Capture Network Userid as Access Login

[Athlonio]

I have a database that is being used over a network, and rather than set up a userid/password security for my database, I want to just base it on the network userid of the person accessing the database.

I can see that Access knows my Network ID, so I just need to have it use my Network ID as my login ID, instead of defaulting to "admin" as the user. This way, I can perform all of the security measures I want, without having to maintain a user base (ie. default Users group has all the access needed for the general user, and I'd only have to set up something special for power users as needed).

I searched the forums, and was unable to find how to grab the user's Network ID and automatically log them in as that user. Any help would be appreciated. Thanks!

 

[Mr. B]

Athlonio,

Here is a link that has the code you need.

http://www.mvps.org/access/api/api0008.htm

 

[Athlonio]

Thanks so much Mr. B. That does provide me exactly what I asked for. Now for my next step in the problem...

How do a make that userid I have just captured be the actual userid that the user is logging into the database with? Or change their current login to be that login? As mentioned before, I'm trying to avoid having a "login form". I just want their network ID to be their login ID for the database automatically.

Thanks again.

 

[Access Hero]

It depends on your backend. If you're using SQL Server, you can just use Windows authentication.

If you are using an Access backend, just limit access to the file/folder via Windows security.

 

[Mr. B]

Athlonio,

What I normally do when I just need to have a very simple control over who is using the database or certain forms, etc. is to create a table of Users. Then when the database opens you simply check to be sure that the UserID (NetName) is in the table. If not you just notify the user and close the database.

 

[Athlonio]

I'm not actually trying to restrict access to the database itself, I'm trying to restrict access WITHIN the database (ie. User and Group Permissions). I want any user who opens the database to be able to view the data. But I only want select users to be able to change things (edit queries, forms, etc.).

I know how to set up the user groups, etc. But everyone is showing up as logged in as "admin". I want them to actually show up logged as their Network ID, so that the accesses I provide in the User and Group Permissions take effect without having to maintain a seperate list of userids/passwords or having to set up a login form. I can just add the user(s) I want to specific groups and it knows when they access the database because it sees their Network ID (well, that's what I'm trying for, anyway).

 

[Access Hero]

Do you already have the Windows user name? How about:

MyVariable = Environ("USERNAME")

Maybe you can get a little farther along using the results of that.

 

[Athlonio]

I have that. I'm able to see what the Network ID is, I just don't know how to make that become the userid that the Access database recognizes as the "Current User". It shows "admin" for everyone.

I added a picture to help explain. When you open the User Group and Permissions dialog, it shows the Current User, which I'm assuming is the user the database is using to determine it's access level. This is the value I want to change, based on the person's Network ID. I want it to be set to their Network ID automatically. At our work place, you are not allowed to use someone else's Network Login, so it should always be the Network ID of the person logged into the workstation.

I am assuming it is as simple as setting a database variable to equal to Environ("USERNAME"). I just don't know the name of the variable to set in the startup form.

 

[Access Hero]

Look up global variable in help. You can get/set a global variable anywhere in your system, not just the "main form".

 

[boblarson]

Personally I would avoid the global variable. I use (thanks to Pat Hartman) a hidden form which holds the data I want and I just refer to it whenever I need. It is the first thing that opens so it is the last to close when the database closes. Simplicity of it is great and it never loses its value (I use an unbound text box for the user ID and another for the Security level) where a global variable can lose its value under certain circumstances.

 

[gemma-the-husky]

the names are two different things

the environ("username") is the windows login

access has its own security login, but by default everyone has an ACCESS login of Admin - you can see this by referring to the variable/function currentuser

if you activate access security (search for ULS in this forum) than access can limit certain users or (better) groups of users to be able to use and interact with, particular forms/reports etc

if you dont use access security - then you have to write your own based around your own login system (or using windows login).

 

[Athlonio]

The CurrentUser method returns the value of the userid that's logged into Access (ie. currently it's returning Admin). environ("username") is the userid that's logged into the network. Both of these I learned from the previous posters on this thread. Thanks for that. I can now see what the values are for each of the two. However...

How to I set the value of the CurrentUser to equal the value of the environ("username")?

 

[boblarson]

How to I set the value of the CurrentUser to equal the value of the environ("username")?

Make sure when you set up the user in User Level Security that you use their network login name.

 

[Wet_Blanket]

I'm looking for the same thing as Athlonio, but after reading this thread (and re-reading multiple times), I can't figure out what the answer is...

 

[gemma-the-husky]

I'm looking for the same thing as Athlonio, but after reading this thread (and re-reading multiple times), I can't figure out what the answer is...

access has inbuilt security - which you can use to manage who can do what, but this depends on people logging in to access as a separate process (nothing ot do with windows login) in fact access security is ALWAYS active, its just that be default everyone logs in as ADMIN, with full privileges to do anything.

if you want to use a windows login, then you have to manage your app yourself, with programming methods to limit what each user can do

 

[Ollie_3670]

access has inbuilt security - which you can use to manage who can do what, but this depends on people logging in to access as a separate process (nothing ot do with windows login) in fact access security is ALWAYS active, its just that be default everyone logs in as ADMIN, with full privileges to do anything.

Cheers, I could use that too, I'll have a go

 

[Wet_Blanket]

if you want to use a windows login, then you have to manage your app yourself, with programming methods to limit what each user can do

Do you have a recommended resource to help me figure out how to do this?

 

[Simon_MT]

I don't use Access' security at all. I instead have the Network login in the Employees file apply to the main Menu and simply use the Employees initials through the application.

I read years ago that Access' security was too easy to break so I never used it.

Simon

 

[vbaInet]

I don't use Access' security at all. I instead have the Network login in the Employees file apply to the main Menu and simply use the Employees initials through the application.

I read years ago that Access' security was too easy to break so I never used it.

Simon

The first security breach was like in 97' but they heightened the security. Although a very determined programmer can gain 'access to access'. hehe!

 

[gemma-the-husky]

I find access security very cumbersome

if you have a big app, and you want to rework it, its an absolute nightmare.

------------
the other thnig about ANY access security is that it tends to be VERTICAL, if you like. It allows/prevents users runnnig cetain forms etc.

What it doesnt/cant do is limit their ability to do things HORIZONTALLY. ie - if you want a certain salesman to ONLY be able to see data on his own accounts, you just cannot do this with access security. You have to add this functionality yourself.