Microsoft KB Archive/829009

= Permission error may occur when you try to open a database that is signed with a digital signature =

Article ID: 829009

Article Last Modified on 1/19/2007

-

APPLIES TO


 * Microsoft Office Access 2003

-



This article applies only to a Microsoft Access database (.mdb).



SYMPTOMS
When you open a signed database, you may receive a message that says that you do not have Read Design permissions for one of the queries. You may also receive another message that indicates that the database cannot be opened because of security restrictions.



CAUSE
To validate the signature for the signed database, Microsoft Office Access 2003 must open queries in Design view to determine whether there are any changes. If you do not have Read Design permissions, the operation fails, and the signature cannot be validated.



RESOLUTION
You must make sure that you have Read Design permissions to all query objects. By default, when you manually create a new group, the group does not have Read Design permissions.

You can enhance the security of your database by using the User-Level Security Wizard. If you use the built-in groups in the User-Level Security Wizard, only the Backup Operators group does not have Read Design permissions.

You can check the Read Design permissions of a user or of a group. On the Tools menu, point to Security, and then click User and Group Permissions.



MORE INFORMATION
Digital certificates are used to enhance security for Access 2003 databases and to enhance security for Access projects by using the Digital Signature option.

You can use the MakeCert command-line utility to create digital certificates that are similar to the digital certificates that are generated by the Digital Certificates for VBA Projects tool. You can use the following command-line example to create a code signing digital certificate with the name MyCert:

makecert -sk SelfSignedCerts -n &quot;CN=MyCert&quot; -b 01/01/2003 -e 01/01/2009 -ss My -r -eku 1.3.6.1.5.5.7.3.3

