Creating Security Objects

When you create a new Jet user or group account, either through the user interface or via code, you must supply a Personal IDentifier (PID). The PID is a case-sensitive 4-20 character string that Jet combines with the user or group name to create a unique Security IDentifier (SID). The SID is a unique identifier, which is similar to a public security key. Once you create the account, you can never view or change the SID. But (and this is why the SID is notable) if you ever delete the user or group account, and later decide to re-create it, you must use the same PID, because Access remembers it. If the resulting SID does not match, Access will not allow you to re-create the account. Therefore, whenever you create a new user or group account, save the SID offsite so you don't lose it.

When you create a new user account, you can also include a case-sensitive 1-14 character password, which the user must enter when they log on. The only user who can change the password is the user who owns it; however, members of the Admins group can clear any user's password.

Passwords and PIDs are encrypted and stored in the workgroup file, and thus, cannot be viewed by anyone. The following sections demonstrate how to create and modify user and group accounts, and includes code to add SIDs and passwords.

0 0

Post a comment