Using User Level Security Wizard

[skk]

I think I'm finally getting this User Level Security (ULS) Wizard but I still
have few questions. Could you help? Thank in advance.

1. When you go through ULS, you assign a username & password but what if
user wants to change their password later on. How can this be done? Or if you
leave the password blank, where can user reset or update their password?

2. After ULS is done at my desktop I wanted to simulate the production
version so, I've copied all the necessary files to server (app.mdw,
appBE.mdb) & shortcut, appFE.mdb to user’s desktop. When user (listed user)
tried to run the app with the shortcut (error msg showing my desktop path)
can't open the app, even though I've modified the target path to new server.
Did I take the right steps (ULS wizard at my desktop & copy files to
production server (BE) & user’s desktop (FE)) or do I copy files to
production server & run the ULS wizard in there?

3. If user list has to be updated (add, delete or permission) do I have to
ran the ULS again in unsecured database and copy the new version to server?
Also, what if user wants to update the user list by them self?

 

[Joan Wild]

1. When you go through ULS, you assign a username & password but what
if user wants to change their password later on. How can this be
done? Or if you leave the password blank, where can user reset or
update their password?

Via Tools, Security, Accounts...Change Password tab

2. After ULS is done at my desktop I wanted to simulate the production
version so, I've copied all the necessary files to server (app.mdw,
appBE.mdb) & shortcut, appFE.mdb to user's desktop. When user
(listed user) tried to run the app with the shortcut (error msg
showing my desktop path) can't open the app, even though I've
modified the target path to new server. Did I take the right steps
(ULS wizard at my desktop & copy files to production server (BE) &
user's desktop (FE)) or do I copy files to production server & run
the ULS wizard in there?

You did everything right, except that once the appBE.mdb is on the server,
you need to refresh the table links in the appFE.mdb to reflect the new
location of the tables. Tools, Database Utilities, Linked Table Manager -
put a check at the bottom and select all. When you navigate to the
appBE.mdb in its new location, use My Network Places, and it'll use the UNC
pathname.
Then copy this frontend out to the users.

3. If user list has to be updated (add, delete or permission) do I
have to ran the ULS again in unsecured database and copy the new
version to server? Also, what if user wants to update the user list
by them self?

Users/group memberships are stored in the mdw. You can add/delete users via
Tools, security, accounts menu.

Permissions are stored in the mdb file. So if you modify any permissions,
they'd only apply to your copy of the frontend. So you'd then copy the
updated frontend to each user and overwrite their existing frontend. There
are methods to automate this updating. Tony Toews has one at
http://www.granite.ab.ca/access/autofe.htm

 

[skk]

Joan, thanks for your reply but more questions .......

1. for testing purposes I've created user with password and other user with
blank password; you've answered in #1 "Via Tools, Security, Accounts...Change
Password tab" but when I open the security.mdw I only see "Admins" &
"mylogin". I don't see any other user name that I created so, I could not
change their password even though I've access the applicatin with other user
name. What if user wants to change their own password do they have to open
the "security.mdw" and update? what about the user with blank password? I
appreciate your help.

 

[Joan Wild]

Don't open the mdw directly. Open your mdb, logging in, and then go to
Tools, security, accounts, change password.

The user with a blank password would still use the tools menu item. The
change password tab asks for the old password (which they'd leave blank),
and a new password to set.

 

[skk]

Again, thanks for the quick reply. Here is the steps that I took & below
steps preventing user to see "Tools" menu on the top.

1. created the ULS
2. split the database (db)
3. for both FE & BE startup menu (checked "Display Status Bar" & "Allow
Built-in Toolbars")
4. for both FE & BE I've added Module "basSecureByPass" so, user can't use
the hold shift key to access objects.
5. On Server – install “appBE.mdb†& “app.mdwâ€
6. User Desktop - install “appFE.mdb†& shortcut

I understand that you said to open the mdb and change the permission
(yes,developer can do that) but in order to for user to change their own
password I have to activate the "Allow Full Menus" which means user wil have
an admin function. I've added the step #3, #4 so, the codes & objects are
protected from the user. Should I just setup user name & pw and not letting
them to change their own?

Did I take the right steps for the production copy or would you recommend
differntly?

 

[Joan Wild]

1. created the ULS
2. split the database (db)

How did you split? If you used the splitter wizard, then you'll find the
backend is unsecure. You need to split manually:
www.jmwild.com/SplitSecure.htm

3. for both FE & BE startup menu (checked "Display Status Bar" &
"Allow Built-in Toolbars")

I assume you mean unchecked (why no status bar?)

4. for both FE & BE I've added Module "basSecureByPass" so, user
can't use the hold shift key to access objects.

I hope you realize that just adding this module does nothing, you need to
run it in order to disable the shiftkey bypass, and even then it'll only
apply on the next reopen.

5. On Server - install "appBE.mdb" & "app.mdw"
6. User Desktop - install "appFE.mdb" & shortcut

I understand that you said to open the mdb and change the permission
(yes,developer can do that) but in order to for user to change their
own password I have to activate the "Allow Full Menus" which means
user wil have an admin function. I've added the step #3, #4 so, the
codes & objects are protected from the user. Should I just setup
user name & pw and not letting them to change their own?

I didn't realize you show no menus. You could create a custom menu that has
only the items you want. But a cleaner solution is to provide a form for
them to change their password. At its simplest: an unbound form with three
textboxes txtUsername, txtPwd, txtConfirmPwd
Add a button with the following in its click event

DbEngine.Workspaces(0).Users(Me!txtUsername).NewPassword Me!txtPwd,
Me!txtConfirmPwd

Look in Help for more details.

 

[skk]

Joan,

Split manual "yes", of course that's how I've learned by reading your
website. And "yes" I've ran the code to disable the Bypass Shiftkey. And
I'll dig up more to implement the custom login & password. Thank you so much
for all your help. I'm learning each and everyday.

 

[Joan Wild]

Joan,

Split manual "yes", of course that's how I've learned by reading your
website. And "yes" I've ran the code to disable the Bypass Shiftkey.

Great, just wanted to be sure.

And I'll dig up more to implement the custom login & password. Thank
you so much for all your help. I'm learning each and everyday.

Aren't we all! I learned so much in the last two hours, I'm taking the rest
of the day off.