Re: Blocking MS Access from linking tables...

From: Mary Chipman (mchip_at_online.microsoft.com)
Date: 10/28/04 

Date: Thu, 28 Oct 2004 12:18:23 -0400

No. If you're using Windows authentication, and have granted
users/roles permissions on the base tables, then they can get at the
data no matter what tool they use. An alternative would be to revoke
permissions to public on the tables, and create an Access application
that does not use linked tables, but instead uses pass-through queries
to execute stored procedures. This is a lot more work since you'll
need to create an unbound FE, but it can be done. Only users who are
comfortable working with stored procedures would be able to get at the
data. Another option would be application roles, but they are a really
poor choice for linked table apps. see
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q229564.

--Mary

On Thu, 28 Oct 2004 13:54:05 GMT, "Matthew Wells"
<MWells@FirstByte.net> wrote:

>Good morning...
>
>I have an Access front end that uses SQL Server linked tables. SQL Server
>uses Windows authentication. I have one Windows group that all Access users
>are a member of. I added that group to SQL Server logins and gave it
>public, datareader, and datawriter rights to the one database that's used.
>My front end is locked down, but I want to stop users from creating a new
>.mdb and linking SQL Server tables through DSNs or ADO connections or even
>just importing the links from the actual front end.. I've tried setting the
>"denydatareader" security policy - that keeps the SQL tables from being seen
>in the import/link list- but also blocks read rights from the actual front
>end database. I could set an Access database password on the front end to
>block importing the links, but that only solves one of the three problems
>and I want to stay away from Access security altogether.
>
>Is there a way to stop users from creating their own DSNs or connection
>objects or linking tables while still using Windows authentication?
>
>Thanks.
>
>Matthew Wells
>MWells@FirstByte.net
>

Relevant Pages

  • Re: Blocking MS Access from linking tables...
    ... Does connection pooling work the same way? ... database that was converted from Access to SQL Server. ... I know that using an Access form can create multiple SPIDs on SQL Server ... If you're using Windows authentication, ...
    (microsoft.public.sqlserver.security)
  • Re: cannot open database requested in login
    ... Is the connection object using Windows Authentication? ... Allan Mitchell MCSE,MCDBA, (Microsoft SQL Server MVP) www.SQLDTS.com - The site for all your DTS needs. ... > I have a DTS replication which truncates the destination> of one database and copies all the rows from the source> table of another database of same serverin> first step. ...
    (microsoft.public.sqlserver.dts)
  • Re: How to install and configure SQL Server 2005 on Net work and s
    ... Authentication" or mix both when I install SQL Server 2005? ... for DBA to login to do dabase management in future? ... database to backend and then link all table from front Access database to ... Each user they required Windows Authentication when they open they won ...
    (microsoft.public.sqlserver.security)
  • Re: Trouble connecting to SQL Server express over Peer to Peer network
    ... I have a program that accesses an SQL Server Express database. ... Configuration and I connect using Windows Authentication. ... that have never been connected to the domain, I have an issue connecting. ...
    (microsoft.public.vb.general.discussion)
  • Re: Credentials not being passed with remote access
    ... allowed windows authentication to work, ... I had assumed johnx was a domain user rather than a local Windows account. ... johnx was set up as a local login on sql server. ...
    (microsoft.public.sqlserver.security)