Security nightmare - 2 mdw's mixed up

[Billy]

Joan,
Thanks for your advise but when I join my functioning mdw file to the
system, Add/Remove is greyed out. I get an account that I created at
the beginning and it would not let me change anything. I hope I have
not done any damage to the system mdw.
Help please
Billy

 

[Joan Wild]

Joan,
Thanks for your advise but when I join my functioning mdw file to the
system, Add/Remove is greyed out.

I'm not sure what you mean by 'functioning'. Any mdw will function.

I get an account that I created at
the beginning and it would not let me change anything.

You 'get' an account? I don't understand this. When you see the login
dialog, the username will be filled in with the last username that used
Access. You can change that username to another one. You need to log in
using a username that is a member of the Admins Group.

Or it's possible that you aren't using the correct mdw file - try one of the
others.

 

[Billy]

Everything seems to be going well at this point! Now how do I
distribute the database to the network or rather how do I create a
shortcut that can be accessed by everybody on the common drive?
Billy

 

[Joan Wild]

You need to copy the secure mdw and the mdb to a folder on the server that
everyone has access to. All users will need read/write/create/delete
windows permissions on that folder.

You can give each user a desktop shortcut the uses the secure mdw and opens
the secure mdb. The target would look like:
"path to msaccess.exe" "path to secure mdb" /wrkgrp "path to secure mdw"

It is highly recommended that you split the database. Put the backend
(tables/relationships only) mdb on the server. A copy of the frontend (all
other objects, and table links to the backend) mdb would go on each user's
computer. You'd modify the shortcut above so that the path to secure mdb
would be the path to the frontend.

If everyone has Access installed in the same folder, and the frontend is
installed in the same location on each PC, you can copy the shortcut to each
person.

Since you've secured it, you shouldn't use the database splitter wizard, as
that will result in an unsecure backend mdb. Instead split it manually.

See www.jmwild.com/SplitSecure.htm

 

[Billy]

Joan,
Your help is great, but would you please provide step by step process
of creating a shortcut on the network as well as securing the backend
and/or frontend.
The secured database is seated on my desktop. I copied it to a folder
in the network..successful, I also copied the mdw file to the same
folder....successful, however, I realised that the mdw file needed me
to import data..(is this normal?). At the same time, the mdw did not
show everybody shown on the one-step security wizard report...(is this
also normal?). If you have some links like the one you sent yesterday,
I would appreciate. I have to admit that it is the first time I am
securing a database on my own.
Thanks for your help so far.
Billy

 

[Joan Wild]

You do not create a shortcut on the network.

1. Copy the backend to the server (you've done this).
2. Copy the secure mdw to the server(you've done this).
However you said the mdw needed you to import data. Can you describe
exactly the messages you received. There is no need to import or do
anything to the mdw.
Mdw did not show all users as per one-step security wizard report. I
believe you said you had multiple mdw files and so likely there is a mix of
which one should be used. I suggest you revert to your unsecured database
and start over. You need only one secure mdw. Once you have it done, it's
that mdw that goes on the server. And it *will* contain all the users you
need.

Is your database split right now?
Yes - Good put the backend on the server. Open the frontend on your PC, and
use Tools, Linked Table Manager, and refresh the links; be sure to put a
check at the bottom to prompt for location and choose the location of the
backend on the server.
No - Split the database. See www.jmwild.com/SplitSecure.htm for steps. Put
the backend on the server and refresh the links as per the above.

If the wizard created a desktop shortcut for you on your PC, right-click it
and choose properties. It'll open to the Shortcut tab and the Target line
will be selected. The target will take the form similar to:
"path to msaccess.exe" "path to secure mdb" /wrkgrp "path to secure mdw"
secure mdb will be the original database on your PC - modify it (if
necessary) to reflect the path to the frontend on your c: drive.
path to secure mdw will be the secure mdw you used to secure your mdb
(somewhere on your C: drive) - change the path to reflect the location of
the secure mdw on the server.

Now, you'll have the backend and secure mdw on the server, a copy of the
frontend on your PC, and a shortcut on your desktop.

To set up other users you can just copy the frontend from your PC to them.
In addition you can copy the shortcut from your desktop to them (a shortcut
is just a file with a lnk extension). Ensure that you put the frontend in
the same location on their PC as it is in your's OR if you put it in a
different location, then modify the shortcut on *their* PC to reflect the
location of the frontend i.e. the target would look like:
"path to msaccess.exe" "path to frontend" /wrkgrp "path to secure mdw on
server"
and example:
"C:\Program Files\Microsoft Office\Office11\msaccess.exe"
"c:\MyApp\frontend.mdb" /wrkgrp "F:\databasefiles\secure.mdw"

Just another little wrinkle, but you can use the UNC pathname for the mdw;
i.e. \\servername\path\secure.mdw rather than 'F:' drive; this way you don't
have to worry about someone having a different drive mapping than you.

 

[Billy]

Thanks alot Joan for this info.
I have followed the right procedure but now it is taking time before
the report prints.
I have been waiting for almost 1 hour for it to complete enhancing
security..(is this normal?). I restarted the whole process and deleted
the other .mdw files I had created earlier.
I hope I can finish it soon.
Billy

 

[Joan Wild]

It is unusual for it to take that long.

Did you start with the original unsecured copy of your database?

Did you compile and compact the mdb before running the wizard?

 

[Billy]

Now there is a new problem. When I determine the current work group, I
get an mdw file that is located on my desk top. (?dbengine.systemdb).
When I open this file, it is empty. I would like to get back to the
default system mdw. How do I do this? I think that is the reason why
I cannot successfully use the original unsecured database to continue
enhancing security.
Please advise
Billy

 

[Joan Wild]

Why are you opening the mdw? There is no need to do this.

If you're using 2002 or 2003, the wizard would have created a backup of your
unsecure mdb. You'll find it in the same location as your mdb, with the same
name, but it'll have a bak extension. Rename it to have a mdb extension -
that should be your unsecure mdb. However if you've run the wizard a number
of times, it's possible that it is a partially secured mdb.

I hope you can find a copy of your mdb that is totally unsecure.

You can use Start, Search, Files and Folders, and locate all mdw files on
your computer. Rename every one that you find eg. system.mdw to
system1.mdw.

Now open Access; it will create a new pristine system.mdw for you. Now open
your unsecure mdb. I would then create a new mdb and import everything from
your mdb, just to be sure it's unsecure.

 

[Billy]

Thanks again. Now when I create a new mdb, it comes with users and
accounts that I created at the begining. I do not want this. I want
to create a new account. How do I do this?
Billy

 

[Joan Wild]

In that case you are joined to a mdw file that is not pristine.

Have you searched for all *.mdw files and renamed them?

Then start Access, and it'll create a new system.mdw for you (one with just
the Admin user, Admins Group and Users Group).

 

[Billy]

That worked! You are awesome. Now one more question, is it safe to
split the database when it is secure or when it is not secure? I am
kinda have to start the whole process again.
Thanks
Billy

 

[Billy]

Also, do I need to rejoin the system mdw when running security wizard?
Sorry, these are simple things but they cause chaos.

 

[Joan Wild]

Let's proceed cautiously here. As I understand it you now have a single
unsecured mdb file - is that correct?

Open Access and go to Tools, Security, Workgroup Administrator and post back
with the path to the mdw it shows.

What version of Access are you using?

 

[Billy]

Yes, I have a single unsecured mdb file. I am using 2002--2003
version.

 

[Billy]

Also, when I join the mdw I have just created, the accounts and users I
created are not available. When I rejoin the system mdw, the accounts
are there

 

[Joan Wild]

Billy, you need to join the mdw that has no users in it - just the Admin
user, Admins Group and Users Group.
Next open Access and create a new mdb.
Next import all objects from your mdb.

Does this work? If so (and only if it does), then run the security wizard,
choosing to create a new mdw. Be sure you don't decline any opportunity the
wizard gives you to backup your database, print any report, etc. Also be
sure to check the option to create a desktop shortcut.

You are basically starting from scratch.

 

[Billy]

Joan, I think I have done my best here! The report printed and all
looked good until I copied the secured database to the network. When I
went to another computer to access it, it pointed to my desktop. It
appears that I did not create a good shortcut (please help).
Also, I am ready to create front and back ends. So I copied the
secured database then tried to delete tables on this copy. I get an
error that relationships have to be deleted as well( is this normal and
do I just accept to delete the relationships?).
I am free floating in water at this time, hope I don't sink! This is
the first time I am doing the split.
Thanks again
Billy

 

[Joan Wild]

Joan, I think I have done my best here! The report printed and all
looked good until I copied the secured database to the network. When
I went to another computer to access it, it pointed to my desktop.

It sounds as though you didn't copy the mdb, but instead you copied the
shortcut.

Go to your PC and right-click on the desktop shortcut. It will have
something like the following in the target:

"c:\program files\Microsoft Office\Office11\msaccess.exe"
"c:\somepath\yoursecure.mdb" /wrkgrp "c:\somepath\secure.mdw"

You need to copy yoursecure.mdb from your C: to the network. Also copy the
secure.mdw to the network.

Modify your desktop shortcut and change
"c:\somepath\yoursecure.mdb" to whatever the path now is on the network.
Also modify your desktop shortcut to change
"C:\somepath\secure.mdw" to whatever the path now is on the network.

Test your desktop shortcut and make sure it works.

You can now copy the desktop shortcut (it's just a file with a lnk
extension) to the network.
Now if you go to another computer you should be able to copy the lnk file
from the network to that computer's desktop.
Test the shortcut to make sure it works.

Get that much working and then work on splitting it.

Also, I am ready to create front and back ends. So I copied the
secured database then tried to delete tables on this copy. I get an
error that relationships have to be deleted as well( is this normal
and do I just accept to delete the relationships?).

Yes you would. This copy will become the frontend. Then you'd open the
original (which will be the backend) and delete all objects except the
tables. Put this backend on the network. Then open the frontend and use
File, Get External Data, Link and navigate to the backend on the network,
and link to all the tables.

You'd put the frontend on your local PC, leave the backend and the secure
mdw on the network.

Now you'd modify the shortcut so that the path to the mdb portion is the
path to the frontend on your C: i.e something like:

c:\program files\microsoft office\office11\msaccess.exe"
"c:\path\frontendmdblocation.mdb" /wrkgrp "path to secure mdw on
network.mdw"

Next you'd copy the frontend from your PC to other computers, and modify
their desktop shortcut to reflect the location of the frontend on their C:.