A newly created Access 97 database is not secure when you convert a security-enhanced Access 2000 database to Access 97 format (198986)


The information in this article applies to:

  • Microsoft Access 2000
  • Microsoft Access 97
This article was previously published under Q198986
Moderate: Requires basic macro, coding, and interoperability skills.

This article applies only to a Microsoft Access database (.mdb).

SYMPTOMS

When you convert a security-enhanced Microsoft Access 2000 database to Microsoft Access 97 format, the newly created Access 97 database is not secure. Permissions are reset to their defaults in the newly created Access 97 database. This problem occurs because Access 2000 uses a new workgroup file that cannot be read by Access 97. Therefore, permissions on objects in the new database are reset.

Note The permissions on the source Access 2000 database are not affected. This problem does not constitute a security breach. When you convert a security-enhanced Microsoft Access 2000 database to Microsoft Access 97 format by using "Save As", you must have read-design permissions on all objects. Also, you must know the Microsoft Visual Basic for Applications project password, if one exists, to perform the conversion. If you have read-design permissions on all objects and you know the Visual Basic for Applications project password in Access 2000, you already have permissions to view the design of the objects.

RESOLUTION

If you want to have a security-enhanced version of the Access 97 database, the database administrator must re-secure the database in Access 97.

MORE INFORMATION

Steps to reproduce the problem

  1. Start Access 2000. In the Microsoft Access dialog box, click Blank Access database, and then click OK.
  2. In the Save in box, select a folder to which to save the new database, and then click Create.
  3. In the Database window, click Forms under Objects.
  4. Click New, click Design View, and then click OK.
  5. On the File menu, click Save and in the Save As box type OpenMe. Click OK.
  6. On the File menu, click Close.
  7. On the Tools menu, point to Security, and then click User and Group Accounts.
  8. Click the Change Logon Password tab.
  9. Type Admin in the New Password and Verify text boxes, and then click Apply.
  10. Click the Users tab.
  11. Click New, and in the Name box, type test.
  12. In the Personal ID box, type test1, and then click OK.
  13. Click OK to close the User and Groups Accounts dialog box.
  14. On the Tools menu, point to Security, and then click User and Group Permissions.
  15. On the Permissions tab, click the Groups option to show the Users group.
  16. Click the Users group, and then click Form under Object Type.
  17. Under Object Name, click OpenMe.
  18. Under Permissions, clear all permissions for the OpenMe form.
  19. Click the Users list, click the test user, and make sure all permissions for the OpenMe form are cleared.
  20. Click OK to apply changes and close the User and Group Permissions dialog box.
  21. On the Tools menu, point to Database Utilities, point to Convert Database, and then click To Prior Access Database Version.
  22. Choose a folder under Save in. Under Filename, type Acc97File, and then click Save.
  23. Start Microsoft Access 97.
  24. Click the Open an Existing Database option, and then click OK.
Note that any user can open and read or modify design on any object, including the OpenMe form.
Modification Type:MinorLast Reviewed:1/26/2005
Keywords:kbtshoot kbprb KB198986
©2004 Microsoft Corporation. All rights reserved.