Results 1 to 13 of 13

Thread: Macro Security

  1. #1
    Join Date
    Nov 2002
    Location
    Norway
    Posts
    239

    Unanswered: Macro Security

    I need to change the smacro security level but can't see the Security option under Tools/Macro. I'm running Access 2002 SP3

    Can anyoune help me to find where I can change Security level?

    The reason is that I get this message :

    "cannot open C:\Programfiles\..... demoDB.mde due to security restrictions.
    Security settings restrict access to the file because it is not digitally signed"

    The MDE is digitally signed. (own sertificate)
    The MDE is developed in Access 2005 and instaled at client as a RT version.
    (this spesific client has Access 2002 installed.)

    Thanks for any advice.
    Last edited by vestigo; 01-23-07 at 10:00.

  2. #2
    Join Date
    Dec 2004
    Location
    Madison, WI
    Posts
    3,926

    Security

    Here's another method for security. Try it out and see how it works for you.
    Attached Files Attached Files
    Expert Database Programming
    MSAccess since 1.0, SQL Server since 6.5, Visual Basic (5.0, 6.0)

  3. #3
    Join Date
    Mar 2003
    Location
    The Bottom of The Barrel
    Posts
    6,102
    Provided Answers: 1
    What kind of certificate are you signing the project with?
    oh yeah... documentation... I have heard of that.

    *** What Do You Want In The MS Access Forum? ***

  4. #4
    Join Date
    Nov 2002
    Location
    Norway
    Posts
    239
    Teddy,

    The certificate I'm using is "own issued" . As I understand the macro security level must be at medium or low to allow this type of certificate.
    I'm developing under Access 2003 and create a RT version that I'm installing on clients PC.

    This specific client has Office 2002 already installed. In Access 2002 there are no possibilities to set macro security.

    Are there any otter places where macro security can be set?


    I'm really struggling with this issue.

    Thanks for any proposals.

    Sincerely Vestigo

  5. #5
    Join Date
    Mar 2003
    Location
    The Bottom of The Barrel
    Posts
    6,102
    Provided Answers: 1
    I haven't tried to toy with "own issued" certs before. For some reason I recall them only being valid when executed on the machine they were created with...
    oh yeah... documentation... I have heard of that.

    *** What Do You Want In The MS Access Forum? ***

  6. #6
    Join Date
    Nov 2002
    Location
    Norway
    Posts
    239
    Do you know where and how I can get a proper one?

    Thanks

  7. #7
    Join Date
    Mar 2003
    Location
    The Bottom of The Barrel
    Posts
    6,102
    Provided Answers: 1
    I use a verisign digital cert for VBA for one of my clients. They're not too pricey and they do the trick.
    oh yeah... documentation... I have heard of that.

    *** What Do You Want In The MS Access Forum? ***

  8. #8
    Join Date
    Jan 2006
    Posts
    35
    I can concur with Teddy on the certificates: You can only run a self cert on the machine that it was created on, and yes you will need one from a vendor such as VeriSign.

  9. #9
    Join Date
    Nov 2002
    Location
    Norway
    Posts
    239

    Smile

    VeriSign "Digital ID Class 3 - Microsoft VBA Software Validation v2" certificate ordered.

    (one year, US$499)

    2-3 working days delivery.

    Thanks for valuable input.

    Sincerely
    Vestigo

  10. #10
    Join Date
    Nov 2002
    Location
    Norway
    Posts
    239
    I already receive the certificate from VeriSign.
    But it did not help,
    same damn message " file because it is not digitally signed"

    But talking to a guy (that was not as afraid as me to edit the registry file) solved the problem.
    The value for REG_DWORD under "HKEY_CURRENT_USER / Software / Microsoft / Office / 11.0 / Access /Security" was set to 0. Changing it to 2 solved the problem.

    Do you think this was recommended solution to the problem ?

  11. #11
    Join Date
    Mar 2003
    Location
    The Bottom of The Barrel
    Posts
    6,102
    Provided Answers: 1
    All he did was set macro security to medium. Signing your code allows it to run in a "high" security context. It looks like if the registry setting you referred to was set to zero, you were in a new security context called "very high" :

    Very High The Very High security level is a new security level introduced in Office 2003. If this security level is selected and the Trust all installed add-ins and templates check box is not selected (that is cleared), all add-ins and macros will be disabled regardless of whether they are signed, from trusted publishers or unsigned.

    If the Trust all installed add-ins and templates check box is selected, all installed add-ins will be allowed to run. However, whether a macro will be allowed to run or not depends on whether it is in the "trusted locations" or not.
    oh yeah... documentation... I have heard of that.

    *** What Do You Want In The MS Access Forum? ***

  12. #12
    Join Date
    Dec 2003
    Posts
    172

    Question...

    I just posted this same problem today.

    So if the security is set to 0 for very high, does an Office 2002 suite not have the very-high option (so it could not display the macro security box?)

    I have Office 2003 and have the very-high option. I also wondered if the macro security box now shows up after setting the registry option to 2.

    (OT: Its funny how we are worried about not trusting users on their own computers any more and hide files from view by default - but to fix these issues, we force people to have to hack into their registry - one of the most vulnerable and breakable places to edit, LOL. But that's another story

    Anyway... I have 4 clients with unusable Access projects right now due to this issue who can't pay me until this is fixed. (I also have a class 3 cert which doesn't get the oppty to be trusted.)

    So any help would be great .

    Joe

  13. #13
    Join Date
    Jan 2007
    Location
    UK
    Posts
    11,434
    Provided Answers: 10
    Quote Originally Posted by JoeG
    have to hack into their registry
    I love the use of that word :s
    It's losing it's meaning...
    George
    Home | Blog

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •