 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
MS Access Forum / Security / September 2006Ugh! Permissions dilema...
Hello everyone. I'm using A02 on XP. DB is an old A97 that was converted up to A02. Have a user group with edit rights and they work fine on one form but not on another. I cannot figure it out! I've checked the permissions from the DB to tables to queries to forms. If I give someone in the group admin rights, all is well but I can't do that for everyday permissions. Just can't figure out what I'm missing. Is there some glitch I'm not aware of? Must I create a new empty DB and import all my objects? I've been fighting with this for hours! Thanks in advance for any advice!  SignatureBonnie Hi Bonnie. May I please have permission to reach inside your pants and finger you? > Hello everyone. I'm using A02 on XP. DB is an old A97 that was converted > up [quoted text clipped - 9 lines] > > Thanks in advance for any advice! What is the specific error message? That usually tells you the object you need to focus on. i.e 'you do not have permission to use xxx object...' What are the permissions on that object? Does that object have any lookup fields - (yet another reason to avoid them); users need permission on the lookup table. SignatureJoan Wild Microsoft Access MVP > Hello everyone. I'm using A02 on XP. DB is an old A97 that was > converted up to A02. Have a user group with edit rights and they [quoted text clipped - 9 lines] > -- > Bonnie Hi Joan, Thanks very much for your inquiry. I get no message. It simply will not respond. There is no status bar message or dialog box. I can edit as my all-powerful self but when I log in as one of the RPSAdm group I can edit some forms and this one I cannot. I place the mouse in the field and there is no response to my keystrokes. P.S. What should I do about the reply I got above from 'bad man'? He doesn't offend me, he's just showing himself to be a twit. Is there any way for the PTB's to block foul posting addresses from our newsgroups? Thanks again! SignatureBonnie > What is the specific error message? That usually tells you the object you > need to focus on. [quoted text clipped - 18 lines] > > -- > > Bonnie >P.S. What should I do about the reply I got above from 'bad man'? You can follow the advice "bad man," AKA Trey Davis, Steve, etc, received in another thread when he apologized, and then continued his offensive posts: > I WAS WRONG > [quoted text clipped - 6 lines] > > Again, please accept my sincere apology. Since you posted so many offensive messages as "bad man" and Trey Davis this morning *after* you posted this one, your sincerity is doubtful. I'm very pleased to inform you that this can easily be fixed by doing all of the following: 1) Open Outlook Explorer and right click on a message from "bad man" or Trey Davis. Select Properties | Details and look at the message header: From: "bad man" <badman@hotmail.com> References: <83EFABA1-8F55-435F-B689-79D7FDA24E5F@microsoft.com> Subject: Re: Ugh! Permissions dilema... Date: Fri, 22 Sep 2006 13:57:50 -0500 Lines: 24 X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-RFC2646: Format=Flowed; Original Message-ID: <ethHBkn3GHA.3656@TK2MSFTNGP04.phx.gbl> Newsgroups: microsoft.public.access.security NNTP-Posting-Host: 216.253.202.174 Path: TK2MSFTNGP01.phx.gbl!TK2MSFTNGP04.phx.gbl Xref: TK2MSFTNGP01.phx.gbl microsoft.public.access.security:71723 2) Copy the IP address for the NNTP-Posting-Host, 216.253.202.174, and paste it into the text box on this web page: http://www.melissadata.com/Lookups/iplocation.asp 3) Copy the ISP name and Google for it to find the company's web page. Follow the link to the company's web site. Click on the city named as the IP location to find the company's local office phone number and then scroll down to find the "Contact Us" email address. 4) Send the following email and then call the company to let them know you sent it: Please forward this message to your company's HR office. One of your company employees in the Oklahoma City/Broken Arrow area appears to be intoxicated at work today, and appears to have been intoxicated on Monday and Thursday, too. He has been busy every day this week harassing people, sending spam, providing misinformation while impersonating a Microsoft-designated expert, and using foul, offensive language, all by transmitting messages from your company's network to thousands of news servers and web sites worldwide. Your employee has gotten so carried away that one person suspects your employee may be cyber-stalking him, mistaking him for some enemy. Since your company is responsible for the actions of its employees, including his impersonation of multiple officially-designated Microsoft Most Valuable Professionals, but especially since his intoxication at work may pose a danger to himself or others, I know you'll want to address this as soon as possible. Your employee didn't give his full name, but he gave several clues as to his identity. The young man's first name is probably Steve. He's been broadcasting his hundreds of offensive and misleading messages from your company's proxy server in the Oklahoma City area and started doing most of his disruptive behavior beginning at about 2:30 PM Central Time on Monday and Tuesday, which is probably after his boss had gone home for the day or was in meetings and couldn't closely supervise 'Steve.' Since Wednesday, 'Steve' has been broadcasting his offensive and disruptive messages from your company's network all day during business hours, indicating that his boss has probably been out of town on business or on vacation since Wednesday. 'Steve' was working on a Microsoft Access database last Friday and Monday of this week, attempting to prevent the graphics filter message from displaying (like "importing imageName.jpg") whenever loading images into a subform. He was also trying to determine how to tell whenever a user on another computer was accessing a particular record in the database. Anyone can easily trace the originator of these messages and discover that they are coming from your company's network by Googling any of the messages, like this one: http://groups.google.com/group/microsoft.public.access.forms/browse_frm/thread/7 c1d8ce6463ea55d/0565d692a069564b?&hl=en#0565d692a069564b Click on "show options" on the second message in the thread, the one from "bad man." Click on "Show original." A new window opens, showing the message with its headers, including this line: NNTP-Posting-Host: 216.253.202.174 Or you can check the first offensive message from Steve: http://groups.google.com/group/microsoft.public.access/browse_frm/thread/da3aa2d a60292e1e/3836f6112c81a35a?&hl=en#3836f6112c81a35a Click on "show options" on the third message in the thread, the one from "Steve." If you check this message's headers, it includes this line: NNTP-Posting-Host: 216.253.202.174 The NNTP-Posting-Host is the IP address of the computer used to post that message. Anyone can find which company this computer uses to connect to the Internet by checking the public records for Internet Service Providers (ISP). One such URL for these public records is http://www.melissadata.com/Lookups/iplocation.asp and I think you'll find familiar the name of the company it reveals. 'Steve' has been posting his messages as "bad man," Trey Davis, David Pawloski, Armando Blanco, and George Bateman, and he'll undoubtedly keep changing the name he posts under as each name is blocked by readers. You can look at these messages and verify that they've been posted by the same computer on your company's network: http://groups.google.com/groups?as_q=&num=100&scoring=d&hl=en&as_epq=&as_oq=&as_ eq=&as_ugroup=*access*&as_usubject=&as_uauthors=bad+man&lr=lang_en&as_drrb=q&saf e=off http://groups.google.com/groups?as_q=&num=100&scoring=d&hl=en&as_epq=&as_oq=&as_ eq=&as_ugroup=*access*&as_usubject=&as_uauthors=Trey+Davis&lr=lang_en http://groups.google.com/groups/search?enc_author=MEqQBhUAAADtbBkLzmQ8H44PMiEiRP I7M2QSjOpuh1pnvFAOUlylOg&scoring=d&hl=en http://groups.google.com/groups/search?enc_author=gjXsOxcAAAB3y3V1Y09-JcgacQy73Q 9_HqZiDvCVswhrZ6TQxKj0ww&scoring=d&hl=en http://groups.google.com/groups/search?enc_author=cboHkxUAAACPyWel6loaaqOcx_WPtP 4g9h3i3SmjGmAJbX05nZ-8fQ&scoring=d&hl=en ****************************** Did I actually send this message to your employer? Of course not. I'm willing to give you a second chance to mend your ways, Steve. But the question is this: "Are you sure that everyone else is just as willing?" > 3) Copy the ISP name and Google for it to find the company's web page. > Follow the link to the company's web site. Click on the city named as the > IP > location to find the company's local office phone number and then scroll > down > to find the "Contact Us" email address. Am I missing something here Granny? Does this assume that the offender works for the ISP? Thanks. Keith. > Does this assume that the offender > works for the ISP? The ISP has been assigned IP addresses that provide Internet services for other computers. An ISP can sell those Internet services to the general public (like AOL, Comcast, Earthlink, etc.) or the ISP can use those Internet services in-house, as most companies do. Since the ISP in question is not in the business of selling Internet services to the public, we can assume that it's an in-house computer that connects to the proxy server that connected to the Internet to post those messages. And since these offenses occurred during regular business hours, it's likely an employee of that business that has access to the computer used. In any case, it's that company who is legally responsible for getting to the bottom of this, whether it's a current employee, the son of a current employee visiting the company's office, or a hacker causing mischief. They can start with the assumption that it's their own employee (who else has access to their computer network?) and go from there. >> Does this assume that the offender >> works for the ISP? [quoted text clipped - 21 lines] > own employee (who else has access to their computer network?) and go from > there. Understood, thanks for the info. Keith. Hi Keith, Thanks for your efforts to keep the newsgroups 'clean'. And thanks to 'Granny' for the input. SignatureBonnie W. Anderson Cincinnati, OH > >> Does this assume that the offender > >> works for the ISP? [quoted text clipped - 25 lines] > > Keith. > Hi Keith, > > Thanks for your efforts to keep the newsgroups 'clean'. And thanks to > 'Granny' for the input. I just didn't quite understand Granny's explanation but do now ... I think ;-) I followed my work IP using Granny's link and it returned the correct provider (CSC) but the location was way out. Having said that I'm sure CSC would have no problem in tracing me should the need arise (and I sincerely hope it doesn't). Keith. www.keithwilby.com > I followed my work IP using Granny's link and it returned the correct > provider (CSC) but the location was way out. The ISP's themselves are responsible for keeping the public records up-to- date, and many of them don't. Also, IP addresses are issued in *banks* of IP addresses assigned to the ISP's. Each bank of IP addresses is registered with a single geographical location where those IP addresses are to be used, so your location could be 1,000 miles away from headquarters, and your company's headquarters location could be registered as your IP address location, not your physical location. That is odd; I can't think of a reason for this. They obviously have open permission on the form. What is the record source for the form? Can you open it directly as one of the RPSAdm and see any records, or add/edit anything there? If you can do that, check that there isn't some code behind your form causing the problem. As for 'bad man', I suggest you just ignore it. SignatureJoan Wild Microsoft Access MVP > Hi Joan, > [quoted text clipped - 39 lines] >>> -- >>> Bonnie Hi Joan, I have opened the linked table and the query as one of the administrators and have the same inability to edit. Have deleted the link and relinked it (tables are in a backend DB). Should I try to create a new shell DB and import my objects? Thanks very much for your help. SignatureBonnie W. Anderson Cincinnati, OH > That is odd; I can't think of a reason for this. They obviously have open > permission on the form. [quoted text clipped - 50 lines] > >>> -- > >>> Bonnie That suggests that there is something in the form preventing the edits, since you can edit the recordsource. check the code behind the form to see if there is something locking things; also check the properties of the form (allow edits, etc) SignatureJoan Wild Microsoft Access MVP > Hi Joan, > [quoted text clipped - 67 lines] >>>>> -- >>>>> Bonnie |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2010 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.