I have just finished completing a robocopy move of data from one network share to another (new) share.
It appears all the MS Access databases are now prompting for a password when they haven't had one set. I have done extensive searches and haven't yet been able to find a solution.
I thought it may have been a security permission issue on the new share however I have copied the file to my local drive and I get the same password prompt. All users have full access to open this file.
I don't know anything about Access and even less about databases, please keep this in mind when responding (hopefully).
Regards
Grahame
Who/What is asking for the password? The operating system? Or Access itself (does the access program open before the password is asked for?)?
Quick fix would be to grab the original and place it in the required location instead of the robocopied one. Also there may be permission issues on the file itself rather than the directory.
Related
I have compact on close enabled but databases in my local GDrive folder do not complete the compact/repair operation (Office 365 64 bit).
The message is:
The compact and repair operation has been cancelled. You might not have adequate permissions to the folder that the database is located in. You need full permissions to the directory the database is located to compact and repair. Contact your system administrator for more information.
I notice that when this is displayed, Access has created a temporary database for the operation: Database.mdb.
When I look at the properties of this file, there is a security message:
This file came from another computer and could be blocked to protect this computer.
There is the usual "Unblock" checkbox.
I have this folder and subfolders added to the trust centre settings, but can't work out why this is happening. On my other PC, accessing the same files synchronised using the google drive app, I don't have the same problem.
The file is only ever opened by one person in one location at a time. It doesn't seem to be an ownership or machine-specific problem. If I create a new database in this folder, and enable compact on close, I get the same result.
I can copy the file(s) to another folder and compact/repair works fine. So, it's not a huge deal, but I'd like to know what's going on.
All help much appreciated.
I've taken over an old software project which uses an MS Access database to store its data. However the database won't open in Access as it says:
"You do not have the necessary permissions to use the 'database.mdb' object. Have your system administrator or the person who created this object to establish the appropriate permissions for you."
But I have no idea how to do this and googling reveals almost nothing (it seems restricting access to Access databases it not something that's done very often!). The only other clue I've got is there's a .MDW (workgroup) file in the same folder, but I don't know if (or how) this relates to the main database as it has a different filename and also doesn't open.
How can I get access to this database? Is it likely to be password protected or just some kind of permissions problem?
The chances are pretty good that the .mdw file is the workgroup file for that .mdb database. (The .mdw file does not need to have the same name as the .mdb file because several different .mdb files can all share the same workgroup security settings.)
To access an .mdb file that has user-level (workgroup) security enabled you need to open it using a shortcut (or command-line invocation) of the form
"C:\Program Files\Microsoft Office\Office14\MSACCESS.EXE" "C:\Users\Public\uls\ulsTest.mdb" /WRKGRP "C:\Users\Public\uls\Security.mdw"
For a more detailed write-up, take a look here.
Is it possible to attach a database that is stored on a remote server because when I mapped a drive and tried to attach it in management studio, the drive does not show up as an option. I moved it because of disk space and if I cannot what is the alternative suggestions?
You should be able to attach a database on UNC path (I wouldn't use a mapped drive - that drive is mapped for you, not the SQL Server service account), but you have to ensure that the SQL Server service account has read/write permissions on the remote folder, and you have to run trace flag 1807 (please read Brent Ozar's post about this).
Also don't use the GUI for this. Once you have the trace flag set, have restarted the service, and have configured permissions correctly, use a new query window, and run the following command:
CREATE DATABASE db_name
ON (Filename = '\\uncpath\share\file.mdf'),
(Filename = '\\uncpath\share\file.ldf')
FOR ATTACH;
(The UI is never going to offer you a UNC path no matter what trace flags you have set or what permissions are enabled.)
Be prepared to handle a corrupted and possibly unrecoverable database should the network share go down, of course.
If that sounds scary to you, good! It should! This is not a good idea at all. Instead you should free up some space, add a drive, or host the database on a different instance.
I want to give a remote site (owned my someone else) access to the mysql database on my server that is password protected, but I dont want to reveal the actual password to them.
Is it possible to have the mysql access file (with username and pswd) on my server, and they just connect through it, so that their site can access data in my MYSQL db, but I am not actually openely revealing the pswd to them.
Can such access also be give on a read only basis. I just want to make it so they can query the database, but not download the whole database or make changes to it.
The remote party will need credentials to be able to do anything with your MySQL database. Even if you were to open up some sort of file share to let them get to the physical files, that still doesn't let them do anything with the files (and it is not a good idea to expose the actual files outside of the database server).
Setup a separate user account just for them that provides them with just the permissions they need.
You can limit which MySQL databases the are allowed to access, and exactly what they can do in each individual database.
https://dev.mysql.com/doc/refman/5.5/en/adding-users.html
My question is whether or not it is possible to allow DB connections ONLY from a certain domain. I suppose this could be done by checking the referral URL, but I was curious if there is an easier way.
The reason I am asking this is because I had a thought of someone randomly searching for the config.php file on my server and, if they found out, would simply be able to include it and run mysql queries at will. This is definitely something I would not want.
Is it better to just hide the config file in an unusual place?
Thanks in advance,
Phil
First of all, your config.php should not be publicly accessible from the web. Your Web Server should be able to include the file, when needed, but the file itself should never be served up in your web server. With the correct configuration, you shouldn't have to worry about someone "finding" your config.php via a browser.
Also, on the database side, you should setup your database so that it only accepts connections from your web server(s). It should not be publicly accessible to anyone on the internet.
If someone is already on your web server that shouldn't be there, you probably have bigger issues. This might be unavoidable in some shared hosting scenarios, but if that's a concern, get a private server or a hosting provider that will correctly set up permissions for you.
If they are inside the system and can see your files, the chances of you doing much to protect your DB are pretty slim. As for blocking other IPs connecting, you can specifically allow hosts to a DB.
I suppose this could be done by checking the referral URL, but I was curious if there is an easier way.
No. Referer is an HTTP concept, it has no meaning once you get to the database level.
The reason I am asking this is because I had a thought of someone randomly searching for the config.php file on my server
The config file should not be directly accessible over HTTP, and even if it was, it should be executed before being served. So it shouldn't be possible to get to the database credentials remotely.
If you are concerned about other people on the same shared hosting, then your file system permissions should prevent access.
I would control access with my user table. For ex: MYSQL 5.5 has a mysql.user table with username, password, hostname, and privileges. If you were to set 'hostname' of each user to the specific domain,
ie. 'update mysql.user set hostname = 'somedomain.com' where user = 'root' and hostname = '127.0.0.1';, the root user would only be able to login from that domain (unless there were multiple entries for the root user in the user table, which there are.) Of course, if you are using only one account for your database access across your application / website, this will not work.