How to safely deploy an access application (1 Viewer)

[K0k1man]

Hello,

I've finally finished an Access application and now am having trouble deploying it for multiple users...

There are 2 types of users, each type should have different permissions.

Data Entry group should be able to add/delete and edit records.
Costing group should be able to only read the data.

Now tell me what I am doing wrong.

I have separated the access file into 3 distict files.

1 - All tables
2 - Editing forms linking tables from file number 1
3 - Costing forms linking tables from file number 1

I've placed the All tables files in a folder with permissions set to only read for costing group and full access to Editing group.

In theory it sounds OK, but when they try I get errors... Apparently whomever loads the app first locks the other group....


HELP PLEASE!!!!!!

 

[rainman89]

did you ever think about splitting the DB to a front end and backend?
there are numerous posts on that. that way you dont have to split it into 3. it will split tables and forms into seperate apps for ya

 

[boblarson]

And you can use the Access Security Wizard to set up security for you. You can have an option to have it create a shortcut for you and then you distribute that shortcut to users to open the database. You can set up users or user groups during the wizard process or when you are finished. Just make sure to make a copy before running the Wizard so if it doesn't work the way you want you don't have a problem in reverting.

 

[K0k1man]

Security Wizard...

If I make a user read only for a certain access file. he can still delete the file without even opening it? Or the entire folder? I was too busy protecting it from accidental edits that I did not realize the "desgruntal employee" possibility....

 

[rainman89]

If I make a user read only for a certain access file. he can still delete the file without even opening it? Or the entire folder? I was too busy protecting it from accidental edits that I did not realize the "desgruntal employee" possibility....

by file what do u mean?
within access if u make it read only he cannot delete the file. he wont even be able to have acess to the files. just open them and see them. as for deleteing the access file itself. thats something you would have to address with the security settings on your PC

 

[boblarson]

If you give each user their own copy of the front-end, it won't matter if they delete that one. If you have the backend on the server (which it should be) you can deny delete rights to a user/users/ or Active Directory group.

 

[K0k1man]

That is my problem....

As soon as I set the folder permissions to not allow certain users to do anything but read, the application locks and does not allow edits to take place, even if the editor has all necessary permissions....

As soon as the read only users close the app, all goes back to normal and edits can happen.

if the editor has it opened the read only users get an error stating that this file is opened exclusively by another user.

My plan was to have both groups working at the same time hitting the same database (all linked to the back-end file), but right now when one group loads the app, it locks for the other group... and vice-versa. The diference is the type of error

 

[rainman89]

As soon as I set the folder permissions to not allow certain users to do anything but read, the application locks and does not allow edits to take place, even if the editor has all necessary permissions....

As soon as the read only users close the app, all goes back to normal and edits can happen.

if the editor has it opened the read only users get an error stating that this file is opened exclusively by another user.

My plan was to have both groups working at the same time hitting the same database (all linked to the back-end file), but right now when one group loads the app, it locks for the other group... and vice-versa. The diference is the type of error

If each user has their own front end then this should not happen. There is a default open property where u can set it so that it doesnt open exclusively on one machine, but i dont think this is where your problem lies

 

[boblarson]

As soon as I set the folder permissions to not allow certain users to do anything but read, the application locks and does not allow edits to take place, even if the editor has all necessary permissions....

As soon as the read only users close the app, all goes back to normal and edits can happen.

Users of Access need to have read/write rights to the folder that the database resides.

 

[K0k1man]

Read AND Write?

Or one of the 2?

And when you mean "the folder where the database resides" are we talking about the folder where the back-end file with all tables is located?

OR Read AND Write to the folder where the Front-End file?


Read AND Write permissions being required on the back-end sounds weird


and once again, thank you

 

[rainman89]

Back end is where its needed so that you can write to the file!!! otherwise you wont be able to save your changes!


on the front it wont matter. if u give them the full rights or just read and write

 

[K0k1man]

OK... here I go again

So for users who I want to read/write I grant those permissions and for the ones that I just want to read I give them just READ on the back-end folder.

OK. I've tried this before (without the spliting and distributing front-ends)

once again thank you for the time and patience

 

[rainman89]

hopefully that will work for you. but im alittle skeptical. i think you need to set up the security in access for them to read the data only. not write to the database correct?

 

[K0k1man]

Correct.

It is my final objective. To protect the data/file from accidents or otherwise. only 1 or 2 people should have access to edit/write/delete and everyone else should only view the data... I'll keep you guys posted

 

[boblarson]

You still need READ/WRITE access to the backend folder that the backend mdb file is located (even for read only users) since they won't be able to open the backend with their front end because Access won't be able to write the ldb file.