Introduction.
In versions of Microsoft Access before Access 2007, User-level and Object-level Security were reliable methods for protecting applications. I secured all my Access applications with User- and Group-level security, which proved highly effective when the applications were shared over a network. Because of this, I never needed to lock VBA modules with a password or convert the applications into a compiled form (MDE format) to prevent tampering. User-level security provided sufficient control to assign users precisely the level of access intended for them within the application.
If you wish to continue using this feature in Access 2007, you must avoid converting earlier databases (with the .mdb extension) to the newer .accdb format. Once converted, all User-level security settings are removed and cannot be reinstated. However, you can still maintain and use User-level security in Access 2007 as long as your databases remain in Access 2003 or earlier formats (with the .mdb extension).
Database Objects and Permissions
With User-level Security, you can control what users can do and what they should not do. Check the following table to get some idea as to how to set permissions on each object type and what they do:
| Permission | Applies to these objects | Result |
| Open/Run | Entire database, forms, reports, macros | Users can open or run the object, including procedures in code modules. |
| Open Exclusive | Entire database | Users can open a Database and lock out other users. |
| Read Design | Tables, queries, forms, macros, code modules | Users can open the listed objects in the Design view. Note: Whenever you grant access to the data in a table or query by assigning another permission, such as Read Data or Update Data, you also grant Read Design permissions because the design must be visible to correctly present and view the data. |
| Modify Design | Tables, queries, forms, macros, code modules | Users can change the design of the listed objects. |
| Administer | The entire database, tables, queries, forms, macros, and code modules | Users can assign permissions to the listed objects, even when the user or group does not own the object. |
| Read Data | Tables, queries | Users can read the data in a table or query. To grant user permissions to read queries, you must also give those user permissions to read the parent tables or queries. This setting implies Read Design permission, which means that users can read your table or query design in addition to the data. |
| Update Data | Tables, queries | Users can update the data in a table or query. Users must have permission to update the parent table or queries. This setting implies both Read Design and Read Data permissions. |
| Insert Data | Tables, queries | Users can insert data into a table or query. For queries, users must have permission to insert data into the parent tables or queries. This setting implies both Read Data and Read Design permissions. |
| Delete Data | Tables, queries | Users can delete data from a table or query. For queries, users must have permission to delete data from the parent Tables or Queries. This setting implies both Read Data and Read Design permissions. |
Earlier Post Link References:
No comments:
Post a Comment
Comments subject to moderation before publishing.