databasedev.co.uk - database solutions and downloads for microsoft access

The Security Wizard:

The Admin user owns all the objects in the database and has irrevocable permissions to them. However, it is important to change the ownership to the project leader’s account (you). When you create or copy an object, the user who is logged in becomes the owner. The easiest way to change ownership of all objects in the database is to first make sure your project leader is logged in, and then run the Security Wizard.

You can use the Security Wizard to create a new database and fill it with copies of the objects of the database that is currently open. The Security Wizard exports copies of all the objects from the original database. It also secures selected object types by revoking all permissions in the Users group for those objects in the database. The new database is encrypted, which means that it is indecipherable during electronic transmission or when it is stored on a disk, tape, or other magnetic medium. All table relationships and linked tables are recreated in the new database. However, the original database is not changed.

Changing the Ownership of Database Objects

An object's owner is the user who creates that object, also known as the object's creator. The owner of an object has Administer permissions. Other users cannot change the object owner's permissions. If another user creates a new object in the database, then that user is the owner of the object. Having different owners for all the objects within a database can be cumbersome. The database will be easier to maintain if one user is designated as the owner and takes responsibility for maintaining the objects. You can change the owner of an object by using the Change Owner tab of the User and Group Permissions dialog box.

Now let's use the Security Wizard to create an unsecured backup copy of the sample Microsoft Access database download file: MyNewApp.mdb and to secure MyNewApp.mdb. You should have already completed the previous tutorials within this security section; details of each can be found at the bottom of this page.

Task A-6: Using the Microsoft Access Security Wizard

Objective: To create a new database that only certain users can access. This information relates to the sample Microsoft Access database download

1. Exit Access. Start Access
2. Open MyNewApp.mdb. In the Logon dialog box, enter your password and click OK.
3. Choose Tools, Security, User And Group Permissions.
4. Select the Change Owner tab. The form objects are displayed. Notice that Admin is the owner of every form. Display different object types from the Object Type drop-down list. Admin is the owner of every object type.
   
   
5. Click Cancel to dismiss the dialog box.
6. Choose Tools, Security, User-Level Security Wizard to run the Security Wizard. Accept the default selection, Modify My Current Workgroup Information File. Click Next.
7. You want to secure all database objects, which is the default wizard setting. Select the All Objects tab and scroll through the list to verify that all tables, queries, forms, reports and macros are checked.
   
   
8. Click Next.
9. In the next wizard dialog box, check these security group accounts: Order Entry and Sales Managers. Each one defines specific permissions for the users you'll assign to the group. To read the group permissions assigned to each built-in group, select each group (but don't check any of the built-in groups)
   
   
10. Click Next.
11. In the next wizard dialog box, accept the default selection "No, The Users Group Should Not Have Any Permissions". Any permissions you assign to the Users group are the same permissions available to anyone with a copy of Access. You want to completely lock out others.
    
    
12. Click Next.
13. In the next wizard dialog box, the users you've already added to the workgroup information file are listed. You also have the option of adding new users. We're not adding any users now, so click Next.
    
    
14. In the next wizard dialog box, you assign users to groups in the workgroup information file. Select the option Select A Group And Assign Users To The Group.
    
    
15. Your name is already assigned to the Admins group, and the other users are already assigned to either the Order Entry or Sales Managers group. Use the following graphics to select the group names and verify the users assigned to them.
    
    
    
    
16. Click Next to advance to the last wizard dialog box. Verify the name of the backup copy of the unsecured database.
    
    
    Also note that, after the database is secured, you'll get a report of the settings that were used to create the users and groups in the workgroup information file.
17. Click Finish and wait while the wizard secures the database objects and creates the report.
18. Scroll through the One-Step Security Wizard Report. Notice that there's an unsecured database (.bak file) and a secured database (.mdb file), both stored in the folder. The report lists the secured objects, groups and users. It's important to keep this information available in the report in case you ever need to re-create the same workgroup file.
19. Close the report.
20. Click Yes to save the report as a Snapshot (.snp) file. Wait for the encryption process to finish.
    
    
21. On the taskbar, you will see the Snapshot Viewer, and clicking this will view the new file: MyNewApp.snp.
22. The snapshot report is saved in the same location as the database file.
23. Close the Snapshot Viewer.

Next we'll take a look at Security Permissions and Permission Types.

Go to page:

1. Steps to Securing an Access Database by Using User-level Security
2. Setting Logon Procedures
3. Group Accounts
4. User Accounts
5. Changing a Password
6. The Security Wizard
7. Permissions
8. Testing Security
9. Documenting Database Security
10. Previewing Permissions
11. Securing a Database with a Database Password
12. Distributing the Secured Application