Signing ACCDB or ACCDE and dist with Package Solution Wizard

davida

New member
Local time
Today, 23:09
Joined
Jul 21, 2009
Messages
3
Hello
I am a developer of Access 2007 databases. My users receive a dialog asking them to Open the database (warning them about security). I packaged the database using the Package Solution Wizard in Access 2007.

I have researched accdb, accde, accdc files at Microsoft. I can't post a URL but a search ion these file types bring up the page.

I know I need to install a dig certificate to stop the warning however in 2007 I cannot sign an ACCDB file with a dig cert.

The process is to create an ACCDB or ACCDE and package it with a certificate inside an ACCDC file. I can successfully do this however when the client extracts the ACCDE file the warning box still appears.

The Microsoft Webpage does not explain in enough details and advises that the certificate can be packaged with the Package Solution Wizard, however I can't find this option.

Having to click the open box is very frustrating. A solution on how I can make this box disappear would be wonderful.

SUMMARY: I would like to package an ACCDE file and distribute it with the Package Solution Wizard (I include the RUntime) to non Access users and have them open my database from the shortcut without a security warning.

Thanks again
David
 
Hi,

i had this problem once. i packaged a db with a runtime and i got security errors. i then purchased SageKey msi wizard. it seems to handle the whole security issue along with other issues so im really pleased now :)

didnt get on too well with the Access Development tools, not enough scope...



regs


Nigel
 
Thanks Nigel.
Was this with Access 2003 or 2007? I had 2003 completely sussed, it's only 2007 where things are different that is a problem. regards David
 
Hello
I am a developer of Access 2007 databases. My users receive a dialog asking them to Open the database (warning them about security). I packaged the database using the Package Solution Wizard in Access 2007.

I have researched accdb, accde, accdc files at Microsoft. I can't post a URL but a search ion these file types bring up the page.

I know I need to install a dig certificate to stop the warning however in 2007 I cannot sign an ACCDB file with a dig cert.

The process is to create an ACCDB or ACCDE and package it with a certificate inside an ACCDC file. I can successfully do this however when the client extracts the ACCDE file the warning box still appears.

The Microsoft Webpage does not explain in enough details and advises that the certificate can be packaged with the Package Solution Wizard, however I can't find this option.

Having to click the open box is very frustrating. A solution on how I can make this box disappear would be wonderful.

SUMMARY: I would like to package an ACCDE file and distribute it with the Package Solution Wizard (I include the RUntime) to non Access users and have them open my database from the shortcut without a security warning.

Thanks again
David

David,

With 2003 it is true you needed to to install a dig certificate. AFAIK, in 2007 it has changed to using trusted locations.

I do NOT install a dig certificate with 2007 and do not have any issues if I set the trusted locations properly.

Are you setting a registry key to add the location of the databases to the trusted locations. Note: This will need to be done for each user's profile.
 
Sorry I should have mentioned that. The Package Solution Wizard automatically adds a registry key to trusted Locations. I have checked this and it is there. Thanks for your help.
 
Davida-
You said that you had success with the Packaging Wizard automatically adding a trusted location for the application....??

I have not been able to make that happen....

I've been using accde in the packaging.

Did you need to add the key into the "Additional Registry Keys" section on the third page?

Am not clear on how you resolved this issue.

Any info would help.

Thanks
 
I use a registry key. The reason why you are getting the warning message is because the database is not in a trusted location

This is how I do it:
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Access\Security\Trusted Locations\Location5]
"Path"="C:\\Sandbox\\"

Just put your database path where C:\\Sandbox\\ is. and save that as a .reg file and run it

You can also add that key to the package and have it handled during installation.
 
ok, I'm going to risk sounding really stupid here, but here goes...

I assume you are manually placing this in the end-user's computer registry.... and NOT, as I was inquiring about, adding it to the runtime package and sign - in an effort to have this automatically installed on the end-users computer.

My problem is I am attempting to put together a software package for wide-spread - across the country - distribution. I cannot assume that the end users will have the skill or ability to modify their computer registry. I REALLY need this to somehow be automated in the package and sign.

However, in the package and sign, there is a location to add an additional registry key, but was unsure if this would label the trusted sites, etc.

OR Does placing this registry on MY computer make it a trusted site that will then be inparted into the end-user's computer????


Back at you...
 
I finished my post saying you can handle this automatically with the package you are planning to distribute.

If you look at the 3rd part of the package wizard you'll see you have the option of adding additional files and below that any registry keys you need to add. You put your registry key there.

In short, yes the part of the package wizard that says "Additional Registry Keys" is, well, for registry keys. You would click "Add" to make a new one, select a root, add the key, name and value and it would add that key to every computer the package is run on.
 
Yes, I saw that thanks.

My only issue now is determining what goes in the boxes. Some of my documentation does not match the 2007 version of Runtime, and examples are nonexistant. I hate to keep bugging you, but you seem to know this stuff pretty well.

I have: [HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Access\Security\Trusted Locations\Location1]

Runtime requests information for:
Root
Key
Name
Value

I know Root is Current User, but beyond that, am not sure I grasp it yet. I have attached a screen shot, if you could point me in the right direction, I'd appreciate it.
Thanks again.

screenshot.jpg
 
Hi,

as far as i was led to believe, Vista may prevent registry additions if UAC is turned on as it is a security feature.

NS
 

Users who are viewing this thread

Back
Top Bottom