Never ever concatenate data directly to your SQL statement. Instead use
OleDbParameter[
^].
So your query part should look like following:
cmdOLEDB.CommandText = "SELECT usern FROM Aut WHERE usern = ?"
cmdOLEDB.Parameters.Add("username", OleDbType.VarChar, 50).Value = textbox1.Text;
...