MS Access用户和组权限-不传播更改-多个用户MDE前端-网络后端
[英]MS Access User And Group Permissions - Changes Not Propagating - Multiple Users MDE Front End - Network Back End
问题描述
The setup: 
设置:
- X users each using an instance of a MS Access front end MDE which connects to a single back end MDB. X个用户各自使用MS Access前端MDE实例连接到单个后端MDB。
- User-Level access/permission controls in place (eg Users, Trusted-Users, Admins). 适当的用户级访问/权限控制(例如,用户,受信任的用户,管理员)。
- All changes are made via the Tool->Security->etc. 所有更改都是通过“工具”->“安全性”->“等”进行的。 MS Access menu options. MS Access菜单选项。
- All security is stored in a single secure.mdw file, to which all MDB instances connect. 所有安全性都存储在一个单独的secure.mdw文件中,所有MDB实例都连接到该文件。
The problem: 问题:
When modifying a particular group's permissions (eg Trusted-Users) - say, from being allowed to modify queries, to not be able to modify queries - the change works on the MDB instance the change was made (as expected), but not on the other instances (ie MDB instances on the other PCs).
当修改特定组的权限(例如,受信任的用户)时(例如,从被允许修改查询到无法修改查询),该更改将在MDB实例上进行(如预期的那样),但不会在其他实例(即其他PC上的MDB实例)。 Basically, after the change is made, if we then go to one of the other instances and log in as an Admin, we see that the permissions for the group (Trusted-Users) have not changed. 基本上,进行更改后,如果我们转到其他实例之一并以Admin身份登录,则可以看到该组(受信任用户)的权限没有更改。 Interestingly (back on the first MDB instance), if we move a user out of one group and into another group, then move to another MDB instance, we now see this change HAS propagated to all other instances - thereby indicating they do point to the same MDW file.
有趣的是(回到第一个MDB实例),如果我们将用户从一个组移出到另一个组,然后移到另一个MDB实例,我们现在看到此更改已传播到所有其他实例-从而表明他们确实指向了其他实例。相同的MDW文件。
Questions: 问题:
Is it the case that modifying a group's permissions on one MDB instance does NOT propagate to ALL MDB instances (even though they point to a single MDB file)?
是否在一个MDB实例上修改组的权限不会传播到所有MDB实例(即使它们指向单个MDB文件)? If yes, does this mean we must then re-install EVERY MDB instance after making a change to a group's permissions?
如果是,这是否意味着我们必须在更改组的权限后重新安装每个MDB实例? Or instead, is our approach incorrect?
还是相反,我们的方法不正确? Should we modify group permissions in a different way? 我们是否应该以其他方式修改组权限?
If you need any further information let me know. 如果您需要任何进一步的信息,请告诉我。
Many thanks. 非常感谢。
1 个解决方案
解决方案1
1 已采纳 2012-06-12 15:00:22
" All security is stored in a single secure.mdw file, to which all MDB instances connect. " “ 所有安全性都存储在一个单独的secure.mdw文件中,所有MDB实例都连接到该文件。 ”
The workgroup information file (MDW) stores only the definitions of users and groups. 工作组信息文件(MDW)仅存储用户和组的定义。 Database object permissions are stored in the database which contains those objects. 数据库对象权限存储在包含那些对象的数据库中。 And the database object permissions reference the users and groups defined in the MDW. 数据库对象权限引用了MDW中定义的用户和组。
So the permissions for your queries are stored in the MDE files. 因此,查询的权限存储在MDE文件中。 Changing permissions in one MDE has no effect on the other MDE copies. 在一个MDE中更改权限不会影响其他MDE副本。
You can do one of the following: 您可以执行以下操作之一:
- distribute updated MDE version to your users 向您的用户分发更新的MDE版本
- execute DDL statements (GRANT/REVOKE) by administrative user in each MDE 每个MDE中的管理用户执行DDL语句(GRANT / REVOKE)
" Interestingly (back on the first MDB instance), if we move a user out of one group and into another group, then move to another MDB instance, we now see this change HAS propagated to all other instances - thereby indicating they do point to the same MDW file. " “ 有趣的是(回到第一个MDB实例),如果我们将用户从一个组移出到另一个组,然后再移到另一个MDB实例,我们现在看到此更改已传播到所有其他实例-从而表明他们确实指向相同的MDW文件。 ”
In that case, you changed the definition of that user. 在这种情况下,您更改了该用户的定义 。 Her permissions will now be those granted to her group membership in the current MDE. 现在,她的权限将是授予当前MDE中的组成员资格的那些权限。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.