Hi Larry
Class modules attached...
They are part of a very large library, so there may be a few dependencies
on
other functions but any resolution should be fairly straightforward.
--
Good Luck
Graham Mandeno [Access MVP]
Auckland, New Zealand
Thanks again for your reply. Yes, if you wouldn't mind please post the
class
module and I'll experiment with this. I went into the registry and
found
the
entries for some Trusted Locations I did manually via the Wizard, so I
get
the general idea. I need to see now whether I can find a way to run
the
necessary code within our installers, which are pretty rudimentary, not
slick
off-the-shelf install wizards.
(If it's very long and you prefer to EMail it, fine with me,
(e-mail address removed))
:
Hi Larry
[Sorry for the slow response - I don't frequent this newsgroup much]
Basically anyone can define a location as trusted - as you know,
clearly,
from your comment about "talk 300+ users through finding each
folder..."
The trusted location is set up by creating a registry key at the
location:
HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Access\Security\Trusted
Locations
(that line probably wrapped, but it's all one registry key path)
The name of the key can be anything, so it might as well be the name
of
the
app.
The values under the key are:
- Path : the fill path to the trusted location
- AllowSubfolders : 1 to trust any subfolders of Path
- Description : anything you like (optional)
- Date : haven't figured out the use for this (optional)
The code that Arvin posted will create such a key. The problem is
that
to
put it in the database which you want to trust is a sort of a
Catch-22,
because in order to execute the code, you first have to create the
trusted
location.
Because of this, the code is rather useless, unless you are creating
trusted
locations for other databases.
What I do is create this registry key in my install script. Any
install
script worth its salt (I use Inno Setup) can create registry keys as
part
of
the installation.
--
Good Luck
Graham Mandeno [Access MVP]
Auckland, New Zealand
Trying to get away with one response to so far three very helpful
responses.
Among other things, our company security setup rejects EMails with
.mdb
files
attached, which solves one concern. Of course they can still sneak
by
renamed as .mdbx or whatever, but that would require a gullible
co-conspirator on the inside.
Beyond that, Graham, help me understand: your code, when properly
written
and with the class module, sets up a trusted location for any DB its
contained in? I.e., "wherever I'm located, trust me from now on"?
In
effect
preempting the security alert?
:
Hi Arvin
I can't remember where I posted this, but if it's to work, it needs
a
class
module called Registry. I can post the source here if the Larry
wants
it,
but it's pretty long.
I'm a bit puzzled by this line:
' Also try: .SetValue hk + 1, "", "Path", Path
That could NEVER work and I'm sure it's not in my code. The
variable
hk
contains the value of a registry key handle and adding 1 to it
would
almost
certainly be an invalid key.
--
Cheers,
Graham
We're just moving into Office/Access 2007 on Windows XP, and are
finding
the
security warnings frustrating. I know about the trusted
location
business,
but don't want to have to talk 300+ users through finding each
folder
where
they have a database and then setting it up as a trusted
location.
Seeking opinions, please: our company has very robust firewalls
and
anti-virus protection; how big a risk would we be running if we
simply
had
users set their Access (and Excel) macro security to the lowest
setting?
As
far as I can tell so far, that pretty much removes all the
warnings.
Most of my clients set their Macro security to Low and no one's
gotten
a
virus yet. There is always a first time though. Access MVP,
Graham
Mandeno
wrote the following code which should build a Trusted Location on
any
machine it's run, so if you can connect remotely, it may be a bit
easier:
Public Function CreateTrustedLocation( _
Key As String, _
Path As String, _
Optional AllowSubfolders As Boolean, _
Optional Description As String, _
Optional Version As Integer = 12) As Boolean
Const cProcName = "CreateTrustedLocation"
Dim reg As New Registry, hk As Long
On Error GoTo ProcErr
With reg
hk = .OpenKey(HKEY_CURRENT_USER, _
"Software\Microsoft\Office\" & Version _
& ".0\Access\Security\Trusted Locations\" & Key, True)
.SetValue hk, "", "Path", Path
' Also try: .SetValue hk + 1, "", "Path", Path
.SetValue hk, "", "AllowSubfolders", IIf(AllowSubfolders, 1,
0)
.SetValue hk, "", "Description", Description
.CloseKey hk
End With
CreateTrustedLocation = True
ProcEnd:
On Error Resume Next
If hk <> 0 Then reg.CloseKey hk
Set reg = Nothing
Exit Function
ProcErr:
mb_Error cProcName
Resume ProcEnd
End Function
--
Arvin Meyer, MCP, MVP
http://www.datastrat.com
http://www.mvps.org/access
http://www.accessmvp.com
