Microsoft Office 2000/Visual Basic Programmer's Guide

Security and Database Replication

Database replicas use the same security model as all Microsoft Jet databases: Users' permissions on database objects are determined at the time they start Microsoft Jet and log on. It's up to you, the developer, to make sure the same security information is available at each location where a replica is used.

You can do this by making the identical workgroup information file available to users at each location where a replica is used. Although the workgroup information file cannot be replicated, it can be manually copied to each location.

Alternatively, you can create a new workgroup information file at each location and then re-create the required user and group accounts needed at each location by entering the same user and group names with their associated PIDs.

Note   Modifications to permissions are considered design changes and can be made only in the Design Master replica.

Some security permissions control certain aspects of database replication. For example, a user must have Administer permission on the database in order to:

• Convert a database into a replicable database.
  
  
• Change the setting of the ReplicableBool property, make a local object replicable, or make a replicable object local. Note that these actions can be performed only in the Design Master replica.
  
  
• Transfer Design Master status to another replica. This action can be performed in any replica in the set; however, there should never be more than one Design Master replica in a set at a time.

By default, Administer permission is granted to the Users group, the Admins group, and the creator of the database. If security is to be maintained, you must restrict this permission to selected users. For more information about replication, see Chapter 16, "Multiuser Database Solutions."