I've been doing some work with resetting the user-level security
permissions on one of our databases and now am confused and have a
headache.

I am trying to remove all of the permissions from the admin user and
its associated group (The admin user is only in the Users group). The
admin user and the Users group have been stripped of all permissions,
but for some silly reason I can double-click on the database and view/
edit all of the tables. However, if I try to login with the admin
user using a different workgroup file, I cannot even open the
database! I thought the admin user always mapped to the same SID, so
I am confused as to why the database is exhibiting this behavior.

Please, restore my sanity with some insight into this issue.

Thanks.

Vincent

"Rick Brandt" <rickbrandt2 (AT) hotmail (DOT) com> wrote

Yes, a key step is changing ownership of the database. That's why I advise
scanning, reading, carefully re-reading, and repeating the careful
re-reading until you are completely oversaturated with Access Security, the
Access Security FAQ. It is 39 pages of pertinent information, with no
"filler" material. In Access 2.0 days, author Roger Jennings described
Access' Security as "labrynthine" and that is still an accurate assessment.
Find the Security FAQ via http://support.microsoft.com/kb/207793.

There is another FAQ for Security in 2007, if you are a member of Microsoft
Software Developer Network (MSDN),
http://msdn2.microsoft.com/en-us/library/bb421308.aspx.


Larry Linson, Microsoft Office Access MVP
Co-author: "Microsoft Access Small Business Solutions", published by Wiley
Access newsgroup support is alive and well in USENET
comp.databases.ms-access

Vincent wrote:

Admin is still the owner of everything.

On Jun 2, 8:04*pm, "Access Developer" <accde... (AT) gmail (DOT) com> wrote:
The ownership of all items has been removed from the admin user. I am
wondering if this is a bug. I found the following statement in the MS
Access Security FAQ:

"The Access 2000 Security Wizard removes permissions to the point
where they are not visible on the security menus, but testing has
revealed that in Access 2000 it is possible to open a database by
using the default workgroup information file regardless of the menu
settings. The cure for both versions of Access is to create a new,
empty database while logged on as a member of the Admins group and
import all of the objects from the secured database...."

I am using an Access 2000 format database, so this may be the issue.
I don't look forward to reimporting all of the objects in all of the
databases that we manage. Does anyone know of a different "fix" for
this issue?

On Jun 3, 10:40*am, Vincent <animedrea... (AT) verizon (DOT) net> wrote:
Okay--for those others that are thoroughly confused by Access
security, I THINK what happened in my posted scenario was that a
couple of the databases were created with the default system.mdw file
instead of our custom workgroup file. This accounted for the
different behavior I saw in the admin account. Recreating the
database with the custom workgroup file and reimporting all of the
tables seems to have corrected the issue I was seeing. Also, if
anyone is struggling with Access security, I came across a nice
website. It is a nice complement to the Access Security FAQ mentioned
above.

http://www.grahamwideman.com/gw/tech...ssec/index.htm

Cheers,

Vincent

Vincent wrote:

Oh, you used the wizard. Don't do that with Access 2000 :-)

Personally I wouldn't use them ever, but the 2000 version was definitely
messed up.