Welcome to SPN

Register and Join the most happening forum of Sikh community & intellectuals from around the world.

Sign Up Now!

BackEnd Security

Discussion in 'Information Technology' started by Ian, Jul 28, 2006.

  1. Ian

    Ian
    Expand Collapse
    Guest

    I have been through a number of threads on this topic and apologise if I am
    repeating what may have gone before.

    I have split my db after following Albert Kallal's excellent article. The FE
    is now locked down as an mde, and installed on the workstations. The BE is on
    the server in a folder only a dedicated list of users can access. The BE is
    still an mdb and as such a user can open the file, add new records to the
    tables, change the structure of the table or alter the primary key. They have
    no need to do this but you know inquisitive minds! How do I lock down the BE
    to prevent this happening, can I make the BE an mde as well (I wasn't sure
    from the article) or are there other steps I should take.

    Thanks for your suggestions,
    Ian.
     
  2. Loading...


  3. Joan Wild

    Joan Wild
    Expand Collapse
    Guest

    Ian wrote:
    > I have been through a number of threads on this topic and apologise
    > if I am repeating what may have gone before.
    >
    > I have split my db after following Albert Kallal's excellent article.
    > The FE is now locked down as an mde, and installed on the
    > workstations. The BE is on the server in a folder only a dedicated
    > list of users can access. The BE is still an mdb and as such a user
    > can open the file, add new records to the tables, change the
    > structure of the table or alter the primary key. They have no need to
    > do this but you know inquisitive minds! How do I lock down the BE to
    > prevent this happening, can I make the BE an mde as well (I wasn't
    > sure from the article) or are there other steps I should take.


    Since the backend contains only tables, making a mde will do nothing.

    You can put the backend in a hidden folder, so it can't be easily found in
    Windows Explorer. You do this by naming the shared folder with a $ sign at
    the end.
    \\server\share$ rather than \\server\share. It won't appear in Windows
    Explorer. A user could still get to it, but only if they know the path.

    You can put an autoexec macro in the backend that throws up a message
    telling the user to open the frontend; and follow that with the quit action.

    If your users are savvy enough to find the backend, and they know they can
    bypass the autoexec using the shiftkey, you can disable the shiftkey bypass
    (Albert has a utility on his site to do this).


    --
    Joan Wild
    Microsoft Access MVP
     
  4. Ian

    Ian
    Expand Collapse
    Guest

    Hi Joan,

    Thanks for the advice. I don't think the $ sign will work as my works IT
    department controls that and it doesn't fit with their plan for the network,
    however, the autoexec macro and disabling of the shiftkey bypass sounds good.

    You say you can put the macro in the BE, forgive my ignorance but is this
    just a case of opening the Macro pane in the Db Window, creating a new macro
    called Autoexec and putting the relevant actions in there? Are there any
    boxes to tick or untick in the Startup options (probably a stupid question,
    but I'm still learning this stuff).

    Thanks again,
    Ian.

    "Joan Wild" wrote:

    > Ian wrote:
    > > I have been through a number of threads on this topic and apologise
    > > if I am repeating what may have gone before.
    > >
    > > I have split my db after following Albert Kallal's excellent article.
    > > The FE is now locked down as an mde, and installed on the
    > > workstations. The BE is on the server in a folder only a dedicated
    > > list of users can access. The BE is still an mdb and as such a user
    > > can open the file, add new records to the tables, change the
    > > structure of the table or alter the primary key. They have no need to
    > > do this but you know inquisitive minds! How do I lock down the BE to
    > > prevent this happening, can I make the BE an mde as well (I wasn't
    > > sure from the article) or are there other steps I should take.

    >
    > Since the backend contains only tables, making a mde will do nothing.
    >
    > You can put the backend in a hidden folder, so it can't be easily found in
    > Windows Explorer. You do this by naming the shared folder with a $ sign at
    > the end.
    > \\server\share$ rather than \\server\share. It won't appear in Windows
    > Explorer. A user could still get to it, but only if they know the path.
    >
    > You can put an autoexec macro in the backend that throws up a message
    > telling the user to open the frontend; and follow that with the quit action.
    >
    > If your users are savvy enough to find the backend, and they know they can
    > bypass the autoexec using the shiftkey, you can disable the shiftkey bypass
    > (Albert has a utility on his site to do this).
    >
    >
    > --
    > Joan Wild
    > Microsoft Access MVP
    >
    >
    >
     
  5. Joan Wild

    Joan Wild
    Expand Collapse
    Guest

    Yes, that's all you'd do (nothing to do in the starup options).

    The name of the macr will be Autoexec
    First Action - Msgbox (fill in the details in the lower pane)
    Second Action - Quit


    --
    Joan Wild
    Microsoft Access MVP

    Ian wrote:
    > Hi Joan,
    >
    > Thanks for the advice. I don't think the $ sign will work as my works
    > IT department controls that and it doesn't fit with their plan for
    > the network, however, the autoexec macro and disabling of the
    > shiftkey bypass sounds good.
    >
    > You say you can put the macro in the BE, forgive my ignorance but is
    > this just a case of opening the Macro pane in the Db Window, creating
    > a new macro called Autoexec and putting the relevant actions in
    > there? Are there any boxes to tick or untick in the Startup options
    > (probably a stupid question, but I'm still learning this stuff).
    >
    > Thanks again,
    > Ian.
    >
    > "Joan Wild" wrote:
    >
    >> Ian wrote:
    >>> I have been through a number of threads on this topic and apologise
    >>> if I am repeating what may have gone before.
    >>>
    >>> I have split my db after following Albert Kallal's excellent
    >>> article. The FE is now locked down as an mde, and installed on the
    >>> workstations. The BE is on the server in a folder only a dedicated
    >>> list of users can access. The BE is still an mdb and as such a user
    >>> can open the file, add new records to the tables, change the
    >>> structure of the table or alter the primary key. They have no need
    >>> to do this but you know inquisitive minds! How do I lock down the
    >>> BE to prevent this happening, can I make the BE an mde as well (I
    >>> wasn't sure from the article) or are there other steps I should
    >>> take.

    >>
    >> Since the backend contains only tables, making a mde will do nothing.
    >>
    >> You can put the backend in a hidden folder, so it can't be easily
    >> found in Windows Explorer. You do this by naming the shared folder
    >> with a $ sign at the end.
    >> \\server\share$ rather than \\server\share. It won't appear in
    >> Windows Explorer. A user could still get to it, but only if they
    >> know the path.
    >>
    >> You can put an autoexec macro in the backend that throws up a message
    >> telling the user to open the frontend; and follow that with the quit
    >> action.
    >>
    >> If your users are savvy enough to find the backend, and they know
    >> they can bypass the autoexec using the shiftkey, you can disable the
    >> shiftkey bypass (Albert has a utility on his site to do this).
    >>
    >>
    >> --
    >> Joan Wild
    >> Microsoft Access MVP
     

Share This Page