| Microsoft Office 2000/Visual Basic Programmer's Guide | |
The User-Level Security Wizard provides the option to create up to seven predefined groups in addition to the default Admins and Users groups. These groups cover many of the typical roles required to manage a secured database. The following table describes each of the groups you can create by using the User-Level Security Wizard and the set of permissions assigned to each group for each object type.
| Group name | Description | Database permissions | Table permissions (including new tables) | Query permissions (including new queries) | Form, report, and macro permissions |
| Full Permissions | Has full permissions on all database objects but cannot assign permissions to other users | Open/Run Open Exclusive |
All except Administer | All except Administer | All except Administer |
| Project Designers | Has full permissions to edit data and all objects, but can't alter the tables or relationships | Open/Run Open Exclusive |
Read Design Read Data Update Data Insert Data Delete Data |
Read Design Read Data Update Data Insert Data Delete Data Modify Design |
Open/Run Read Design Modify Design |
| Full Data Users | Has full permissions to edit data, but can't alter the design of any database objects | Open/Run Open Exclusive |
Read Design Read Data Update Data Insert Data Delete Data |
Read Design Read Data Update Data Insert Data Delete Data |
Open/Run |
| Read-Only Users | Can read all data, but can't alter the design of any database objects | Open/Run | Read Design Read Data |
Read Design Read Data |
Open/Run |
| Update Data Users | Can read and update data, but can't alter the design of any database objects, or insert or delete data | Open/Run | Read Design Read Data Update Data |
Read Design Read Data Update Data |
Open/Run |
| New Data Users | Can read and insert data, but can't alter the design of any database object, or delete or update data | Open/Run | Read Design Read Data Insert Data |
Read Design Read Data Insert Data |
Open/Run |
| Backup Operators | Can open the database exclusively for backup and compacting, but can't see any database objects | Open/Run Open Exclusive |
None | None | None |
If you want to create additional groups or accounts for new users, you can do so by using the User And Group Accounts dialog box, available from the Security submenu on the Tools menu. If you selected only some of the predefined groups when you originally ran the User-Level Security Wizard, and find that you want to use additional predefined groups, you can run the wizard again to add them. You can also run the wizard again to add new users and to assign them to the appropriate groups. Keep in mind that the user and group accounts created when you run the wizard are stored either in the workgroup information file created by the wizard, or in the file that was being used when you started the wizard (if you chose to modify it). Before running the wizard again or using the User And Group Accounts dialog box, be sure to specify the correct workgroup information file when you log on.
As mentioned earlier, it's best to assign permissions to groups rather than to individual users. This way, administering your workgroup becomes simply a matter of assigning users to the appropriate groups. If you use the predefined groups provided by the User-Level Security Wizard, you can assign permissions to any new users by running the wizard again or by using the User And Group Accounts dialog box to assign new users to the appropriate groups.
If you find that you need to change the set of permissions for any of the predefined groups, or to assign permissions for any groups you created yourself, use the User And Group Permissions dialog box (Tools menu, Security submenu).