Trust Centre (1 Viewer)

aussie

Registered User.
Local time
Today, 15:34
Joined
May 27, 2012
Messages
47
Hi, I have created a database and saved it to c:\Database\filename, using the full access 2007 version. I have made c:\Database a Trusted Centre.

I then copied the database onto my thumb drive (I:\Database\filename) and made this a trusted cenre.

I then added the Runtime version of Microsoft Access onto another computer.

When I try to access the database on the new computer I am unable to open the database, because it won't allow me to run macros.

When I try and open Access on the new computer, it won't open because it needs to associate to a database, so I am unable to set trust centers on the new computer.
Any help out there???:(
 

Pat Hartman

Super Moderator
Staff member
Local time
Today, 01:04
Joined
Feb 19, 2002
Messages
42,981
This is a big hole with the Access runtime. If you don't have the full retail version of Access, there is no way to define trusted locations with Access. That leaves you to modify the registry manually or add code to your application to do it. If you add code to your app, you'll still need to trust it once so it can run the code that modifies the registry.

Call this procedure from the Open event of your startup form. It checks the registry to see if the current folder is already trusted. If it isn't then it is added. I don't remember where I got this code so I can't give thanks to its author.

The code won't solve all your problems because it doesn't trust the BE location which you may also need to do but at least it shows how to create registry keys.

Code:
Option Compare Database
Option Explicit

Public Function AddTrustedLocation()
On Error GoTo err_proc
'WARNING:  THIS CODE MODIFIES THE REGISTRY
'sets registry key for 'trusted location'

  Dim intLocns As Integer
  Dim i As Integer
  Dim intNotUsed As Integer
  Dim strLnKey As String
  Dim reg As Object
  Dim strPath As String
  Dim strTitle As String
  
  strTitle = "Add Trusted Location"
  Set reg = CreateObject("wscript.shell")
  strPath = CurrentProject.Path

  'Specify the registry trusted locations path for the version of Access used
  strLnKey = "HKEY_CURRENT_USER\Software\Microsoft\Office\" & Format(Application.Version, "##,##0.0") & _
             "\Access\Security\Trusted Locations\Location"

On Error GoTo err_proc0
  'find top of range of trusted locations references in registry
  For i = 999 To 0 Step -1
      reg.RegRead strLnKey & i & "\Path"
      GoTo chckRegPths        'Reg.RegRead successful, location exists > check for path in all locations 0 - i.
checknext:
  Next
  MsgBox "Unexpected Error - No Registry Locations found", vbExclamation
  GoTo exit_proc
  
  
chckRegPths:
'Check if Currentdb path already a trusted location
'reg.RegRead fails before intlocns = i then the registry location is unused and
'will be used for new trusted location if path not already in registy

On Error GoTo err_proc1:
  For intLocns = 1 To i
      reg.RegRead strLnKey & intLocns & "\Path"
      'If Path already in registry -> exit
      If InStr(1, reg.RegRead(strLnKey & intLocns & "\Path"), strPath) = 1 Then GoTo exit_proc
NextLocn:
  Next
  
  If intLocns = 999 Then
      MsgBox "Location count exceeded - unable to write trusted location to registry", vbInformation, strTitle
      GoTo exit_proc
  End If
  'if no unused location found then set new location for path
  If intNotUsed = 0 Then intNotUsed = i + 1
  
'Write Trusted Location regstry key to unused location in registry
On Error GoTo err_proc:
  strLnKey = strLnKey & intNotUsed & "\"
  reg.RegWrite strLnKey & "AllowSubfolders", 1, "REG_DWORD"
  reg.RegWrite strLnKey & "Date", Now(), "REG_SZ"
  reg.RegWrite strLnKey & "Description", Application.CurrentProject.Name, "REG_SZ"
  reg.RegWrite strLnKey & "Path", strPath & "\", "REG_SZ"
  
exit_proc:
  Set reg = Nothing
  Exit Function
  
err_proc0:
  Resume checknext
  
err_proc1:
  If intNotUsed = 0 Then intNotUsed = intLocns
  Resume NextLocn

err_proc:
  MsgBox Err.Description, , strTitle
  Resume exit_proc
  
End Function
 

Galaxiom

Super Moderator
Staff member
Local time
Today, 16:04
Joined
Jan 20, 2009
Messages
12,849
A far preferable solution is to digitally sign the code. Then it will work anywhere once the user trusts the author. On a domain the whole process can be made completely transparent by using Group Policy to install the certificate in user's accounts.

However this option is not available for accd* files in 2007 format. Only packages can be signed. I only distribute mde so it is not an issue for me. There is nothing new worth having in the 2007 format anyway.

I understand the ability to sign a database was reintroduced in the accd* formats in Access 2010.
 

Pat Hartman

Super Moderator
Staff member
Local time
Today, 01:04
Joined
Feb 19, 2002
Messages
42,981
Signing the database doesn't work in all situations plus certificates are not free. There is an annual fee attached.

In one of the apps I have that is sold nationwide, I have an archive procedure that creates a new database and transfers data into it. If the directory where the database is created is not trusted, the user gets a prompt for every table as it's created - 28 in this case.
 

Galaxiom

Super Moderator
Staff member
Local time
Today, 16:04
Joined
Jan 20, 2009
Messages
12,849
You can make your own free certificate using certsvr on Windows Servers. Once the public key of this certificate is accepted by the user they will not be asked again about any of your certificates.

I recommend the signature because I see far too many people defeating the whole Trusted Locations setup by setting folders like My Documents as Trusted.

The table creation problem is an issue I have not considered.
 

aussie

Registered User.
Local time
Today, 15:34
Joined
May 27, 2012
Messages
47
Thanks all for your input. Will try out your suggestions
 

Users who are viewing this thread

Top Bottom