Can't run RWOP queries in Access 2000

[shunah_removethis_]

I'm trying to secure my db app with user-level security. I've set up
two accounts, DBManager, which is a member of the admins group, and
DBUser, which is a member of the built-in Full Data Members group (with
some changes).

In the front-end db, I have RWOP turned on. DBUser's group has all
permissions -- except for Modify Design and Administer -- to all
queries, and full permissions to all table links. DBManager has full
permissions to and owns all objects in the front and back ends.

In the back-end db, DBUser's group has Open/Run permissions to the db,
and Read Design permissions to all of the tables.

I can't run a single query logged into the FE as DBUser. I get the
error message: Record(s) can't be read; no read permission on <table
name>.

Can anyone tell me where I've gone wrong? This is Access 2000 on
Windows 2000.

Thanks,
Sharon

 

[TC]

I think you misunderstand when you say: "In the front-end db, I have
RWOP turned on.". RWOP is not an attribute of the front-end db. It is
an attribute of each individual query in the front-end db. It might be
ON for some of those queries, and OFF for others.

Remember that when a query has the RWOP option, it always executes with
the permisssions of the user who /owns/ that query - regardless of
which user is /running/ that query. So if an RWOP query, which is owned
by user 'A', and run by user 'B', can not access object 'X', this means
that user 'A' does not have permission to access object 'X', either
directly, or through any group to which he belongs.

HTH,
TC