D
Dan Sabin
As part of my software application, I distribute Microsoft Access 2003 MDB
database files. I digitally sign the VBA project in each file using a
VeriSign Class 3 Code Signing Certificate that is valid until November 1,
2009. I sign the Access database file with my computer’s locale setting set
to U.S. English.
The distributed Access database files can be opened fine on my customer’s
computers in the U.S., English Canada, French Canada, Hong Kong, Macau,
Brazil, the U.K., New Zealand, Australia, Colombia, Iceland, Poland, Germany,
Thailand, and China. These users can open the application with their Macro
Security Level set to Low, Medium, or High. This security level is the
setting that you can change by using the Access 2003 menu command
Tools|Macro|Security.
However, the users in Norway, Denmark, Finland, Croatia, Sweden, and
Slovenia have told me that they see this error message on their computers
when they have their Macro Automation Security Level set to Medium or High:
“Microsoft Office Access cannot open <database name> due to security
restrictions. Security settings restrict access to the file because it is not
digitally signed.†This error message is appearing even though the Access
database file is still signed.
The problem can be solved for these users if they drop their Macro Security
Level to the low setting. However, this setting cannot be changed for any
users who operate their computer in an enterprise environment where the IT
administrator can disable the changing of this setting by non administrators
of the computer. Furthermore, the low setting is not a recommended setting
for Microsoft Office, so I do not want to recommend that to my customers.
The problem can also be solved as well if the user changes their locale
setting from the problem locale (for example, Norwegian) to another
non-problem locale, such as U.S. English. However, this is not an acceptable
solution to a user who does not speak English as their primary language.
The problem does not seem to be related to non English versions of Microsoft
Windows or non English versions of Microsoft Access. For example, if I use
my development computer, which uses a U.S. English version of Windows XP with
Office 2003, then I can reproduce the problem simply by switching my computer
back and forth between U.S. English and Norwegian (Nynorsk). For example, if
I digitally sign the database file when my own computer is configured with a
locale set to a problem locale, such as Norwegian (Nynorsk), then I can open
the Access 2003 database file on other computers and my own computer with no
error messages as long as the computer is set to Norwegian (Nynorsk).
However, if I then try to open the database file in another locale, such as
U.S. English, then I begin to see the same error message that the users in
other countries see.
It seems to me that my only solution is to distribute versions of the
Microsoft Access 2003 databases that have been digitally signed in each
target locale. Since the distributed Access database files are 30MB in size,
this is not practical to do with a single installation program. It is also
error-prone and time-consuming.
I tried the same process using Access 2007, which is not used by most of my
users at present, and found the problem to be similar: Access 2007 will not
open the Access database signed using a locale dissimilar from the current.
However, Access 2007 does not even give as error message; it simply does not
open the database file after I click on the OK command button in the File
Open dialog.
Has anyone heard of this problem? Is there a workaround?
Thanks!
database files. I digitally sign the VBA project in each file using a
VeriSign Class 3 Code Signing Certificate that is valid until November 1,
2009. I sign the Access database file with my computer’s locale setting set
to U.S. English.
The distributed Access database files can be opened fine on my customer’s
computers in the U.S., English Canada, French Canada, Hong Kong, Macau,
Brazil, the U.K., New Zealand, Australia, Colombia, Iceland, Poland, Germany,
Thailand, and China. These users can open the application with their Macro
Security Level set to Low, Medium, or High. This security level is the
setting that you can change by using the Access 2003 menu command
Tools|Macro|Security.
However, the users in Norway, Denmark, Finland, Croatia, Sweden, and
Slovenia have told me that they see this error message on their computers
when they have their Macro Automation Security Level set to Medium or High:
“Microsoft Office Access cannot open <database name> due to security
restrictions. Security settings restrict access to the file because it is not
digitally signed.†This error message is appearing even though the Access
database file is still signed.
The problem can be solved for these users if they drop their Macro Security
Level to the low setting. However, this setting cannot be changed for any
users who operate their computer in an enterprise environment where the IT
administrator can disable the changing of this setting by non administrators
of the computer. Furthermore, the low setting is not a recommended setting
for Microsoft Office, so I do not want to recommend that to my customers.
The problem can also be solved as well if the user changes their locale
setting from the problem locale (for example, Norwegian) to another
non-problem locale, such as U.S. English. However, this is not an acceptable
solution to a user who does not speak English as their primary language.
The problem does not seem to be related to non English versions of Microsoft
Windows or non English versions of Microsoft Access. For example, if I use
my development computer, which uses a U.S. English version of Windows XP with
Office 2003, then I can reproduce the problem simply by switching my computer
back and forth between U.S. English and Norwegian (Nynorsk). For example, if
I digitally sign the database file when my own computer is configured with a
locale set to a problem locale, such as Norwegian (Nynorsk), then I can open
the Access 2003 database file on other computers and my own computer with no
error messages as long as the computer is set to Norwegian (Nynorsk).
However, if I then try to open the database file in another locale, such as
U.S. English, then I begin to see the same error message that the users in
other countries see.
It seems to me that my only solution is to distribute versions of the
Microsoft Access 2003 databases that have been digitally signed in each
target locale. Since the distributed Access database files are 30MB in size,
this is not practical to do with a single installation program. It is also
error-prone and time-consuming.
I tried the same process using Access 2007, which is not used by most of my
users at present, and found the problem to be similar: Access 2007 will not
open the Access database signed using a locale dissimilar from the current.
However, Access 2007 does not even give as error message; it simply does not
open the database file after I click on the OK command button in the File
Open dialog.
Has anyone heard of this problem? Is there a workaround?
Thanks!