My database is split front end and back end and I wondered how best to secure it? I have a password on the front end which is shared with users but how do I secure the back end as this could potentially just be opened with access to all the tables. I know I can convert to an mde but I occasionally have to add new tables into the back end and not sure how I would do this if it was an mde file.
Back End Security (1 Viewer)
- Thread starter TCalvert
- Start date
arnelgp
..forever waiting... waiting for jellybean!
- Local time
- Today, 07:34
- Joined
- May 7, 2009
- Messages
- 19,247
continue using .mdb as your Back-Endadd Password to it, then Re-link all Linked tables from the Front-End.
about adding table to the backend.
you should add a table (tblMaintenance) to the back end with one Yes/No field.
you create a Linked table to this table to your FE.
you create a Hidden form to the FE that has timer event that
once in a while check the Yes/No field.
If the field is True, show a msgbox that the db is going to under for maintenance and
that the User should save his work immediately.
After a minute, the FE closes.
The hidden form is opened in Autoexec macro.
and will check the Yes/No field upon the timer event
to check the yes/no field. if it found that this field is set to True,
the db will not continue to open.
if you are going to maintenance the BE, you execute an
update query to the tblMaintenance, setting the Yes/No field to True (Yes).
when you are done making changes, set the value back to False (no).
about adding table to the backend.
you should add a table (tblMaintenance) to the back end with one Yes/No field.
you create a Linked table to this table to your FE.
you create a Hidden form to the FE that has timer event that
once in a while check the Yes/No field.
If the field is True, show a msgbox that the db is going to under for maintenance and
that the User should save his work immediately.
After a minute, the FE closes.
The hidden form is opened in Autoexec macro.
and will check the Yes/No field upon the timer event
to check the yes/no field. if it found that this field is set to True,
the db will not continue to open.
if you are going to maintenance the BE, you execute an
update query to the tblMaintenance, setting the Yes/No field to True (Yes).
when you are done making changes, set the value back to False (no).
- Local time
- Today, 00:34
- Joined
- Feb 19, 2013
- Messages
- 16,629
you can, also change and delete tables - and you add/change/delete queries as well (tho' not usually found in BE's)
mde's only protect forms, reports and modules, don't know about macros as I don't use them.
To protect the BE, you need to do as Arnel suggests - password protect it (with a different password to the one you are using for the FE)
Babycat
Member
- Local time
- Today, 06:34
- Joined
- Mar 31, 2020
- Messages
- 275
Again, the story is the BE's password can be retrieved by opening FE with text editor such notepad. I am not sure if new access (A365) can resolve this weakness.
Anyway, Ms Access is not intended for high security application/program i think.
btw: When sharing BE folder on network, we normally share with full control (read/write), that means anyone on user-machine can access to the folder, then they can copy or even delete the BE file. Is there anyway to prevent this?
Anyway, Ms Access is not intended for high security application/program i think.
btw: When sharing BE folder on network, we normally share with full control (read/write), that means anyone on user-machine can access to the folder, then they can copy or even delete the BE file. Is there anyway to prevent this?
Last edited:
- Local time
- Yesterday, 18:34
- Joined
- Feb 28, 2001
- Messages
- 27,218
No, because Access has this little element called the Lock File (.LDB for .MDB, .LACCDB for a .ACCDB). It resides in the same folder as the BE file and in order to use it properly, you need MODIFY-level access rights to that folder. This is because on any given day, the first user in will create the lock file and the last user out will delete it. Since it gets deleted, it loses any Access Control List (ACL) that it might have had, so you cannot make a persistent ACL on it. If you look at the MODIFY (broad-brush) permission, it consists of READ FILE, WRITE FILE, CREATE FILE, DELETE FILE, and a few other advanced permissions. I forget offhand how many detailed permissions are involved, but there are 22 total permissions that one could have and MODIFY (I believe) encompasses at least 9. But it HAS been a while.
isladogs
MVP / VIP
- Local time
- Today, 00:34
- Joined
- Jan 14, 2017
- Messages
- 18,246
Agreed. See my article comparing the security of ACCDB vs MDB
Compare Access File Security
This article compares the security of the MDB & ACCDB file formats together with the compiled MDE & ACCDE versions.
www.isladogs.co.uk
