tags:

views:

720

answers:

7
+3  Q: 

Is there any way to authenticate user in a ms-access database?

I have a MS-access database. But it is on the shared drive. And it is required that only some selected number of people can use it. Is there a way to authenticate the user?

+4  A: 

Yes, open the database then run the Tools->Security->User-Level Security Wizard. It will step you through the process of creating a new workgroup file, creating users and groups, and securing the Access objects.

Patrick Cuff  2008-11-07 13:08:05
Does this stop a person from copying the actual file? Knox's solution seems to cover that.
jms  2008-11-07 13:45:15
They can copy the file, but without the workgroup file and a valid account they're not getting in (well, not without a whole lot of work).
Patrick Cuff  2008-11-07 14:19:35
Jet user-level security is pretty easily cracked. That doesn't make it useless, but it means you shouldn't count on it to protect your data from copying. Use NTFS file permissions to control access to the MDB and Jet user-level security to control access within your application. Both are necessary.
David-W-Fenton  2008-11-08 02:47:51
A: 

User-level security is not available in Access 2007.

Get started with Access 2007 security offers:

  • Trust (enable) the disabled content in a database
  • Use a password to encrypt or decrypt a database
  • Package, sign, and deploy an Office Access 2007 database
Remou  2008-11-07 13:31:56
+3  A: 

Since Access is file driven, why not create a folder in the shared drive and assign folder permissions to the appropriate people.

Knox  2008-11-07 13:37:35
Oh! I didn't think of that :)
Varun Mahajan  2008-11-07 13:53:48
Ensure that those who are allowed to use the database have full permissions and that those who are not allowed cannot open the database.
Remou  2008-11-07 13:59:45
A: 

If you are on a domain could you not use file level security to prevent users from accessing it?

osp70  2008-11-07 13:43:59
A: 

Two solutions:

  1. Place the Access file on a file share with permissions set appropriately. This doesn't work really well if you need to provide read-only access since Access can't write out the temporary .ldb file that it creates when opening an Access file (.mdb).

  2. Move the "data" of the Access file to a Sql Server instance... where you can permissions in SQL server to restrict what people can do. We use this method to provide readonly access to the everyone, and then specific people with read-write access. To move the data to SQL you would import it into a new SQL database and then link the tables into the Access file (renaming so that reports/queries/etc continue to work).

jeremyasnyder  2008-11-07 15:11:53
+2  A: 

Do both. Set access permissions on the directory AND create a new security file for it.

The directory is your front-line security, and limits access on a macro level

The security file can be used to segment access to the various tables, forms, reports, etc. You can even us it give some people read only access and others more full permissions.

CodeSlave  2008-11-07 15:26:46
A: 

I do all of this in VBA. In the switchboard Form_Open sub, Read the user name into a string variable with a windows API, then check to see if the user name in on your list of valid users. If OK, issue a welcome message, if not OK exit Access.

' check user Dim user As String Dim AuthorizedUser As Boolean user = UCase(CurrentUser())

AuthorizedUser = True
Select Case user
    Case "USER_A":
    Case "USER_B":
    Case "USER_C":     
    Case Else: AuthorizedUser = False
End Select

If AuthorizedUser = True Then
   MsgBox "Welcome authorized user " & user
Else
   MsgBox user & "is not Authorized. For access to this database contact User_A"
   DoCmd.Quit
End If
Mike  2009-01-06 19:34:28
Can't this just be circumvented by holding down shift while opening the database?
Leonard H Martin  2009-01-06 19:43:46
It could. Code lives in switchboard Form_Open sub, holding down the shift key disables opening the Switchboard when database opens. Not using this database for critical data, users have no experience with access, and only see compiled MDE file (no visibility to VBA). Good comment, thanks. --Mike
Mike  2009-01-11 03:28:15
Yeah, @Mike basically it's a good preventative measure if your attacker isn't smart. I'm afraid that we shouldn't assume this. Yes, compiled MDE files don't have access to the VBA code, but as Leonard pointed out, they can just bypass the password and have full access to the linked databases or queries. Pretty quickly a select statement turns into a drop table statement.
Nitrodist  2010-05-25 01:08:12

related questions

MS-Access design pattern for last value for a grouping
Best way to test a MS Access application?
How would you migrate hundreds of MS Access databases to a central service?
Is there anything wrong with this query?
Read Access File into a DataSet
MS Access Reporting - can it be pretty?
Import OLE Object from Access to MySQL
What's the best way to work with SQL Server data non-programmatically?
Is there a way to get ms-access to display images from external files
Using MS Access & ODBC to connect to a remote PostgreSQL
File database suggestion with support for multiple concurent users.
Delete Records from Access database, error while deleting
Converter for VB.NET Code to Linux Platform Exist?
Performance issues regarding Access 2003 and the OLE Object data type
Java code to import CSV into Access
Can you use LINQ tools such as SQLMetal with an access database?
Good Free Alternative To MS Access
Can DTS Test for Presence of MS-Access Table
How to filter by 2 fields when loading data into an access database table from an excel spreadsheet
Any tips on getting Rails to run with an Access back-end?
Disabling multi-line fields in MS Access
Access 2000 connecting to SQL Server 2005
Building an auditing system; MS Access frontend on SQL Server backend.
Is there a way for MS Access to grab the current Active Directory user?
Issues using MS Access as a front-end to a MySQL database back-end?