Runtime solution security

[Guest]

Facts for Access 2003 / Office 2003 version:

1. Visual Studio 2005 Tools for the Microsoft Office System (VSTO) to get
the licence to distribute a run-time version of Access including developer
extensions for making setup packages.

2. Macro security for security level (global setting)

Now to the point: how can the solution be done without third party digital
signature for .MDE solution using dynamic queries (new/modifying existing
queries) on code run (VBA) ?

As start up user have to get security level to low before the solutions
flows as designed. This means a lot of explanations, documentation and worst
of all, in the case of high security level, deep diving into the windows
registry with regedit to modify the level value.

How to best avoid these user annoying experiences?

The application is targeted for Small Business sector.
This seems to me the dead end future of access runtime solutions.


Pekka Makkonen

Software Developement Manager

 

[Granny Spitz via AccessMonster.com]

Facts for Access 2003 / Office 2003 version: (snip)
Now to the point: how can the solution be done without third party digital
signature for .MDE solution using dynamic queries (new/modifying existing
queries) on code run (VBA) ? (snip)
How to best avoid these user annoying experiences?

You're targeting the wrong customers. You're targeting the customers who
want the added security of Access 2003 without going through *any* of the
steps to do it. It's best to avoid these customers unless you can either
persuade them to keep their macro security settings on low, or persuade them
to pay for the digital certificate and let them sign the Access 2003 MDE file
you deliver to them and resign it every time the digital signature becomes
invalid.

If you're stuck with these customers buy the Access developer edition for
either 2000 or 2002 and deliver the MDE and runtime 2000 or 2002 for them to
install on their computers. Pass your added cost to these customers.
There's no capabililty for digital signatures on Access 2000 or 2002 files,
but there's no macro security warnings either. Nearly all of these people
will willingly accept this solution (and the added costs) rather than just
leave Access 2003 security on low. Since you're installing the runtime
version on their computers you have more say in *which* version it is than
you may think.

 

[Guest]

You need to set these items in the setup wizard:

Use these values for setting registry keys in the setup wizard.
ROOT: Local Machine
Key: SOFTWARE\Microsoft\Jet\4.0\Engines
Name: SandBoxMode
Value: #2

ROOT: Local Machine
Key: Software\Microsoft\Office\11.0\Access\Security
Name: Level
Value: #1

Reference:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/msi/setup/registry_table.asp

 

[Guest]

Thanks Craig.

This works now on my testbench,

I suppose the user can install other office solutoins or the products without
breaking my installaton.

- Pekka -