AcuODBC User's Guide
Version 6.0

8.3 System Security - The AcuAccess File

The foundation of AcuODBC Server system security is the server access file. The server access file is an encrypted Vision file, named "AcuAccess" by default, and located in the "/etc" directory on UNIX servers and the "\etc" directory on Windows NT or Windows 2000 servers. You may rename the file if you like. If you rename the file, be sure to indicate the new name in the ACCESS_FILE configuration variable, as described in section 8.4.1.

Caution: If you have upgraded from an earlier version of AcuODBC Server, the server will detect and convert existing AcuAccess files the first time that they are opened. Updated AcuAccess files are not compatible with earlier versions of AcuODBC Server. If you are operating in a mixed environment that includes both AcuODBC Server Version 6.0 and earlier versions of AcuODBC Server, you must use duplicate AcuAccess files.

Running multiple versions of AcuODBC Server is not recommended.

The server access file contains one or more access records. These records define which users of which clients are permitted access to AcuODBC Server. The server access file is designed to support a wide range of access security, from very open to very restrictive. You choose the level of security best suited to your needs.

The AcuODBC Server checks the AcuAccess file to determine whether the connecting client is authorized to connect to the server. If the user is not allowed to connect, the following message is returned:

    01004 01004 [AcuCorp, Inc.][AcuODBC Driver][ISAM]Not authorized to connect   

Creation and modification of the server access file requires root privileges on UNIX, and Administrator or Administrators group privileges on Windows NT or Windows 2000.

On UNIX servers the access file must be owned by root, and only root should have write permissions to the file. If the access file does not exist, is not owned by root, or can be written to by users other than root, AcuODBC Server will not start.

On Windows NT and Windows 2000 servers, you should protect the access file by allowing write permissions only to users with Administrator privileges. If the access file does not exist, is not owned by Administrator or the Administrators group, or can be written to by users other than Administrator or the Administrators group, AcuODBC Server will not start.

Acucorp, Inc.
Voice: (800) 262-6585 (U.S.A. and Canada)
Voice: (858) 689-4500
Fax: (858) 689-4550

Please share your comments on this manual
or on any Acucorp documentation with the
Acucorp Communications Department.
1988-2003 Acucorp, Inc.
All rights reserved.