We are running a system with front end and back end MS Access 97 databases, under the control of VB6 programs, running with DAO/Jet. What is the best way to set the security flags?

What effect does the fact that we are applying security to linked tables have, if any?

Does the resulting security value behave in a similar way to group/user security ie. least restrictive?

I would be grateful to hear from anyone who has had similar problems.

There is a good article in the Knowledge Base on setting up Access security. As far as actually setting up security, I prefer to do it from the Access interface rather than doing it in code from VB.

Security on linked tables is straight forward. The security must be applied to both databases for things to work. Once you have everything set up, I recommend setting the AllowBypassKey property to False on the database with an Autoexec macro or startup code to kick folks back out of the database if they manage to get in past security.

Email me if you have any specific questions.
Bash

Hi bash - thanks for your reply.

I am setting security via Access - I have no problem doing this.

I am also aware that users would not be able to (for example) amend bound fields if they have an insufficient security level.

What I am trying to do is limit a users actions at the earlist possible opportunity by checking their security permissions at the start of the program.

For example, if a user only has "Read" permission for a table then I want that user to be able to see all the data, but I want to disable our "Add new record" button or "Edit record" button. Equally, to enable the buttons if the user has "Insert" or "Update" permission.

Reading and applying these permissions in this way is not a problem if the table is at the front-end. I am having a problem when the table is at the back-end.

What you say makes sense - I will give it a try.

Thanks again

I think I have solved the problem!

What I did was get the front-end table's "AllPermissions" property, and the back-end table's "AllPermissions" property and then "AND"ed them together.

In theory, this will then only permit what is permitted in both databases. After limited testing, it appears to work.

Can anyone think of a reason why this should not work, or of any dangers lurking beneath the surface?


[This message has been edited by Michael (edited 07-08-1999).]