Hello,

I want to setup logins (user & password) for an Access DB and assign
different levels privileges to those users. Is this possible in
Access? Thanks in advance.

Joe Smith wrote:

What version of Access are you using?

The following is useful if your system is below A2007.
http://support.microsoft.com/kb/207793

Tom van Stiphout provided a sample mdb using ActiveDirectory for
security but I don't know the link to it. it was called AD_Sample.mdb.
Useful if people use ActiveDirectory.

Hi, Salad

Salad wrote:
May I help you ;-)

http://www.accesssecurityblog.com/po...Directory.aspx

Regards
Jens

Salad <salad (AT) oilandvinegar (DOT) com> wrote in
news:AP6dnQy7bOOyFw_RnZ2dnUVZ_jCdnZ2d (AT) earthlink (DOT) com:

Why do you say it's inapplicable to A2007 and A2010? Jet ULS is
still available with MDB format. I didn't reread the specifics of
the article. Does it refer to pre-2007 menu choices or something?

Well, AD can't really replace Jet ULS, since it can't actually
control permissions at the db engine level. It's only useful for
program-level control (e.g., making a form read-only for users who
aren't in a certain NTFS user group).

Also, you don't need Active Directory for most of this, just the API
functions for plain old NTFS security, which allows access to user
logon information and NTFS security group membership. It's only if
you need AD-specific information (such as Organizational Units) that
AD is required. I think a lot of people don't quite understand that
AD is an interface to NTFS security, not a security layer in itself,
and that most of what's exposed in AD is available by using APIs
directly.

--
David W. Fenton http://www.dfenton.com/
contact via website only http://www.dfenton.com/DFA/

"Jens Schilling" <JensSchillingBitteLoeschen (AT) fissership (DOT) de> wrote in
news:i6utsq$4on$03$1 (AT) news (DOT) t-online.com:

Is there anything in there that really requires AD? So far as I can
see, it's just using the standard NTFS security groups and such, so
I see no reason to use AD for that at all.

--
David W. Fenton http://www.dfenton.com/
contact via website only http://www.dfenton.com/DFA/

On Sep 17, 5:27*pm, "David W. Fenton" <NoEm... (AT) SeeSignature (DOT) invalid>
wrote:
Thank you all for the input. I've been reading that user-level
security is not part of A2007. Would it be easier to implement this
with A2003?

PS: David Fenton,
Interesting information about AD. I did not know that it was mostly
for interfacing NTFS security.

Joe Smith <bucbarrydb (AT) gmail (DOT) com> wrote in
news:4733d27c-8aeb-45ae-b68b-fa13ac7df61a (AT) f26g2000vbm (DOT) googlegroups.co
m:

ULS is of course part of A2007 if you're using a file format that
supports ULS, i.e., MDB. It's only the ACCDB format that doesn't
support ULS. Since A2007/A2010 can open MDB files, they also support
ULS (as well as replication).

It's entirely a file format issue, not an Access version issue.

The main purpose of Active Directory is to provide a better
interface for managing resources within a domain. It was a response
to tools that appeared first in other server OS's, particularly in
Novell Netware. From an Access point of view, it adds very little
(though theoretically, you can use SQL to retrieve the information,
using LDAP providers, something you can't do with plain vanilla
NTFS, i.e., bypassing AD). For the system administrator, it's a much
better organized interface, though. That's simply not that relevant
in the Access context, though.

--
David W. Fenton http://www.dfenton.com/
contact via website only http://www.dfenton.com/DFA/