Secured MS Access DB, security just "goes away" when i join a new .MDW

[JulieMontgomery]

I'm preparing to distribute a secured Access DB via our company's network. I have set up user-level security using the security wizard, removed user "admin" from the Admins group, established the user "Administrator" as the new administrator, and set object permissions for my different groups. "Administrator" is the only member of the Admins group.

The security works great while I'm joined to the .mdw file I created for this database. However, then I tried joining a different .mdw to make sure my database stayed secure. Instead, it was as though there were no security in place at all, I was no longer prompted for a password and I could update the data. I get the security back if I re-join the special .mdw file I created.

I have not yet created a shortcut with command line tying this database to the appropriate .mdw file, but even if I do that it appears that a user will be able to bypass the security by navigating to the database directly from windows explorer. What am I doing wrong? Am I missing something obvious?

 

[JoeAtWork]

Probably Admin is still a member of the Users group. Try doing this:

Remove Admin from the Users group.
Remove all rights from the Users group.

 

[JulieMontgomery]

Joe, thanks for your response.

I removed rights from the Users group, and I removed Admin from the Admins group. Access will not let me remove Admin from the Users group, it says everyone must be a member of the users group. When I try joining a different workgroup file, I do it using the workgroup administrator via Access, and I join the default System.mdw file. Once I do that and then go into my database I'm no longer prompted for a password. When I check "User and Group Permissions", all the permissions I set have been undone, the only groups are the Users and Admins groups, and the only user is Admin. If I then manually re-join my new workgroup information file and go into the database again, all the permissions, users, and groups I created have returned. I did try establishing a new administrator, Allmighty, and removing Administrator (in case that was a reserved word that was somehow triggering my problem), and I re-ran the user level security wizard, but I'm still having the same problem.

 

[JerryKlmns]

Does Admin user have a password?

 

[JulieMontgomery]

I verified that user Admin has a password, group Users has no permissions, user Admin has been removed from group Admins. Still had the problem, however I was able to implement user-level security successfully with a new test database created in an attempt to figure out my problem. I may have missed something, but I'm concluding based on my observations that this problem is specific to this database, and I'm not going to delve into it further.

For this database, my workaround has been to create a new group, Developers, with full permissions. My Allmighty user has been added to this group, and I removed all permissions from my Admins group.

I came across the following paper:

http://www.geocities.com/jacksonmacd/.

It provides a good desciption of MS Access Security. The author recommends NOT using the User-level security wizard but instead setting up the security manually. I'm wondering if my initial use of the Wizard may have tweaked something and screwed up my permissions behind the scenes somehow??? In any case, my workaround appears successful.