Database Security

Replicated databases use the same security model as nonreplicated databases: users’ permissions on the database are determined at the time they start Microsoft Access and log on. As a developer, it’s up to you to make sure the same security information is available at each location where a replica is used. You can do this by making the identical system database (the file that stores security information) available to users at each location where a replica is used. The default system database is called System.mdw. You cannot replicate the system database, but you can manually copy it to each location. Another way to make the same system database available to all your users is to re-create the entries for users and groups at each location in the local system database by entering the same user and group names with their associated personal identifiers (PIDs) at each location. Modifications to permissions is a design change and can only be made in the Design Master replica.

There should always be at least one user with Administer permission on the database. For example, a user must have Administer permission on the database to:

• Convert a database to a Design Master.
• Change the setting of the ReplicableBool property of an object or make another replica the Design Master. You can change the setting of the ReplicableBool property only in the Design Master replica.
• Make a replica the Design Master. You can perform this action in any replica in the set; however, you should never have more than one Design Master replica in a set at one time.

By default, Administer permission is granted to the Users group, the Admins group, and the creator of the database.