Compacting secure database

[Lothar Geyer]

In my VB app I give the user the option to compact a database. The
statement is

Set mDBEngine = New JRO.JetEngine
mDBEngine.CompactDatabase myDBConStr, newDBConStr

The connection strings are build with

Set mCNN = New ADODB.Connection
With mCNN
.Provider = "Microsoft.Jet.OLEDB.4.0"
.Properties("Data Source") = DbPath
.Properties("Jet OLEDB:System Database") = SystemDB
.Properties("User ID") = DBUser
.Properties("Password") = dbpw
ConnectionStringADO = .ConnectionString
End With

Now a customer noticed, that he has full access to the database when
double clicking the name in the Windows explorer. The original .mdw file
is present. A copy of the .mdb file on another PC gives the expected
error "no privilege ...".

What may have happened on the customers PC? How to fix it?

Lothar Geyer

 

[TC]

If a customer has "full access" to a secured database file by
double-clicking it in windows explorer, this means that:

(1) the correct secured workgroup file has been set as the default workgroup
file, using the Workgroup Administrator program, or the built-in option in
later versions of Access;

or:

(2) the database has not been secured correctly, & is accessible using
whatever workgroup file is currently set as the default on that PC.

No other causes, afaik.

HTH,
TC

 

[Lothar Geyer]

Hi TC,

If a customer has "full access" to a secured database file by
double-clicking it in windows explorer, this means that:

(1) the correct secured workgroup file has been set as the default workgroup
file, using the Workgroup Administrator program, or the built-in option in
later versions of Access;

how to prevent a user to do so?
In the workgroup file of my database two users are defined with
passwords not known by the user.

or:

(2) the database has not been secured correctly, & is accessible using
whatever workgroup file is currently set as the default on that PC.

When the database is copied to another PC then it is not accessible. So
I think this can't be the reason.

No other causes, afaik.

:-((

Additional question:
Is it possible that a database looses connection to the specified
workgroup file during compact of the database and is connected to the
default system workgroup file?
(But this can't be the reason as the database is not accessible after
copy to another PC.

Lothar Geyer

 

[test]

Hi Lothar

Answers below.

Hi TC,


how to prevent a user to do so?
In the workgroup file of my database two users are defined with
passwords not known by the user.

I'm not sure what you want to "prevent". Consider the workgroup file in (1)
above. Presumeably, the Admin user of that workgroup file, has a non-blank
password. When a user performs the actions in (1) above, he will be prompted
for a username/password. If he doesn't >know< a valid username/password, he
won't be able to go any further. So, what do you want to "prevent", in
scenario (1)?

When the database is copied to another PC then it is not accessible. So
I think this can't be the reason.


:-((

Additional question:
Is it possible that a database looses connection to the specified
workgroup file during compact of the database and is connected to the
default system workgroup file?
(But this can't be the reason as the database is not accessible after
copy to another PC.

I think you misunderstand how workgroup files relate to databases.

You can start a database in one of four ways:

(1) Open Access, then open the database from File:Open option (or whatever
it is);

(2) Double-click the database file directly in windows explorer;

(3) Start the database using a shortcut of the following format:
"full path to MSACCESS.EXE"
"full path to MDB file"

(4) Start the database using a shortcut of the following format:
"full path to MSACCESS.EXE"
"full path to MDB file"
/wrkgrp "full path to MDW file"

In cases (1), (2) and (3), Access uses the default workgroup file that was
last selected with the Workgroup Administrator program, or with the
equivalent built-in option in the later versions of Access.

In case (4), Access uses the workgroup file that is specified by the /wrkgrp
switch.

Access >never< opens the database >first<, and then determine what workgroup
file to use with it. That is, the database file >does not< tell Access which
workgroup file to use with it.

HTH,
TC

 

[Lothar Geyer]

Hi "test",

...
I'm not sure what you want to "prevent". Consider the workgroup file in (1)
above. Presumeably, the Admin user of that workgroup file, has a non-blank
password. When a user performs the actions in (1) above, he will be prompted
for a username/password. If he doesn't >know< a valid username/password, he
won't be able to go any further. So, what do you want to "prevent", in
scenario (1)?

I want to disable any access to my database using Access or any other
application except mine.
Previously I used a database password. But this is not possible with
replicas.

Question:
If a user knows a username and password for the default workgroup file:
is he allowed to access any database on this PC?

...
I think you misunderstand how workgroup files relate to databases.

You can start a database in one of four ways:

(1) Open Access, then open the database from File:Open option (or whatever
it is);

(2) Double-click the database file directly in windows explorer;

(3) Start the database using a shortcut of the following format:
"full path to MSACCESS.EXE"
"full path to MDB file"

(4) Start the database using a shortcut of the following format:
"full path to MSACCESS.EXE"
"full path to MDB file"
/wrkgrp "full path to MDW file"

In cases (1), (2) and (3), Access uses the default workgroup file that was
last selected with the Workgroup Administrator program, or with the
equivalent built-in option in the later versions of Access.

I.e.:
if the default workgroup file is not the .mdw I installed with my
database, and the user knows a valid username and password, he can
access my database?
if the default workgroup file is my .mdw the user will certainly not
know a valid username and password.

In case (4), Access uses the workgroup file that is specified by the /wrkgrp
switch.

Access >never< opens the database >first<, and then determine what workgroup
file to use with it. That is, the database file >does not< tell Access which
workgroup file to use with it.

So what to do to disable unauthorized access to my db?

Lothar Geyer

 

[TC]

Hi Lothar
I am busy for the next 24 hours & will answer this ASAP after (if no-one
else has).
Cheers,
TC

 

[TC]

Hi Lothar

I've been busy for the last few days. Answers inline, if you are still
around!

Cheers,
TC

Hi Lothar
I am busy for the next 24 hours & will answer this ASAP after (if no-one
else has).
Cheers,
TC


in username/password,

I doubt you can do that. If an application can use a secured Jet database,
it must have access to a suitable workgroup information file defining the
valid users & groups for that database. Then, AFAIK, there is no way to
prevent someone joining that workgroup file (using the workgroup
administrator program) then opening the database from Access - assuming they
know a suitable username and password.

That doesn't follow. If a database has been properly secured, a user can
only access that database if he knows a valid username/password from the
workgroup file which was used for creating that database. And, one of the
steps of securing a database properly, is to create a >new< workgroup file -
not use the system default one.

HTH,
TC

 

[Lothar Geyer]

Hi TC,

...

I doubt you can do that. If an application can use a secured Jet database,
it must have access to a suitable workgroup information file defining the
valid users & groups for that database. Then, AFAIK, there is no way to
prevent someone joining that workgroup file (using the workgroup
administrator program) then opening the database from Access - assuming they
know a suitable username and password.

This is OK for me - if he has to know a username/password I defined in
my workgroup file.

That doesn't follow. If a database has been properly secured, a user can
only access that database if he knows a valid username/password from the
workgroup file which was used for creating that database. And, one of the
steps of securing a database properly, is to create a >new< workgroup file -
not use the system default one.

May be I misunderstood your previous post:
-- copied from previous post --
Access >never< opens the database >first<, and then determine what workgroup
file to use with it. That is, the database file >does not< tell Access which
workgroup file to use with it.
-- end copy --

So there is a relationship between a database and a workgroup file - the
one I created when securing the database.

If this workgroup file is not present the database is not accessible. OK?

So back to my initial question:
How is it possible that a secured database can be opened at a customer
site doulbeclicking der .mdb file in the explorer?

History:
The database had a database password. This was changed with Access using
the "user security assistant" (I am using the German version). There I
created a new workgroup file, added two users with passwords not known
by the customer. Admin is a normal user and normal users do not have
access rights.

As far as I know accessing the database was not possible after
installation. However, the customer compacted the database as described
in my initial post.

And now he is able to open the database.

???

Lothar Geyer

 

[TC]

Hi TC,


This is OK for me - if he has to know a username/password I defined in
my workgroup file.

Yes. If the database has been properly secured, he must know a valid
username/password before he can access the database. And, having accessed
the database, he will only have the level of access that you defined for
that username/password.

May be I misunderstood your previous post:
-- copied from previous post --
Access >never< opens the database >first<, and then determine what workgroup
file to use with it. That is, the database file >does not< tell Access which
workgroup file to use with it.
-- end copy --

Correct. >First< Access decides what workgroup file it will use. >Second<,
it opens the database. >Third<, it determines whether the opened workgroup
file, is or is not the workgroup file which was used to create that
database - see more info on that, below. This is the sequence of events,
even when you double-click the database file directly in windows explorer.

So there is a relationship between a database and a workgroup file - the
one I created when securing the database.

Yes and no!

- Yes, in this sense:
The members of the Admins group >of that specific workgroup file<, have
special priviliges in the database. The members of the Admins group of

other< workgroup files, do not necessarily have those priviliges. So,

Access >can recognize< whether the current workgroup file, is or is not the
workgroup file which was used to create that database. Let's call that fact,
'X'.

- No, in this sense:
Access does not use fact 'X' to automatically use the "correct" workgroup
file when it opens a database. This is probably because, there are various
cases where you do not ewant to use that workgroup file - you want to use
some other workgroup file - not the one that was used to create the
database.

If this workgroup file is not present the database is not accessible. OK?

No, that's not true as a general statement. For example, you could secure a
database against a workgroup file W1, in such a way that the database >could
be< opened using a different workgroup file W2 - but when opened with W2,
the users' access was more tightly controlled than when the database was
opened with W1.

You might 3want to do that, for the following reason. If a user could
determine the username/password of a member of the Admins group of W1, he
would have full permissions to all objects in the database. But if he
determines the username/password of a member of the Admins group of W2, he
would >not< have those permissions. This is what people mean when they say:
"When you distribute a secured database, you should not distribute the
workgroup file which was used to create that database."

It is all a matter of what users & groups you define in each workgroup file,
& what permissions you give to those users & groups. It is not at all
simple, as you can see!

So back to my initial question:
How is it possible that a secured database can be opened at a customer
site doulbeclicking der .mdb file in the explorer?

As I said before:

- that user has a copy of the appropriate workgroup file & has selected it
as the default workgroup file using the workgroup adminuistrator program or
similar built-in option in later versions of Access, or

- the person who secured the database has deliberately deigned the
permissions so that user of >other< workgroup files can open the database &
perform selected functions; (I probably did not include this one before), or

- the database was not properly secured to begin with.

Lothar, I'll be busy for the next 2 days & will have little if any time on
the net. I hope the information above, will help you work your problem out!
Perhaps someone else will jump in with more help.

Cheers,
TC