I have split the front end from the back end on my database. It's
working fine for the most part but the way I'm doing security has me
thinking there has to be a better way.

Security is doing two things:
keeping non back end admins from changing tables.
keeping non front end admins from changing layouts.

Because I have to have security on the front end layout to keep people
from changing layouts I can't simply disable it's security. This means
I have security on both front and backend files. And that means every
user has to be entered in both files and thats driving me nuts.

Is there some way to giver users access to the front end with out
having to create accounts in the front end? Guest seemed like a likely
option but it would require users to click guest and then login to the
back end seperately. Currently users login once and get into both
files (front and back end). I'd like to make sure it stays that simple
for them.

Any ideas most welcome, thanks in advance

Russ

kosherpiggy (AT) hotmail (DOT) com wrote:

Assuming one log-in to back end is acceptable, can you not create a
single limited access account in front end that would automatically log
everyone in as the same user through an opening script? Nothing to
click.

Mat

That's an interesting idea but it has two problems: 1) I need the
front end to have the 'generic' log in not the back end. The backend
has calculated fields that keep track of who did what. 2) I've no idea
how to use a script to log people on.

Here's what I'd like to have happen:
Opening front end results in a logon prompt

if user is a full admin grant full access and logon to backend using
same user/pass
if user is a front end admin grant access to edit layouts and
automaticly logon to backend using same user/pass
if user is neither from above grant 'generic' or 'guest' access to the
front end but log into the backend using the same user/pass

It amounts to the front end saying "I've never heard of you so you get
default access" then passing on the user/pass to the backend so the
backend can decide what it wants to do about them.

This way I'd only have to manage users in the front end who have some
special access to the front end. While in the backend I can still
control access on an individual level.

If that's posible using an opening script please let me know.

Thanks for the responce by the way.

Russ

kosherpiggy (AT) hotmail (DOT) com wrote:

Take a look at the script steps under the Accounts category in
ScriptMaker.

The Re-Login step, for instance, can be run in a startup script to log
the user in as whomever you want them logged in as, with or without a
password. Do that conditionally so that if you're holding down a
modifier key (see Get (ActiveModifierKeys) ) you could log in as Admin
for full access.

Using just that step, you could do conditional script routines to
perform your back end logins. All you have to do is create whatever
accounts are absolutely necessary.

Matt



--