User Level Security in Access 2007

[Rudi]

I have always been comfortable with the user level security in Access 2003. However, now this feature has been removed in Access 2007. I have read up on help in Access 2007 but only understand the fact that in order to protect a database in 2007, one can add a file password. Anyone with access to the password has full administrative rights to the DB. My question is: What way can one allow users to access the DB with levels of rights? There must be some option to protect the DB with levels of rights?

Please inform me of my options, as I get this question from time to time, and I feel VERY uninformed about the changes and my options in securing a DB in Access 2007.

TX

[HansV]

User-level security has been removed for the new Access 2007 .accdb format.

It is still available in Access 2007 if you open a database in Access 2000 or Access 2002/2003 .mdb format:
- Activate the Database Tools tab of the ribbon.
- Click Users and Permissions in the Administer group.

x62.png

If you have to work with an .accdb database, you must either create your own security through VBA code, or find third-party code to do this, such as the free Security Toolkit from Superseded resources (the name doesn't inspire much confidence...)

Microsoft's attitude is that you should move the data to SQL Server if you need user-level security.

[Rudi]

Thanks for the inside info Hans. Appreciate it!
I'll try that Superseded link too.

[Rudi]

Hi all,

I found a very useful link that lays out (very plainly) some interesting and useful security techniques that one can consider in Access 2007. Since User Level Security is stripped...there are some nice options presented in this web page that one can use to provide "levels" of security.

It's an interesting read: http://msdn.microsoft.com/en-us/library ... e.12).aspx

[Wendell]

Unfortunately what the Access team didn't seem to get was that you often need to only selected people to perform certain functions, and User Security did that very nicely. None of the information posted there deals with that kind of situation. You can of course use Windows User Login's, but then you have to build all of the logic to either allow or prevent people from various options. For that reason we still use MDBs and administer the security as was done previously.

[JohnH]

I agree with Wendell. I often want to place restrictions on what people can do/see, and the existing Security system does a good job of that. My users are not going to try to hack their way around the Security, so I don't need some bulletproof system.

I make that comment, because I often see it said that if you need Access Security, then you really need something more robust that Access Security.

Using the Windows Login gives some capacity, but in some of the places I work, there is no guarantee that someone will not sit down at someone else's computer and use their login.

[Carol W.]

I wanted to take a look at the superseded zip file. When I hover the mouse over the zip file link, I see the correct url (see screenshot 1). However, when I click on it, my ISP (Cox Communications) apparently redirects me to a dns error page (see screenshot 2). Not sure what's going on with them

Does anyone have this zip file? If so, could you please PM me and I'll provide my email address. I'd be obliged if you would send it to me.

Thanks in advance.

[Wendell]

I get the same error Carol - looks like it might have been superceded....

[HansV]

Sorry about that. The link worked some time ago, but apparently the product has been discontinued entirely now.

[HansV]

I found a very useful link that lays out (very plainly) some interesting and useful security techniques that one can consider in Access 2007. Since User Level Security is stripped...there are some nice options presented in this web page that one can use to provide "levels" of security.

As Wendell and JohnH point out, user level security was a very useful 'mid-level' security solution because it allowed the designer to assign different permissions to different users. None of the suggestions in the article provide this within Access - you're forced to migrate your data to SQL Server. That is fine for large databases and large organizations, but it's overkill for smaller groups. I think the decision to eliminate user-level security from the .accdb database format is a very regerettable decision by Microsoft.

[Carol W.]

I get the same error Carol - looks like it might have been superceded....

Cute, Wendell

Thanks, Hans. Too bad. It sounded interesting.

[Rudi]

Carol...

I downloaded that zip file, and if you are interested, I can pass it on to you!

[Carol W.]

Rudi,

I just PM'd my email address to you.

Curious as to how you got to it. Another site, perhaps?

Thanks.

[Rudi]

The download worked when Hans posted that link on 24 March. I grabbed it at that time and still have it on my PC. Its obviously superseded now....as suggested in the previous replies...