Btrieve Security Quick Start

---

This section provides step-by-step instructions on the fastest, easiest way to secure your Btrieve data files in the operating system while still allowing database users to access the data.

When this procedure is complete, you can revoke operating system user rights to the data files without affecting database user rights to access the data through an application.

---

Note
You must be logged into the computer where the database engine is installed, as an operating system user with administrative rights or as a user who is a member of the Pervasive_Admin security group.

---

1. Start Pervasive Control Center (PCC). If you need instructions on starting PCC, see To start Pervasive Control Center .
2. If the database engine you wish to work with is not registered with PCC, register it now. If you need instructions on how to register a database engine with PCC, see Pervasive.SQL User's Guide.
3. In PCC, double-click the database engine you wish to work with. Then right-click the Configuration folder underneath the database engine name, and choose Maintain Named Databases.
4. In the Maintain Named Databases dialog, click on the DefaultDB database to select it. Then click the plus button . Now, in the space provided, enter or select a directory containing your Btrieve files. If your files are spread over many directories, specify a high-level directory that they all have in common. You can specify C:\ if necessary, but realize that doing so will include all Btrieve files on the C:\ drive in DefaultDB. When finished, click OK.

   You do not need to enter every directory, just the lowest level directory that is common to all Btrieve files you want to include in the database.

5. Now you must enable security on DefaultDB. You can perform this task by issuing a SQL statement or using either the Database Properties dialog in PCC.

   To use the Database Properties dialog, right-click on DefaultDB in the left-hand pane of PCC. From the drop-down menu, choose Properties. In the dialog that appears, click on the Security tab. Enter the password that you wish to use for the Master user, twice as prompted. Click OK.

   To turn on security using a SQL statement, issue the following statement within an ODBC client application (you cannot use SQL Data Manager):

   SET SECURITY = password 
   
      where password is the password you choose for the Master user.
   
   
      Now security is turned on, but access is based on OS user rights by default, so your users currently have the same access that they had before. The next step will address this situation.
   
   

6. In SQL Data Manager, grant rights to the PUBLIC user at the database level. For example, if you want to grant read-only rights to all authenticated users, you would use the statement: GRANT SELECT ON * TO PUBLIC. This statement will give all users read-only rights to the data. To give all users read and write access to the data, use the statement: GRANT ALL ON * TO PUBLIC.

   If you need to grant individual users varying rights, then you must create group accounts (if desired) and individual user accounts using the GRANT statement in SQL or using the Users and Groups dialog in PCC. For information on creating groups and users, see Advanced Operations Guide.

7. Now, return to the left-hand pane of PCC, right-click on Configuration for the database engine you are working with, and choose Maintain Named Databases.

   In the Maintain Named Databases dialog, click on the DefaultDB database to select it. Click on the Btrieve Security policy drop down list and change the value to Mixed. Click OK.

---

Caution
Do not change the Btrieve Security Policy setting until you have completed step 6 as instructed. If you have not created user accounts or granted rights to PUBLIC, changing the security policy will prevent all your users from accessing the data.

---

You have now granted login access only to those users who are authenticated by the operating system, and you have specified that the access rights of those users are defined by the permissions you granted to them in the database.

8. Restart the database engine.

   On NetWare, reboot the server. On Windows server, stop and restart the Pervasive.SQL services. For Workgroup engine, right-click the tray icon and stop the engine, then restart it.

9. Secure the data files in the operating system according to your operating system instructions. You can now deny operating system users from having any rights to the data files, without affecting their ability to access the data through the database engine.

---

Caution
Be sure to secure the data files in the operating system. If you do not perform this step, the users still can access the files through the operating system with the same level of permissions that they had prior to this procedure. You must revoke the users' operating system privileges to the data files if you want to prevent users from being able to delete or modify the files directly.

---