Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Security: Admins Group does NOT have full permissions.

Status
Not open for further replies.
tiana

tiana

IS-IT--Management
May 1, 2002
5
US


O.K. Am I missing something?

I have read more than a few texts from different sources that say the Admins GROUP has full permssions, and this is where the Admins USER derives its permissions.

Go into any workgroup file and you will see that the Admins group has no permissions. The Admins USER account along with the Users group account has full permissions. It is only through manual manipulation or by using the Security Wizard that the Admins group receives any permissions.

So why this misleading statement? Is it me?

Thank You

 
Sort by date Sort by votes
Your sources are definitely wrong.

In a non-modified situation the admin (user + group) as well as the user( user + group) has all rights.
This is why you need to create a new admin group first, then logg in as a user of this new group and then delete all rights of the original admin/user. Otherwise any standard SYSTEM.MDW can be used to access your (fake) securized application.
I recommend the "security"-articles in the MS KB and the ACCESS ONLINE ENCYCLOPEDIA ( for more details.
 
Upvote 0 Downvote
Actually, my source is Microsoft. On their FAQ's page, which you can get to by clicking the "FAQ's" tab at of this web page, the say...

"The Admin user account has no administrative powers built into it; they are derived from membership in the Admins group, which does."

Again, unless I am missing something, this statement is not true.

Is their something that I am not aware of?


 
Upvote 0 Downvote
have you encrypted and secured your MDB? You have to do this first. Once secured, users can only get into your mdb by joining the mdw file listed above. You may not actually see a box checked, but admins will have permissions. This is usually because admins is a group assigned permission. I have assigned group permissions - Production Clerk - to multiple users, but is fou look in their individual account you do not see the permissions checked.
Make sense?
-Smack
 
Upvote 0 Downvote
The statement -

"The Admin user account has no administrative powers built into it; they are derived from membership in the Admins group, which does."

is true but somewhat misleading unless you are familiar with Access security. BY DEFAULT the Admin user is a member of the Admins group account, therefore many people mention the Admins account as having full permissions. On a not secure database this is the normal configuration. To secure a database you must remove the Admins group permissions from Admin so they are not inherited. Since all accounts inherit the user permissions the Admin account is then left with only user permissions.

Steve King
Growth follows a healthy professional curiosity
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

TheresAlwaysAWay
  • Locked
  • Question
How can I make Access display a + sign in front of positive integers, just as it does - for neg? 2
Replies
8
Views
3K
TheresAlwaysAWay
TheresAlwaysAWay
TheresAlwaysAWay
  • Locked
  • Question
Long-established database suddenly giving error Cannot open macro [Name] because it is not valid
Replies
6
Views
572
dhookom
dhookom
iamchemist
  • Locked
  • Question
Windows 10 Security/Access Issue
Replies
5
Views
291
dhookom
dhookom
atadbitslow
  • Locked
  • Question
how to search data and display matches that include the user's input, but not necessarily match
Replies
5
Views
384
atadbitslow
atadbitslow
TheresAlwaysAWay
  • Locked
  • Question
Searching for a way to get Access to retrieve and use data from a hard drive file not within Access 3
Replies
13
Views
350
TheresAlwaysAWay
TheresAlwaysAWay

Part and Inventory Search

Sponsor

Back
Top