Web Development

>
I just want to try and make this alittle more clear by giving another one of my long-winded explainations:

Information about a workgroup is stored in the system database(mdw or mda) However, the actual permissions and information about the ownership are store in the application database(mdb).
An administrators account is a member of the Admins group. An owner account is a user or group that you make to have ownership over a MDB and ist objects. . These accounts can ALWAYS get permissionsfor all objects created in the workgroup.
Because the Admin. account is the same for every copy of Access, it is important to set up your OWN administrator and owner accounts IN PLACE of the Admin account. Otherwise, anyone with a copy of Access can log on as using the Admin acct. and get full permissions.
The users should get a copy of a workgroup that does NOT include the Owner account.
Once you have set up your own administrator and owner accts., remove the permissions from the default administartor account.
Make the only accounts that have full permissions, and which belong to the Admin group, your own administrator and owner accounts and give them unique names. Then, as I said, remove all permissions from the default administrator acount.
Therefore, if the actual permissions are stored in the MDB and not the Mdw, and the default administrator account doesn't have the permissions assign, then if someone changes the workgroup or uses the MDB on another PC with Access, wherethe default Admin. acct. is there again, and when logging on as admin. and the workgroup "ask" the MDB for the admin. permissions, the MDB will STILL respond that the default admin. has no permissions and is not the owner!

If you are starting from scratch it is best to log on with your own admin. and owner accounts, BEFORE creating any objects. For an existing MDB, it is best to create a new MDB, logging on with your own accounts, and then importing all the objects.This will make sure that the ownership of each object gets changed from the default admin. to your own new account.

Additional security can be achieved by encrypting the MDB, even though this may slow things down a bit.

Thanks - that should do the trick. I'd forgotten about the effect of default Users and Admin groups; this will be much simpler than what I was anticipating!