s]although no user interface to manage it any more[/s]). This makes me think that user-level security might also work in .mdb databases under Access 2007 Runtime. As I mentioned at the beginning, I can't test it myself but it's worth a try.

  3. #3
    Star Lounger
    Join Date
    Jan 2008
    Posts
    51
    Thanks
    0
    Thanked 0 Times in 0 Posts
    [quote name='HansV' post='786301' date='26-Jul-2009 14:05']I don't have Access 2007 or its runtime myself, so I can't test.

    Access 2007 doesn't support user-level security in the new .accdb format. User-level security still works in .mdb databases under Access 2007 (although no user interface to manage it any more). This makes me think that user-level security might also work in .mdb databases under Access 2007 Runtime. As I mentioned at the beginning, I can't test it myself but it's worth a try.[/quote]

    Good thought - I thought the same myself. Unfortunately, as soon as you try to implement the runtime, despite the fact that it's an .mdb, the user-level security is disabled. I REALLY am not a fan of Access 2007. Is there any other 3rd-party product out there that would give me login functionality? Something windows-based that can somehow be tied into Access? I know I can check for the User's Windows login using VBA. Could I somehow tie this into a security interface? Part of the switchboard or form used to access the data-entry forms? I like the ability to force tables to be read-only. Any suggestions of how I could do this via VBA instead?

  4. #4
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts
    I think it really is a pity that Microsoft decided to scrap user-level security. It may not be perfect, but it is a fairly robust and relatively easy to implement way of securing a database at the database engine level.
    You can build your own security into the front end of course, but this leaves the backend database unprotected - anyone who knows how to open it directly (or to link to it) can view all data.

    Alan Cossey over at Utter Access wrote a replacement for user-level security in Access 2007 - see vPPC Security Toolkit (VST). You might give it a try.

  5. #5
    Star Lounger
    Join Date
    Jan 2008
    Posts
    51
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks, Hans! You always come through for me! I too am extremely disappointed by the number of features (such as user security and data-access pages) that have been removed from the 2007 product. I'm also disappointed that the 2003 Developer extensions are no longer available for those of us who would rather not move to the 2007 version because of these exclusions. I've downloaded the most current version of this toolkit, and will give it a try. Thanks again for your help!

  6. #6
    3 Star Lounger
    Join Date
    Apr 2002
    Location
    Redditch, Worcestershire, England
    Posts
    233
    Thanks
    0
    Thanked 22 Times in 21 Posts
    Are you absolutely sure that the 2007 runtime disables security? My understanding was that 2007 would respect user security on a legacy 2003 mdb + mdw if it already existed, even though you couldn't maintain security features any more.

  7. #7
    Super Moderator
    Join Date
    Jun 2002
    Location
    Mt Macedon, Victoria, Australia
    Posts
    3,993
    Thanks
    1
    Thanked 45 Times in 44 Posts
    [quote name='HansV' post='786301' date='27-Jul-2009 02:05']User-level security still works in .mdb databases under Access 2007 (although no user interface to manage it any more).[/quote]

    For mdb files the user interface for Security has not changed.
    [attachment=84866:Secuity2007.gif]
    Attached Images Attached Images
    Regards
    John



  8. #8
    Star Lounger
    Join Date
    Jan 2008
    Posts
    51
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You're correct. User-level security has NOT changed if you are using an .mdb file under Access 2007. That's not what I'm doing, though. I'm creating a runtime version of an mdb using Access 2007 to create it because I do not have the Developer Extensions for Access 2003. When I create the runtime version, the user-level security is disabled. Try it. Sorry to burst your bubble!

  9. #9
    Super Moderator
    Join Date
    Jun 2002
    Location
    Mt Macedon, Victoria, Australia
    Posts
    3,993
    Thanks
    1
    Thanked 45 Times in 44 Posts
    [quote name='odeus' post='786343' date='27-Jul-2009 10:53']You're correct. User-level security has NOT changed if you are using an .mdb file under Access 2007. That's not what I'm doing, though. I'm creating a runtime version of an mdb using Access 2007 to create it because I do not have the Developer Extensions for Access 2003. When I create the runtime version, the user-level security is disabled. Try it. Sorry to burst your bubble![/quote]
    I was not trying to answer your question, but merely correct what I saw as incorrect information in Hans post about the interface.

    I answer to another issue you have raised, I sometimes use the Windows Logon to provide a basic security function, where full security is not required.
    The implementation varies a bit according the the situation, in one recent case I had two groups of users. Most had limited rights, but 2 or 3 were to have a range of extra rights. So I had a table that stores to Windows Logons of the users who were to have these Admin rights. Then in the OnLoad event of the Menu (and some other forms) I check the status of the user, and take action accordingly.
    Regards
    John



  10. #10
    Star Lounger
    Join Date
    Jan 2008
    Posts
    51
    Thanks
    0
    Thanked 0 Times in 0 Posts
    [quote name='johnhutchison' post='786345' date='26-Jul-2009 23:02']I was not trying to answer your question, but merely correct what I saw as incorrect information in Hans post about the interface.

    I answer to another issue you have raised, I sometimes use the Windows Logon to provide a basic security function, where full security is not required.
    The implementation varies a bit according the the situation, in one recent case I had two groups of users. Most had limited rights, but 2 or 3 were to have a range of extra rights. So I had a table that stores to Windows Logons of the users who were to have these Admin rights. Then in the OnLoad event of the Menu (and some other forms) I check the status of the user, and take action accordingly.[/quote]

    Thanks for clarifying. The link Hans sent is an excellent full-fledged solution to the problem I'm experiencing, but if I find it too overwhelming (which is always a possibility), I may come back to look only at Windows Logons instead. Thanks for your input.

  11. #11
    Super Moderator
    Join Date
    Aug 2001
    Location
    Evergreen, CO, USA
    Posts
    6,623
    Thanks
    3
    Thanked 60 Times in 60 Posts
    [quote name='odeus' post='786300' date='26-Jul-2009 07:47']... The database was fine when only 2 or three people accessed it, but they want to expand to 14, and don't want to buy 12 new copies of Access 2007. A simple database password is not going to be good enough because they want to restrict the data that can be viewed based on the user login in which case each user needs their own login. Access 2003 user security was perfect. What do I do now?[/quote]
    As others have observed, you can use Access User Security with the full version of Access 2007, and we do that regularly. The biggest pain is getting the Workgroup Administrator to run. But has your client considered the cost of developing an alternate security scheme in comparison to having you implement an alternative security feature? Access can be purchased by itself, and that shouldn't be more than $US 1500 or so. It is easy to burn that in development and end up with nothing.

    As a conincidence, today we are trying to work through some other limitations of the runtime version, and finding it very difficult. Our normal approach to clients is that you have to have the full version.
    Wendell

  12. #12
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts
    John, thanks for the correction. Since I don't have Access 2007 myself, I have to go by what I find in Google, and that is not always dependable. I will edit my erroneous reply.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •