How to properly secure an SQL Server/MS Access App? 1

[agc1976]

I'm using SQL Server with MS Access 97 as a front end.

I used a lot of bound forms (to SQL linked tables) in my application. From what I've read in this forum, that's a mistake : (

The application is currently at advanced stages of development so I can't do some major tweaking (i.e. unbounding the forms).

I'm using NT security and all users of the DB have read/write access to all of the tables. I was planning to control the security via Access, but there would still be some security holes if I use this approach (i.e. users could create a new MDB and link the SQL Server tables... this will give them full unrestricted access to the data).

What is the best way to secure the database if I use bound forms? Users need read/write access to the tables in order for the bound forms to work.

Any help or references are welcome...

Thanks

 

[foxdev]

I'm not an Access user, so forgive me if this will not work: think about using Application Role security. This would allow people to only access the database by way of your Access application. Robert Bradley

http://www.agrainofhope.org

http://www.lowcostprints.com

http://www.foxdev.com

 

[agc1976]

foxdev, I looked for what you suggested and that seems to do the job.

Thanks!