Alpha Software Mobile Development Tools:   Alpha Anywhere    |   Alpha TransForm subscribe to our YouTube Channel  Follow Us on LinkedIn  Follow Us on Twitter  Follow Us on Facebook



The Alpha Software Forum Participation Guidelines

The Alpha Software Forum is a free forum created for Alpha Software Developer Community to ask for help, exchange ideas, and share solutions. Alpha Software strives to create an environment where all members of the community can feel safe to participate. In order to ensure the Alpha Software Forum is a place where all feel welcome, forum participants are expected to behave as follows:
  • Be professional in your conduct
  • Be kind to others
  • Be constructive when giving feedback
  • Be open to new ideas and suggestions
  • Stay on topic

Be sure all comments and threads you post are respectful. Posts that contain any of the following content will be considered a violation of your agreement as a member of the Alpha Software Forum Community and will be moderated:
  • Spam.
  • Vulgar language.
  • Quotes from private conversations without permission, including pricing and other sales related discussions.
  • Personal attacks, insults, or subtle put-downs.
  • Harassment, bullying, threatening, mocking, shaming, or deriding anyone.
  • Sexist, racist, homophobic, transphobic, ableist, or otherwise discriminatory jokes and language.
  • Sexually explicit or violent material, links, or language.
  • Pirated, hacked, or copyright-infringing material.
  • Encouraging of others to engage in the above behaviors.

If a thread or post is found to contain any of the content outlined above, a moderator may choose to take one of the following actions:
  • Remove the Post or Thread - the content is removed from the forum.
  • Place the User in Moderation - all posts and new threads must be approved by a moderator before they are posted.
  • Temporarily Ban the User - user is banned from forum for a period of time.
  • Permanently Ban the User - user is permanently banned from the forum.

Moderators may also rename posts and threads if they are too generic or do not property reflect the content.

Moderators may move threads if they have been posted in the incorrect forum.

Threads/Posts questioning specific moderator decisions or actions (such as "why was a user banned?") are not allowed and will be removed.

The owners of Alpha Software Corporation (Forum Owner) reserve the right to remove, edit, move, or close any thread for any reason; or ban any forum member without notice, reason, or explanation.

Community members are encouraged to click the "Report Post" icon in the lower left of a given post if they feel the post is in violation of the rules. This will alert the Moderators to take a look.

Alpha Software Corporation may amend the guidelines from time to time and may also vary the procedures it sets out where appropriate in a particular case. Your agreement to comply with the guidelines will be deemed agreement to any changes to it.

Bonus TIPS for Successful Posting

Try a Search First
It is highly recommended that a Search be done on your topic before posting, as many questions have been answered in prior posts. As with any search engine, the shorter the search term, the more "hits" will be returned, but the more specific the search term is, the greater the relevance of those "hits". Searching for "table" might well return every message on the board while "tablesum" would greatly restrict the number of messages returned.

When you do post
First, make sure you are posting your question in the correct forum. For example, if you post an issue regarding Desktop applications on the Mobile & Browser Applications board , not only will your question not be seen by the appropriate audience, it may also be removed or relocated.

The more detail you provide about your problem or question, the more likely someone is to understand your request and be able to help. A sample database with a minimum of records (and its support files, zipped together) will make it much easier to diagnose issues with your application. Screen shots of error messages are especially helpful.

When explaining how to reproduce your problem, please be as detailed as possible. Describe every step, click-by-click and keypress-by-keypress. Otherwise when others try to duplicate your problem, they may do something slightly different and end up with different results.

A note about attachments
You may only attach one file to each message. Attachment file size is limited to 2MB. If you need to include several files, you may do so by zipping them into a single archive.

If you forgot to attach your files to your post, please do NOT create a new thread. Instead, reply to your original message and attach the file there.

When attaching screen shots, it is best to attach an image file (.BMP, .JPG, .GIF, .PNG, etc.) or a zip file of several images, as opposed to a Word document containing the screen shots. Because Word documents are prone to viruses, many message board users will not open your Word file, therefore limiting their ability to help you.

Similarly, if you are uploading a zipped archive, you should simply create a .ZIP file and not a self-extracting .EXE as many users will not run your EXE file.
See more
See less

Which file holds the Security information?

  • Filter
  • Time
  • Show
Clear All
new posts

  • Which file holds the Security information?

    Hi all.
    I have installed my app on a Server and the RunEngine on 9 workstations.
    The client wishes to control the Security aspects as Administrator.
    Can anyone advise how they should change permissions etc?
    I can only think that they will need to run the version on the Server, log in as administrator and carry out the changes.
    The alternative is to creat another small ap which will allow the user to change the Security profiles locally and copy the file with the security data into the Server installation.

    All comments and help would be welcome.


    "There is no such thing as a Silly Question. However they are often the easiest to answer".
    See our Hybrid Option here;

    There are 3 things you can do in any situation;
    Live with it, Change it or Walk away from it.

  • #2
    Re: Which file holds the Security information?

    Security Functions


    • #3
      Re: Which file holds the Security information?

      Can you clarify your question a bit please.

      First, I assume you are talking about desktop security.

      - Are you talking about A5 security as applied to user logins? A5 security as applied to encryption of data files; i.e., the master database password? Windows security?

      - If you are asking about A5 security as applied to user logins, why are you worried about which file holds the information? I ask this because there are both legitimate and "illegitimate" reasons for being concerned.

      All A5 info should be available and updatable (is that a word?) from any workstation. (I must admit I haven't specifically looked at updates to the user security but I'd be totally shocked if updates from workstations didn't work.)

      The only reason I would be concerned about which file (it's actually 3 files - <adb_name>.al*) the security info is in, unless it has been changed in recent iterations of A5, is that those are the same files that hold the scripts and functions in the Code tab. This means that updating code at a separate development computer and sending those files to the customer will also reset their security settings to an older level unless you are careful to get their latest files first and make sure they don't change any security settings before you send an update. Worse yet, imagine what would take to update a generic application that is used by 20 different customers! In that case you need to find a different way to handle updates - and, yes, there is more than one way to do that.

      DISCLAIMER: I haven't tested it but something in the back of my mind is telling me that they may have moved the security settings. The problem is that the same "something" is telling me it's now in the registry and that doesn't make any sense at all because computers on a network can't read or write to the registry on another computer.

      If anyone knows for sure whether or not those security settings are still in the .al* files, please let us know. (If not, I'll eventually test it for myself but certainly not this week.)

      FWIW, I haven't tested it recently because I never really used it. I wrote my own user login/security routines before Alpha had that capability. When I discovered that the A5 security settings were in the same files as the code and would cause problems distributing updates, I chose not to switch to A5's methods.


      • #4
        Re: Which file holds the Security information?

        I just ran a small test on the security and file size changes.

        I created a test database, exited the database and ran a DIR command on the directory.
        11/10/2010  10:06 AM             4,608 Security_Test.adb
        11/10/2010  10:06 AM               646 Security_Test.ALB
        11/10/2010  10:06 AM               512 Security_Test.ALM
        11/10/2010  10:06 AM             3,072 Security_Test.Alx
        Re-opened the database, established security, closed the database and re-ran the DIR command.
        11/10/2010  10:07 AM             4,608 Security_Test.adb
        11/10/2010  10:07 AM               985 Security_Test.ALB
        11/10/2010  10:07 AM             1,193 Security_Test.ALM
        11/10/2010  10:07 AM             3,072 Security_Test.Alx
        Notice the Security_test.ALB and Security_Test.ALM files both increased in size.

        The only other file present in the directory was the Security_Test.MUF.

        On the "Advanced Options" tab of the Database Security Settings window is a choice to "Use shared User Account File". When you select this option you have to provide the filename and path of an *.ADB file.

        This is causing me to believe that the security settings are being stored in the *.ALB and *.ALM files referenced by entries in *.ADB file.

        On a side note it is possible to read and write registry values of a remote machine.


        • #5
          Re: Which file holds the Security information?

          Thanks for all the info/research Al.

          RE: .al* Files ...

          I'm sure you're right about the specific files that hold the security being just those two. However, the .alx file is an index file so the size might not change even if something inside it did. So, you would be much better off tranferring all 3 .al* files. This is true with any data dictionary group - .al*, .dd*, .se*.

          RE: shared user account file ...

          That's probably what I was thinking of instead of the registry. Thanks for pointing it out. Now I'll have to try remembering it. And one of these days I'll have to find out how that works on a network. I'm wondering how/if the network optimize routine handles it.

          RE: registry on remote machine ...

          Thanks for this info, also. It's a good thing to know but I don't think I'll be using this as it seems a bit extreme to do this on a customer's system. I'd be afraid of the maintenance issues that would probably arise as systems get updated, replaced, etc.


          • #6
            Re: Which file holds the Security information?

            Well here you go!
            Al and Cal, thanks for the input.

            To aswer the questions.
            Desktop Security requires that passwords are changed every 4 weeks. So I got some help off this forum and built a P/wd change module. Then the Administrator wanted to be able to add users and change Read/Write/Partial Read permissions.

            It seems that once you have run Network Optimise, it is not possible to change permissions on the Server using the shadow even if you are an Administrator. You can change your own password, but that's about it.

            The only way I could get it to work was to loginto the server in native mode and change things there. Sorry Cal, I think you will find that the only place to manage the security other than personal password requires you to log in outside of the Shadow.

            Anyway, happy client, money in bank, beer lined up on the bar!

            Sometimes it's just good to know that someone is there to listen.
            See our Hybrid Option here;

            There are 3 things you can do in any situation;
            Live with it, Change it or Walk away from it.