This question may be opinion based, but please bear with me.
Context: Company has asked me to develop an Excel add-in, that all employees will use. I use a shared network folder to store the add-in. All users just creates an reference to that add-in and loads it from network.
Problem: Company would like to see usage statistics of the add-in. Basically, lets say the add-in has 10 specific functions, which are invoked by a press of a button. Each time a button is pressed, this information should be stored.
Question: Where to store this information?
I added a new function and included in all methods that would just write the number of each function use of a session in the add-in sheet, and on the workbook_close method, print everything to a .txt file and save it to the network drive and run reports based on that.
Now the problem is that everyone has access to the network drive, can accidentally delete the log files or just plainly change them for whatever reason. I can overcome the changing issue by encrypting the log files, so users won't know what's inside them, but then they can just delete them by thinking that it's trash.
It all comes to this: where to store user usage data, which would be accessible to me or my manager, to use that data for reports, without anyone else being able to interfere with the data?
By interfering I don't mean that anybody would do that of spite, but an accidental deletion, or just a cleanup of the network folders.
My idea: run a script to monitor the log folder, and when a new file appears, move it to a safe directory and remove it from the original folder. But it won't work if I turn off my computer and seems to me that I'm missing something and over-complicating this issue.
Thank you for your time.
Let Company decide.
Present the issue to your client, along with all the options and risks and get their feedback. In this way:
you will get information if they have a strong preference
make the client aware of any risks
limit your liability in case something "bad" happens
Note:
This is not the proper forum for this question. Expect it to be Closed soon.
Related
I have done quite a lot of searching but am not really able to find a clear answer. I'm wondering if storing simple generated record documents (.txt files, e.g. purchase records) in a protected directory with deny from all is secure? Obviously, anyone going directly to the file in the browser will not be able to access it, but I wonder if the information in these text files is visible in other ways?
Why store them in a place accessible by the browser? Can’t you place the files somewhere else in the server, in a directory that is not seen by the http server?
I assume you would like to access them later through the browser and if that’s the case, can’t you create those reports on the fly each time a request is made for them? I have seen servers littered with saved reports when the best solution would have been to generate the reports again by retrieving data from a database. Please do not take this as an insult, but if my assumption is correct, try to consider another solution.
Technically, the answer to your question is “those files are not accessible if the server is configured correctly, you have no bugs in the code, etc.”
Short version: (after finding out the answer)
I have an Excel VBA application with an MS Access database (.accdb) on a SharePoint library.
The behavior that was examined (and apparently documented - see answer):
It takes a long time to perform the ADODB Open and Close methods (~15 seconds).
If multiple users are connected at the same time to the database, only the changes made by the user which closed the database connection LAST are saved. Changing cursor types, cursor locations or lock types didn't help. No error shown.
Why does this happen?
Original Question:
First question here. Hope this isn't too wordy:
I've built an Excel application using VBA to communicate with an MS Access database (.accdb) that should have support for concurrent users accessing it. It is meant to be placed on a Sharepoint site as an accessible file (not integrated into it in any other way). When I was testing the Excel file and the database on my home network it worked like a charm, transactions and all. However, once I migrated it to Sharepoint, I've noticed some extreme differences from the way it acted on my personal network:
The ADODB {.open} and {.close} methods take at least 15 seconds each (making Excel freeze until done). Due to this, I've decided to open and close connections only once throughout the lifetime of the application, and restore the connection if it is broken along the way. I'm aware of the fact that this is highly not recommended, but can't afford having my users wait so long. This hasn't caused any problems that I'm aware of, perhaps apart from the one I'm about to explain.
The problem: Changes aren't saved to the actual database unless all active user connections to the database are closed, even if the only active thing is the connection. Everything passes without errors for each user when attempting to update, and each user can access his/her changes, I suppose until all connections are terminated. I tried all possible cursor types and lock types, nothing seemed to work. It is as if a local copy of the database is stored on the user's computer (hence the long wait while opening and closing the connection), and updates are stored on the temporary version, not the actual one.
I tried all possible combinations for cursor types, cursor locations, lock types and what not (found out along the way that dynamic cursors aren't supported in my case - I wonder if that's the answer).
Due to this I have no other choice but to make the program accessible to only one user at a time, or changes seem to get lost along the way, making the program highly unreliable.
I read something about having to "flush the buffer" or "refresh the cursor". Is this even possible/necessary? Or the case? If I'm using a keyset cursor, shouldn't my edited records be shown to all other users? (not talking about new ones)
For what it's worth, I map the path to the sharepoint folder before accessing it.
Have any of you experienced something like this? Or have any suggestions?
If you need samples of my code I'll post it soon. Thanks so much!
I found the solution to my problem:
Although you can save an Access database file to OneDrive or a SharePoint document library, we recommend that you avoid opening an Access database from these locations. The file may be downloaded locally for editing and then uploaded again once you save your changes to SharePoint. If more than one person opens the Access database from SharePoint, multiple copies of the database may get created and some unexpected behaviors may occur. This recommendation applies to all types of Access files including a single database, a split database, and the .accdb, .accdc, .accde, and .accdr file formats. For more information on deploying Access, see Deploy an Access application.
Source: Ways to share an Access desktop database
I have an Excel workbook I need to share with my client but make sure it is not opened outside of their office network.
How to protect my Excel workbook like this?
In short, exactly what you request isn't (easily) possible.
Theoretically you could set the workbook to draw its data from a network resource you control, and set that resource to only allow read access from specific network addresses such as the client network. However, there are a number of hoops to jump through first, such as setting up the database server and creating the data source, testing the worksheet, and then setting up the network permissions to allow the client's addresses (and of course discovering their IP addresses). That's actually a lot more work than it even sounds.
Even all of that work wouldn't prevent the user from copying that data into another workbook (either via copy/paste or manually retyping it), or using a VPN to connect to their work-network and reading the file just fine from Tahiti or Moscow.
Sadly, the only foolproof solution is not sharing the data at all, and that doesn't let the customer see the data at all.
In IT we frequently try to reframe the problem not in terms of "how can we make this solution" but instead as "what is the problem we're trying to solve?" In this case, it sounds like the problem you're trying to solve is keeping sensitive information from falling into the wrong hands. The only solution to THAT problem that has ever been found is not to trust it to the wrong people. If you can't trust your client with this data, I'd suggest either the client isn't trustworthy, or there's something wrong with the data you're looking to share (as in, why do they need data this sensitive?).
I'd suggest re-evaluating the problem you're trying to solve. Maybe send them a screenshot of the document from a resource you control and can delete the image from after they've viewed it. They'd still be able to print or save the image, but if they're THAT persistent in getting the data, you're not going to stop them if they can see it at all, and they're not terribly trustworthy.
The idea is that I want a program that can edit a file yet I, the programmer, cannot edit or forge the file. Encrypting the file is an obvious choice, but even then, I'll still have to keep the encryption key secret from myself somehow.
Obscuring the secret doesn't seem to work, because I could just use the de-obscuring part of the code that I would need for the program.
I'm asking this because I'm trying to make a program that will keep me productive by monitoring my activities, and tell my friends/boss/family just how terrible a procrastinator i am if i don't live up to the goals i set the previous day (in other words: Present me can force future me to not procrastinate)
It seems the content of the program doesn't matter that much but you want to assure that the timestamp and content of the log can't be forged. I suggest writing the log to some external site where you can put data to but not delete from.
Writing false values to the log can only be prevented by having a log which progresses by time. For example, if you hide expenses from your bank account you'll run into problems because future balances will be lower than expected.
For short pieces of information like your account balance, just write it to some public site like Twitter. AFAIK it's not possible to send twitter messages like there were sent some time before.
For more complex data like the progress of a software development project push your changes with a version control system like git to a remote repo where you can't delete or overwrite history.
Update: As you explained in the comments you want to log dinstinct data on your computer that could be forged to anything. IMHO it's virtually impossible for you to write a program on your own which runs on your own computer with root but cannot be controlled. The only kind of software that is somehow similar to your request is DRM software that is calling home to prevent software "piracy". You need a binary program written by somebody else or with the source code deleted. It would need some kind of encrypted and obfuscated network communication which you can't understand.
I think there is not much hope for you using this approach. Better learn to control yourself and not answer random questions by strangers on Stackoverflow, ehem.
I have been trying to understand what should be the right way in using BackupRead and BackupWrite for backing up data on a computer and especially about restoring it reliably.
Now I understand how to use the API and have been successful. However there's one thing that bothers me.
You can backup, beside the file content itself, any alternate data streams also the security information (ACLs).
Now if I would store the ACL data for backup and then later, once the data needs to be restored on a different machine OR a newly setup machine what should I do with the SIDs which are related to the ACL?
The SID is most likely no longer valid for the machine and how should the right user be selected?
Now I am looking at this on a bigger scale let's say this is a computer with multiple users and hundreds or thousands of objects with different settings this would be mess to get the data restored with the security settings applied to them again.
Is this something, if the user of the software wishes to backup the security settings, what the user has to take about himself and update them accordingly or what?
Additionally BackupRead and BackupWrite will give me the raw binary data of those items which is not all too hard to use however obviously this API does not even intend to face this issue.
Anyone has an idea how a backup application should handle this situation? What is your thought, or any pointers on guidelines for this specific topic?
Thanks a lot.
I think you understand correctly the problems with backup and restore of data. I think that correct understanding of problems is a half of its solving. I suppose that you are, like the most of users of the stackoverflow site, mostly software developer and not an administrator of a large network. So you see on the problem from another side of software developer and not from the side of the administrator. An administrator knows the restrictions of backup and restore of ACLs and already use it.
In general you should understand that the main purpose of backups to save the data and to restore the data later on the same computer or server. Another standard case is: one restore backup from one server to another server after the changing of hardware. In the case the old server will no more exist. Mostly one makes backups of servers and organize to work on the clients so, that no important data will be saved of the client computer.
In the most cases the backed up data has Domain Groups SIDs, Domain Users SIDs, well-known SIDs or SID aliases from the BUILTIN domain in the security descriptors. In the case one need make no changes of SIDs at all. If the administrator do will make some changes in ACL he can use different existing utilities like SubInACL.exe.
If you write Backup/Restore software which you want use for moving the data with the security information you can include in the backup some additional meta-information about the local SIDs of accounts/groups used in the saved security descriptors. In the Restore software you can provide the possibilities to replace SIDs from the saved security descriptors. Many year ago I wrote for one large customer some utilities to clear up the SIDs in SD in the file system, registry and services after domain migration. It was not so complex. So I suggest that you could implement the same feature in you Backup/restore software.
I do believe the Backup* APIs are primarily intended to backup and restore on the same machine, which would render the SID problem irrelevant. However, assuming a scenario where you need to restore a backup on a new install, here's my thoughts on solutions.
For well-known SIDs such as Everyone, Creator Owner and so on, there isn't really any problem.
For domain dependent SIDs you can store them as is, and upon restore you could fixup the domain part, if needed. Likely you should store the domain name as well for such SIDs.
For local users and groups, you should at least store the user/group name for each SID. Fixup on restore could be partially automatic based on these names, or manual (assuming an user interface for the application) where you ask the user whether he wishes to map this user to a new local user, convert these SIDs to a well-known SID, or keep as is.
Most of the issues related to such SIDs can (and probably typically will) be possible to handle automatically. I'd certainly appreciate a backup application that was smart enough to do the restore I asked it to and figure out that "Erik" on the old machine must be "Erik" on the new machine as well.
And a side note, if you do decide to go with such a solution, remember how annoying it is to start an overnight data transfer just to get back to something 5% done blocking on a popup it could just as easily defer :)