I've spent several days on this issue - it is showing up on 4 of my Access database clients now. Any help would be greatly appreciated.
Background on my system: I have WinXP SP2 with all the latest updates, running Office/Access 2k3 and the latest SP for Office. I have a clean, spyware-free system running Norton 2007.
There are two issues but I think they are related.
Issue #1 On my client's computers, the macro security option (to set security levels to low, medium, high or very high and administer trusted publishers) is missing completely from Access. (On the other Office products the menu option is there and digitally signed macros can be trusted and added to the list.)
Issue #2 Access databases using VBA and macros will only partially open on my client's machines, or they won't open at all. This happens whether signed or unsigned.
Here's what I've looked into and what I've tried to tweak:
1. We updated Jet because I know in the past unsafe expressions/sandbox mode will prevent Access from running.
2. My clients updated Win with SP3 and updated Office with the latest SP.
3. We unchecked the automatic detection of intranet applications in the Intranet Sites window in IE7 on the security tab - this is known to prevent applications like Access from running because Windows thinks it's running off the web.
4. I purchased a MS authenticode cert and signed my application. I've seen situations where the cert won't be trustable if the macro security is not at medium - the application just gets disabled and you never get that far.
5. We've tried different ways of distributing the application including: Via web download (zipped and unzipped and renamed as txt); and via email as well.
6. The menubar was reset but this does not show the security window.
What I do know:
A plain db with no code or macros created on the client machine still gives no option to change security settings.
I feel that the answer is getting that macro security window to show up.
The unsafe expressions window does not show up at all; so I don't know if it's enabled, disabled, or malfunctioning. (The clients are 3,000 miles away; stopping by isn't an option and I don't know if that will fix the issue of security warnings when I distribute future files over the web or email.)
My questions are:
1. What is the best configuration for managing sandbox? How do we get the unsafe expression prompt to re-display?
2. How do we find the missing macro security window?
3. Does IE7 or Office 2002 or 2003 have a new option you have to manage or click on to get things to work as planned (such as "display the macro security option"?)
1. Sandbox mode
2. Unsafe expressions
3. Jet update
5. Windows XP SP3
6. Some other automatically downloaded recent MS update that is bad?
7. Norton 2007
What DOES work:
1. Old Access applications on the client's machine run fine that I created in the past, even if they are unsigned. So I suspect macro security is set to low (but we just can't see this option.) I believe at low setting, you won't get a cert prompt so if Access won't work without a signature and you can't accept the signature on low, then maybe that's the problem here.
2. Things work fine on my computer. This tells me they work someplace so it has to be client-computer related, or caused by coming from the web. (Sending CDs in the mail each time is not a desired option.)
3. We DID get a Microsoft Word document to show the macro security window with no problem. To test this further, I sent a Microsoft Word document with one line of VBA code in it and had it signed. When my client received it, he was able to add me to his trusted publishers without problem. This tells me my certificate signing process is good and the certificate is valid, and one of the Office products does have a macro security window displayed so it's not a global computer problem.
4. One of my clients who received an Access application (with all sorts of VBA and macros and expressions in it) successfully installed, signed and ran it with no problem. This application came off the same machine my other apps came from. It's the same certificate and was also delivered off the web. If one Access app works, they should all work - again it leads me to an issue with the security setting or registry setting on the client's side.
Since this is not isolated to one client I feel this may be a problem that will affect other developer's; once I solve the issue, I will post an update here to help anyone else that encounters this situation in the future.