Windows logon <--> Access logon 
Author Message
 Windows logon <--> Access logon

Is it possible to connect an Access logon to a Windows
logon?

When someones logs onto Windows, that person also has
permission to the Access database.  Then, I could create
the permissions in the Access database based on the
Windows logon without having to create new logons in
Access.



Wed, 27 Apr 2005 03:57:52 GMT  
 Windows logon <--> Access logon
Basically the answer is NO. There is no point of integration between Access
security and NT security. However, you could create your own security that
can look at the NT logon, but that will be a rather time consuming process.

There is code for retrieving a network username at:

http://www.mvps.org/access/api/api0008.htm

--

Lynn Trapp
MS Access MVP
www.nwidevelopers.com
Access Security information : www.nwidevelopers.com/Security.htm

Please post back to this newsgroup for the benefit of others.


Quote:
> Is it possible to connect an Access logon to a Windows
> logon?

> When someones logs onto Windows, that person also has
> permission to the Access database.  Then, I could create
> the permissions in the Access database based on the
> Windows logon without having to create new logons in
> Access.



Wed, 27 Apr 2005 04:04:53 GMT  
 Windows logon <--> Access logon

Quote:
>-----Original Message-----
>Is it possible to connect an Access logon to a Windows
>logon?

I have never done it, but I have a scheme in mind to try
someday:

1. Implement user-level security in Access.

2.  Create a process that would run periodically under an
administrator's account.  The code (probably using DAO,
since ADOX never got fixed) would rebuild the users in
the .mdw file according to the users in the appropriate NT
domain login groups.

The maintenance logic is simple:

If NT_User Not in Access_Users, then Add NT_User to
Access_Users.

If Access_User Not in NT_Users, then delete Access_User.

3. If desired, and if the appropriate NT groups exist to
support it, maintain mirrored Access groups driven by the
same process.

4. All those users would have blank passwords in the .mdw
file.  Administrative usernames would have strong
passwords, just like normal.

5. Users would join the workgroup, and typically open
Access with a shortcut that had the command line
switches /user %username% /pwd ""

6. The Access database startup code would include
something like:

If CurrentUser <> GetNTUserFunction and CurrentUser Not In
AdminGroup then exit.

7. Set AllowByPassKey to False, and prevent it from being
reset in code, so Step 6 would be guaranteed to run.

This last part, I think, is the weak link.  Access has so
many back doors I am never sure I have closed them all!



Wed, 27 Apr 2005 06:22:03 GMT  
 
 [ 3 post ] 

 Relevant Pages 

1. ~~<|<|<|<*(#@#@@@&!!!^ATTENTION^!!!&@@@#@#)*>|>|>|>~~

2. <crtl><home>, <crtl><end>, <crtl><right arrow> does not work

3. <><><> missing command <><><>

4. Exchange logon and NT network logon

5. Local logon & Network Logon

6. Use OE in 1st logon, Outlook 2002 in 2nd logon on same PC

7. Problem: VB6 Outlook Com-Addin cannot logon with MAPISession.logon

8. {{<<<~!!!@@^ATTENTION^@@!!!~>>>}}

9. {{<<<~!!!@@^ATTENTION^@@!!!~>>>}}

10. {{<<<~!!!@@^ATTENTION^@@!!!~>>>}}


 
Powered by phpBB® Forum Software © phpBB Group