Excel Trust Center Breaking Documents - vba

We have staff that use a from created by a state government office. It is full of VBA code, smaller macros, and active x controls. This document changes often and does not have a publisher certificate. When a user opens the document and allows the code to run it bugs out. (formatting is wrong on newly created sheets etc). I have contacted the document creators and they claim it's "system corruption" but I doubt this to be the case since this occurs on every single copy of excel 2010 we have. My fix has be to disable the trust center almost entirely. This is really not acceptance and what I would like to ask is there any way to set excel to both trust and enable documents from either a certain site or with a name containing an phrase or a name?

Yes, you can in Trust Center Settings under the Trusted Locations tab you can trust a location, or a single file by hitting the Add new location... button and adding the location to the folder or files you want to trust.

Related

Normal.dotm in a high security installation

Our company has a strict security policy regarding use of the C:\ drive. In a nutshell, the user is not allowed to save any data there, user data should be on a network drive, period. There are a few holes in this policy, such as saving temporary files, and writing to normal.dotm.
When it comes to Word, the Trust Center has no entries under User Locations. C:\Users\VVKozlov\AppData\Roaming\ is simply not there, or elsewhere in the Trust Centre.
When it comes to Normal.dotx, it is saved in the default location of a typical Word installation, C:\Users\VVKozlov\AppData\Roaming\ which does not appear in the Trust Center.
Here is where this gets nasty: I have a Excel add-in which reads data from Word. At the time Word is invoked, I receive the following familiar and irritating nag:
Next, unless this dialogue box is answered promptly, I receive the following error message:
Run-time error '429':
ActiveX component can't create object
At this time, the add-in is effectively broken and needs to be restarted.
Is there a workaround to this security problem? One thing which looks promising is to save a shortcut in C:\Users\VVKozlov\AppData\Roaming\ which points to a file which is in one of the Policy Locations in the trust centre.

How to disable access security notice "A Potential security concern has been identified"

i have a shared access application, i created an accde file for 32-bit machine, when user open the application he/she getting a security warning
is there any way to disable this message from appearing to the users
thank you
You have to set their computer to be a trusted source. In order to get around this issue, you will need to create a Digital Certificate. Digital Certificates are good only on the computer they are created on, so if this database will be used on multiple computers then each one will have to create a Digital Certificate.
To do this, you will need to perform the following tasks:
Click on Start -> All Programs -> Microsoft Office -> Microsoft
Office Tools -> Digital Certificate For VBA Projects (If you don’t
have this, you will need to contact your IT Dept.)
Enter a Certificate Name. Make it obvious like MyProgramName and Click OK
Open the Access database which contains the security warning you want to bypass
Go into the Design View of any Module
Click on Tools -> Digital Signature
Choose your Digital Certificate you created in Step 2
Save and close the database
Re-Open the database. You will now be prompted with a different Security Warning that states the file has been digitally signed.
Check off the “Always trust files from this publisher…” box and click the Open button
All subsequent times you enter this database, you will not be prompted with a security warning.
Note - I wrote the above for our company based on Office 2003. If you're using a more recent version, the instructions may vary somewhat.
other way is following:
click on file and then options
click on trust center and then trust center settings on the right
then click on trusted locations and add new location
browse for the location and save.
that's it.. done.. now no more warnings..
That is a standard warning to indicate the file you are opening has web links and macros.
If you trust the file, just say OK or “Allow”
You can control if this message is displayed: Office button > Excel Options button > Trust Center > Trust Center Settings button (I have no idea why they have this extra button, DUMB DESIGN! )
More Information can be found here
I have an Access database that processes other Access databases. I get OP's error when connecting to one of the other Access databases. To fix the issues, I opened the other Access database and clicked Enabled Content. Then, the Access database is trusted and OP's error doesn't occur when connecting to that Access database from another Access database.
You can create a registry key that will add the directory as a trusted location and will not show the warning anymore. What's nice about this method is that you can easily automate this to happen on the computers where you deploy your app. See method #2 or #3 in this blog: http://www.accessrepairnrecovery.com/blog/fix-microsoft-access-security-notice
And in case the blogs ever gets removed, here is the important bits:
[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Access\Security\Trusted Locations\Location20] “Path”=”C:\Database\”
“Description”=”My Database location”
Explanation about the key:
– The number “14.0” is the version of MS Office. You can change the numbers that represent the version you are executing.
– The “Location20” is a unique name that you assign. 20 can be any number that is not previously used. Other programs include default MS Access wizards, already have used other numbers. But if you want to make more than one path as trusted location, then each location must end up with different number.
– The “C:\Database\” is the physical path that you want to set to be as Trusted Location. You can place any path that you choose here.
By copy and pasting the above coding into a text file and save it with a name such as RemoveSecurityWarning.reg, you can then run the file into your PC’s registry just by making double click on the file.
The best way is to add the location of the document or the document itself to the Trusted Locations in Registry (if you use only Access runtime on client machines, there is no way to add it through the Office application, like you would do in Excel).
Here is the answer:
Adding Trusted Location to Access Run Time
You would need to create a new Location key and add the necessary Path (and Description) strings inside with the appropriate location of your file. This way the nag dialog will be gone and you won't need to worry about certificates.
Shared may mean it is located on a network share. It is not advisable to add a network location to the Trusted locations and you would need to set the additional flag AllowNetworkLocations to 1. I would advise you to copy the Access modules to the user computers, which would also make things better with the speed I believe.
If anybody else have this problem, it happened to me, with a shared file on a network environment, and the simplest solution was to install Microsoft Office service pack 2, even better is having automatic updates for Office turned on. You can find it here.

Sharepoint Workspace 2010 Local Store Location

When setting up local synchronization with a Sharepoint 2010 site using Sharepoint Workspace, where are the local files stored? More importantly, how can I change the storage location?
There is a folder-like object created under username\Workspaces, but when checking the path in the explorer address bar, it shows simply username\Workspaces, unlike other folders that show as C:\Users\username\xxxx. Right clicking the folder only provides the option to open in new window - it can't even be deleted! There are no options for setting storage location within the Workspace application itself.
Using an SSD system drive, I don't have the space to put all this data on C:. Only part of my user profile has been relocated to other drives, so the default for new items is still C:. Without a knowledge of the real path where this is stored, I can't even use junction points to redirect.
Much web searching has revealed nothing on this subject. Your help is appreciated.
the data is stored within the users profile. I don't think taht you're able to relocated the synched database. The synchronized data isn't encrypted or password protected. So you should consider to activate profile encryption within your organization.
In addition to the location you aren't able to activate any kind of OOB protection for the local SQL CE which is responsible for storing the synched data!
The default location is %localappdata%\Microsoft\Office\14.0\OfficeFileCache.
The files in this location don't look like the actual files, and contain a lot of metadata.
Per Microsoft KB 2020636, you can change the location of the OfficeFileCache by adding an Expandable String Value named OfficeCacheLocation to registry subkey HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet with the new path. (This key is for Office 2010 only.)
In my organization, we reviewed the option of using Workspace for making files available offline, but in the end opted for a third party SharePoint add-on.
Since all of out users have Outlook and use it on daily basis, it made sense to have an Outlook sidebar available with all the users' relevant files. It also can synchronize a SharePoint library or folder and makes its items available offline using Microsoft Outlook, so we opted to use it instead of the OOB feature, which was too limited and had various security problems.
Just came across this and I think this will do the trick: How to change the default location of the Office 2010 Document Cache (NB: I haven't actually done it myself yet).
I don't have enough "reputation" on this site to post additional links, but if you search on the following, you can find more background:
OfficeFileCache Folder Size 3-4x Larger than Actual Content (SharePoint Workspace 2010)
Sharepoint Workspace Fills Hard Drive – WTF?

Access 2007, VBA, a tiny project for a school, and the Trust Center

A friend asked for my help putting together an Access database for a small department at a university. It tracks medical info on some animals. The problem is that to make the application easy enough to use, we had to write some VBA code to glue different forms together. When we open the database (or a new, updated version of the database), we get the little VBA Macro Trust thingie, and we're having a hard time figuring out how to get rid of that warning. I'm an open-source developer and my organization's sysadmin, so it's usually not a problem for me to sign rpm packages with the CA Cert I maintain...
My friend's department uses Windows PCs with Novell, but their computer support department has stated that they don't provide any support for user-created applications (i.e. providing a certificate signed by the departmental CA) nor will they provide administrator access to the computers so that we can change the trust settings. They also don't have the skills or expertise to code the application for the users. (Thanks, chaps, mighty helpful.)
Additionally, in our entire University, users are explicitly instructed not to ever, ever click a 'yes, I trust this' button. Re-educating users for the sake of this little access database that she's put together is a problem, since about 20 people will be using it to look up information.
Since I'm helping her, my inclination would be to do it in C# with a embedded database file stored on a shared drive, but that also falls under "user created applications" and I wouldn't be able to run an installer since no one has administrative rights.
Is there any way to work around the need to bypass the trust setting for macros every time someone opens this file? I thought that if we didn't use macros at all and just used VBA it would work, but that's apparently not the case.
You might find some help on:
http://msdn.microsoft.com/en-us/library/bb421308.aspx#OfficeAccess2007SecurityConsiderations_EnablingExecutableContentDatabases
Specifically:
Embedded Access Macros
In Office Access 2007, you can now
embed macros in form events like VBA
instead of saving them in the Macro
collection as separate entities. This
makes them more portable because you
can copy and paste a control with an
embedded macro, and the macro remains
with the control. In many cases, an
embedded macro for opening a report is
sufficient instead of a short sequence
of VBA for the same task. You can see
many samples of these embedded macros
in the Featured Online Database
Templates in the Getting Started with
Access pane that appears if you open
Access 2007 without selecting a
database. Because most Access macros
are not executable content, they are
an important tool when you have to
make your databases work in all
circumstances.
You're clearly on the right track since you mention the TRUST CENTER. I don't use A2007, but 2 minutes of Googling turned up these two articles:
View my options and settings in the Trust Center
Create, remove, or change a trusted location for your files
The instructions given there for Access are:
Click the Microsoft Office Button , and then click Access Options.
Click Trust Center, click Trust Center Settings, and then click Trusted Locations.
If you want to create a trusted location that is not local to your computer, select the Allow trusted locations on my network (not recommended) check box.
Click Add new location.
In the Path box, type the name of the folder that you want to use as a trusted location, or click Browse to locate the folder.
If you want to include subfolders as trusted locations, select the Subfolders of this location are also trusted check box.
In the Description box, type what you want to describe the purpose of the trusted location.
Click OK.
Looks to me like that should take care of your problems, though it has to be done on each users computer.

Lock Excel Document after a certain Date

How can I cripple an excel document after a certain date? I want it to become unusable after, say, 12/31/2009.
I was thinking about putting one of those Must Enable Macros things in there that hides all the sheets on close and leaves one tab that says you must enable macros. Then having an on open macro that unhides all those tabs, but also will close itself if after a certain date. This has a few drawbacks in that someone could just enter in the macro code (without macros enabled) and change the expiration date... or even just change their system time. Any thoughts about good ways to do it? Is my method pretty much as good as you can get? or are there better ways out there?
Thanks.
You might want to have a look at Microsoft's Information Rights Management (IRM) technology. IRM lets you control which users are permitted to read, edit, print etc the content of a document. It is also possible to specify an expiration date.
IRM requires you to either have an ActiveDirectory infrastructure with a domain controller or you may use the IRM service hosted by Microsoft.
For further details check out Controlling workbook access in Excel with Information Rights Management.
Dan, I am not sure of the purpose you are trying to lock the excel sheet. However if you write the macro then you can password protect the VBA code so that no changes are made to the code.
Having said so, there is still a possibility to have workarounds and access the excel file; no method can be foolproof.
Cheers...