Share this Page URL

Chapter 19. Linking Jet Applications to ... > Changing Database Group and User Per... - Pg. 825

Linking Jet Applications to Client/Server Tables 825 The owner of all the objects in the new database is the user ID you entered when you opened the source database. Only members of the Admins and Project Designers groups have design access of any kind to the newly secured database. You must provide the VBA code password to other members of the Admins group and to all Project Designers. Note This chapter uses the term user ID to identify users of Access. Internally, Access uses a system ID (SID) to identify users. The SID is a value that Access computes from the user ID, password, and PID. The SID is stored in the MSysUsers table of System.mdw as an encrypted binary value in a field of the Binary (varbinary) data type. Securing Jet Back-End Databases If you use Jet as the database back end, it's important to secure the back-end tables against ex- ploration by unauthorized users. All users need read/write access to the shared folder, but only groups having the authority to update tables need write permissions for the back-end .mdb. 1. 2. 3. Open the back-end .mdb file with the new account you added with Admins permissions. Repeat steps 2­12 of the preceding procedure. You must specify the same groups you speci- fied in step 4, but you don't need to add users to the groups in step 7. Close Access, and reopen the front-end .mdb file with the test user accounts to verify appro- priate read-only and read/write access to the encrypted back-end Jet database. You can run the User-Level Security Wizard multiple times to alter permissions for either front-end or back-end databases. Changing Database Group and User Permissions After you design your hierarchy of permissions and add initial user groups and users with the User- Level Security Wizard, you can change individual group and user permissions, and ownership for each of the objects in your database. Only members of the Admins group can alter permissions for Groups or Users or reassign ownership of objects. The Permissions check boxes that are enabled depend on the type of object you choose. Open/Run, for example, is enabled only for database, form, report, and macro objects. If you have a large number of users who need different permissions for application and table objects, prepare a checklist for group permissions and the group membership of users. Excel is useful for creating this type of checklist. Keep a printed copy of the checklist with the snapshot file you printed when running the Security Wizard. To change the object permissions for a user or group, do the following: 1. As a member of the Admins group, open the database for which permissions are to be granted or revoked with the appropriate workgroup system database active. For this example, you've decided to grant Admins permissions for forms and reports to the Project Designers group. (Pages and modules don't use Jet security.) Choose Tools, Security, User and Group Permissions to open the User and Group Permis- sions dialog. Users is the default option, which displays the permissions for individual users. Select the user account, ProjDesrsTest for this example. Tip from 2. 3.