Backend folder vs. frontend database

Access9001

Registered User.
Local time
Today, 05:55
Joined
Feb 18, 2010
Messages
268
If I have an MS Access frontend that connects to an MS Access backend, is there a way to hide/permission block the pathway to the backend's folder but still allow access via the frontend db?

Right now I can't dedicate a server to a more "secure" form of DB or anything like that so I'm stuck with MS Access for now. I just don't want someone looking at, say, a link table path and then navigating to that folder and getting access to backend information. What might be some solutions to this?
 
The solution is to not let anyone near the database window/navigation pane. Give them access to forms only and run everything from there. You will need to uncheck the show nav pane option and you will need to get the code (which is here on the forum) for Disable Shift Key Bypass so that they can't get in the backdoor by holding the shift key down.
 
I already do that; my question is about the actual backend folder.

Say I have G:\Backend\Backend.mdb and G:\Frontend\Frontend.mdb

I don't want anyone even *wandering* into the Backend folder through pure navigation. I want to somehow close that folder off so people can't get into it and poke around Backend.mdb.

However, at the same time, Frontend.mdb needs to be able to access Backend.mdb.
 
I already do that; my question is about the actual backend folder.

Say I have G:\Backend\Backend.mdb and G:\Frontend\Frontend.mdb

I don't want anyone even *wandering* into the Backend folder through pure navigation. I want to somehow close that folder off so people can't get into it and poke around Backend.mdb.

However, at the same time, Frontend.mdb needs to be able to access Backend.mdb.
You can't stop people from going to that folder because they have to have full rights for Access to work. But you can work with your system admin to make that a hidden folder. But again, that isn't going to stop someone if they decide to manually input the path into Windows Explorer.

Access is just not secure at all and so you are stuck with what you have until you can go to something like SQL Server or SQL Server Express.
 
How would using SQL Server Express work? Would it need an entirely new machine to dedicate to running the actual server software/etc?
 
Currently we have a sort of central program that dumps .dbf files daily and we take these into Access and perform make-tables, etc, to create a variety of tables and queries for use.

However, I don't think SQL Server will let me "pull in" and update/recreate the tables in the same way, right?
 
How would using SQL Server Express work? Would it need an entirely new machine to dedicate to running the actual server software/etc?

You can run SQL Server Express on a machine that is not dedicated to it. But, of course, it would work better if it was on a dedicated machine.

When using SQL Server Express 2008 R2, you have up to 10Gb of storage space and you can create and use Stored Procedures on the machine which can speed things up. But in a security aspect, you can set it so that you use SQL logins which you can create a user for each user who needs access and you can assign different permissions to each user and, you can set it so that some users can't use anything but Views or Stored Procedures (no direct table access from Access) which can be good.

It isn't a panacea, but it can help you out. If you aren't all that familiar with SQL Server, I would suggest going through this tutorial:
http://www.functionx.com/sqlserver/index.htm
 
Can it be combined with the DBF dumping process (pulling DBFs into SQL Server for new tables daily).
 
Can it be combined with the DBF dumping process (pulling DBFs into SQL Server for new tables daily).

With the full version of SQL Server you would just use SSIS (SQL Server Integration Services) for that. I don't think there's a way to do it directly with SQL Server Express. You probably would have to use an Access database to import it to there and then using code you could send it in to the SQL Server Express database.
 
Depending on the file system you could Deny "List Folder Contents" for the folder containing the back-end database file for the people who should not have access to it. This would give some level of protection.
 
Right click on the folder, Select Properties, Select The Security tab and edit the permissions for the group you want to Deny and click in the Deny checkbox for "List Folder Contents". They should still be able to read and modify the database file, just not see it. I haven't tested this but it should work.
 
You can work with SQL server or other RDBMS' as if it were local Access tables - for the most part.

You would link to the .dbf's and append the data to existing SQL Server tables. You wouldn't use make tables. consolidating the data will probably also help you in other ways.
 

Users who are viewing this thread

Back
Top Bottom