Security System Set-Up Checklist

MICROSOFT ACCESS WORKGROUP SECURITY SETUP
CHECKLIST OF STEPS

WORKGROUP FILE SET-UP
The following Listing is a procedure checklist that I use when setting up security systems for Access 97 databases. It is NOT a replacement for understanding how Access security works, but a guide to ensure that all the necessary steps are completed as required. It will also double as the necessary documentation to recreate the security file in an emergency. I hope that you find it as helpful as I have.

i recommend that the user also review FAQ181-83 and FAQ181-1131 in conjunction with this checklist.


The WorkGroup File is the file that contains all security settings and user names for an MS Access database. For the " " system, the workgroup file
is " .mdw".

This file is located in the " " folder.
Warning: If this file is deleted or corrupted, no-one will be able to access the " " system at all. A Back-up copy should therefore be maintained at all times. In addition, the steps below will enable the " " .mdw file to be recreated as a last resort.
If a workgroup information file becomes damaged or has been deleted, and a backup copy isn't available, you can re-create the workgroup information file if you have the exact, case-sensitive information used to originally create the file and define the accounts and groups in the file originally. The workgroup files are created by using the Workgroup Administrator file Wrkgadm.exe. For the Windows NT Operating system, this file will be located in the C:\WinNT\System32" folder. Run the Wrkgadm.exe file by navigating to the folder and double-clicking on the file.

1 Create new Workgroup Administrator file
FileName: .mdw
Name:
Organisation:
Workgroup ID:
2 Load any database to allow access to the Security options

3 Open Tools/Security/User and Group Accounts.
Add a password to the Admin user (NOT Admins Group!) -
Security/Change Password " ".

4 Create a new user and PID. Note that PID is case sensitive, must be a minimum of 4 characters and MUST exist.
User (Owner) " " PID " ".
Member of Admins group
Member of " " group
Add the new user to the Admins group. It is automatically added to the Users group.

5 Remove the Admin User from the Admins group. This stops the default login from having administrator rights to the database.

6 Exit Access and log in as the new user. No password is required as yet.

7 Open the security wizard Tools/Security/User-Level Security Wizard.
Select all database objects. The wizard will then export (copy) them to a new database (new database name required!). The currently logged user will become the OWNER of the database, and will always have all rights to all objects in the database. The original database will not be amended in any way. Close the existing database.

8 Open the new secure database. Create new User groups as required and add Users to the group(s).
Tools/Security/User and Group Accounts.
Group = " "
PID = " "

Only add those users that require access to the database. Only add the minimal number of users to the Admins group, and all others to the required group. Remember that new users are created in the Users group automatically. NB: You cannot delete the Users group entirely.

9 Assign rights implicitly. That is, assign rights to groups rather than individual users. This makes it easier to update when new users are required in the future.

10 Set up a desktop shortcut to the new secured database. Use the format:
"Path to Acess.exe" "Path to Secure database" /wrkgrp "Path to Workgroup file"
For example:
"C:\Program Files\Microsoft Office\Office\MSAccess.exe" "C:\My Documents\My Database.mdb" /wrkgrp "C:\My Documents\Security\My SecurityGroup.mdw"