Users locked out of Access 97 database

Users locked out of Access 97 database

Post by aXRraXd » Fri, 11 Mar 2005 20:53:04


I am using VB6 with an Access 97 database, with up to about 6 users requiring
simultaneous access. There is no security on the database. I have
implemented my own record locking protection. How do I ensure that users
will not be locked out of the database ?
 
 
 

Users locked out of Access 97 database

Post by Ralp » Sat, 12 Mar 2005 00:25:01


about 6 users requiring
database. I have
ensure that users

[Warning. Totally unsatisfactory replies follow...]

Abandon your 'custom record locking protection'. Look
up "User-Level Security", Ownership, and Workgroups in
the MSAccess help. Or...

Plan 'B', wrap all transactions in COM+/MTS. Or...

Plan 'C', (or Plan '9' From Outer Space depending. <g>),
create an ActiveX Exe to monitor and control access to
the single resource.

-ralph

 
 
 

Users locked out of Access 97 database

Post by aXRraXd » Tue, 15 Mar 2005 06:51:26

Plan A
Ie done a lot of reading, and think Ie figured out what I need to do. I
should add that I using DAO.
1. Using Access, convert my database from Access 97 to Access 2000. I
not sure if this is necessary, but Ie been advised to do it by my MIS
department, as they don support Access 97.

2. Using Access, create a workgroup information file with all my users in
this workgroup. Because my data is not super confidential, and for the last
6 years, there has been no login process, I will use the username from the
network, and include a ominaluser password in my connection string. This
could be the same for each user. This way, I can control who uses the
application, without any overbearing security.
Question. Where should the MDW file reside, and should there be any
security on this folder ?

3. Update my application dependencies from Jet 3.51 to Jet 4.

4. Rewrite my VB code to open the database in shared mode, read only mode.
This will be the general rowsingmode of use.

5. Remove my custom record locking code from the application.

6. To edit a record, open another connection in ReadWrite mode, dited
Record(pessimistic locking).

Is there anything wrong, or anything Ie forgotten ?

Thanks.


>
>> >> >-----Original Message----> >> >I am using VB6 with an Access 97 database, with up to>
> about 6 users requiring> >> >simultaneous access. There is no security on the>
> database. I have> >> >implemented my own record locking protection. How do I>
> ensure that users> >> >will not be locked out of the database > >> >> >> >
>>
> [Warning. Totally unsatisfactory replies follow...>
>>
> Abandon your 'custom record locking protection'. Look>
> up "User-Level Security", Ownership, and Workgroups in>
> the MSAccess help. Or..>
>>
> Plan 'B', wrap all transactions in COM+/MTS. Or..>
>>
> Plan 'C', (or Plan '9' From Outer Space depending.&<t;),>
> create an ActiveX Exe to monitor and control access to>
> the single resource>
>>
> -ralp>
>>
>
 
 
 

Users locked out of Access 97 database

Post by Ralp » Tue, 15 Mar 2005 13:59:50

"itkiwi" < XXXX@XXXXX.COM > wrote in message
news: XXXX@XXXXX.COM ...
I
last
This
mode.


Sounds good. Any additional actions will depend on YOUR problem domain and
what kind of problems you run into later down the road (if any).


It should be a 'common' place where all clients can get to it. Where depends
on your architecture. Read up on the problems with a 'development'
environment and a 'production' one - the hassles of accidently becoming the
'owner'. You will have to come up with a 'deployment' strategy.

Security is purely an issue of how much and from who. (How about that for
dodging the question. <g>) Since Access itself is a 'file-based' system -
first level of protection is to use 'file-based' ACLs to limit access to
both the database and supporting files.

You may want to envoke encryption - it depends.

Unfortunately security is not a simple extra 'tack-on' and more is not
necessarily better. Each layer of protection carries with it a new impact on
design, deployment, or even performance - or 'trade-off' if you will. Also
there is a limit of just how much you can do at the application layer.
Serious security schemes involved active decisions and participation by the
whole domain if not enterprise.

hth
-ralph