Multi users Logon Security questions

[reeve13]

This is way over the top of my head and I need desperat
help! Here goes…..I am finally finished exporting an Excel spreadshee
that contained over 6,000 entries into a continuous form in Access 2003
and before I move it to the shared drive, I have a fe
questions/concerns.

I work with a group of employees totaling 15. Out of the 15 of us,
will be issued editing rights, and the others read only rights and
will be the administrator/creator/owner of the database. Here are m
concerns:

1. It is a MUST that the 4 with editing rights be able to work in th
same form, (the form consists of daily updates i.e.: (purging
entering, deleting and fixing of data) in different areas of this form
and maybe at the same time?


2. In addition, will the 4 of us be able to save the updates entere
separately, and have the most recent data which was entered updated fo
others to view? (I know in Excel we were able to do so).

3. Will the users with read only rights be able to fill out other form
in the database or should I assign some degree of editing rights?

4. Also, although rare, will there be a problem if all 15 employees ar
in the same database completing other forms at the same time?

5. We have a few employees who work from home and log into our syste
via Citrix. Will they have a problem logging into the database an
completing the forms?

This is where I am CLUELESS and need help DESPERATELY!! Is there
step by step way of doing this? (please say yes! please say yes!) I a
sure I will need to create a shortcut for all users and I will als
need help on how to do that also. Currently, there is no user id o
password set up for anyone of us since we have a specific shared driv
designated for our group/department.

I welcome any suggestions you may have.

THANKS!

Totall

 

[Joan Wild]

--
Joan Wild
Microsoft Access MVP

I work with a group of employees totaling 15. Out of the 15 of us, 4
will be issued editing rights, and the others read only rights and I
will be the administrator/creator/owner of the database. Here are my
concerns:

1. It is a MUST that the 4 with editing rights be able to work in the
same form, (the form consists of daily updates i.e.: (purging,
entering, deleting and fixing of data) in different areas of this
form, and maybe at the same time?

A form does not contain data; the underlying tables contain the data. You
shouldn't have problems with this.

2. In addition, will the 4 of us be able to save the updates entered
separately, and have the most recent data which was entered updated
for others to view? (I know in Excel we were able to do so).
Yes.

3. Will the users with read only rights be able to fill out other
forms in the database or should I assign some degree of editing
rights?

If they are 'filling out other forms' then they'll require insert/modify
permissions on the underlying recordsource to do so.

4. Also, although rare, will there be a problem if all 15 employees
are in the same database completing other forms at the same time?

No, but see further...

5. We have a few employees who work from home and log into our system
via Citrix. Will they have a problem logging into the database and
completing the forms?

If it's set up properly, it should be OK.

It is imperative that you split the database into frontend/backend. The
backend contains just the tables/relationsships and sits on the server. The
frontend contains all other objects, and links to the tables in the backend.
Each user is given a copy of the frontend on their PC. For the citrix
users, separate frontends are required there as well. You'd usually put
this in their own folder.

If you have periodic updates to the frontend, you can automate the
distribution of these updates. See
http://www.granite.ab.ca/access/autofe.htm

You can implement user level security in Access. Recommended is that you
define groups and then assign permissions on the groups. Then it is just a
matter of creating users and putting them in the appropriate group. You
need to study up on security, as it isn't easy to get right.

Security FAQ
http://support.microsoft.com/?id=207793

Security Whitepaper
http://support.microsoft.com/?id=148555

I've also outlined the detailed steps at
www.jmwild.com/AccessSecurity.htm

I am
sure I will need to create a shortcut for all users and I will also
need help on how to do that also.

If you use the security wizard, you'll find there's an option to create a
desktop shortcut for you.

Post back after you've done some reading with any questions.

 

[reeve13]

Hello, Joan.

I want to say thanks in advance for the detailed instructions yo
posted. Before I start, I have a question. There are only two (2) o
us using Access 2003, and I am one of the two and the others in my dep
are using Access 2000. Will this create a problem with the tw
different versions?

With your step-by-step instructions, which version of Access should
use?

Thanks

 

[Joan Wild]

I would use the 2000 steps to secure it with. That way you can be sure that
the 2000 users will not have any problems. 2003 will have no problems using
the 2000 version. Note that you shouldn't use the security wizard with
version 2000.

 

[TC]

reeve13 wrote:

1. It is a MUST that the 4 with editing rights be able to work in the
same form ... in different areas of this form, and maybe at the same time?

The answer to this is not a definitive yes or no. It is a maybe,
depending on your version of Access, the average size of the records in
the underlying table, and exactly how far apart the "different areas"
in question are.

When you edit a record, Access needs to lock that record. This occurs
at the instant you type the first keypress ("pessimistic locking"), or
at the instant you try to save the edit ("optimistic locking").

In addition, if you are using "page level locking" (as opposed to
"record level" locking), Access locks /all/ the records in the same 2kB
or 4kB page on disk. This might be no other records, 1 other record, or
lots of other records.

Other people who try to:
- edit (or save an edit to) a locked record, or
- edit (or save an edit to a record in a locked page,
will get an error, and they will have to discard their change & start
again.

You can read about all of the quote-marked words & phrases above, in
online help. However, this is one area where it is almost impossible to
predict exactly what will happen in practice. There are just too many
variables.

So what I am saying is, that your requirement above will /probably/ be
ok, but you can not really be 100% sure until you have tried it "for
real".

HTH,
TC

 

[Karen in MN]

Why is it not recommended to use the Security Wizard with Version 2000?
Thanks

I would use the 2000 steps to secure it with. That way you can be sure that
the 2000 users will not have any problems. 2003 will have no problems using
the 2000 version. Note that you shouldn't use the security wizard with
version 2000.