I'm in the process of changing the way I distribute the FE of a database to many users. Rather than having them download it every time it's updated, I have created a command script to copy the latest version every time they run it. They only need to copy a shortcut to that script onto their desktop.
However, to avoid the security warnings, the FE needs to be in a trusted location. Can I avoid having to visit every client machine to set up such a location (the only one already set up on each client is ACCWIZ, to which I do not have write access) ?
BeeJayEff, the issue is, only a trusted (privileged) account can make a trusted location without some gyrations behind the scenes. If all your users were privileged, they could do this themselves without assistance. If they can't do this, then the app that they are running (which is running under their own credentials) can't do it either. And I'll bet they don't have the Run As permission that would let them run as SYSTEM.
I put my frontends in a Database subfolder inside the user's AppData Roaming folder. It is accessible using an Environment variable
Code:
%Appdata%
No need to enlist anyone's help to distribute it. The user automatically has the required permissions while other users don't, plus it is hidden by default.
Like Pat & Galaxiom, I also install my front ends to a set location. In my case, I use a subfolder of C:\Programs\MendipDataSystems.
All my apps are packaged as EXE files using installer software and downloaded by clients from my website.
The installer includes script to set trusted locations in the registry (together with other application info) similar to this:
The program admin then copies the front end folder & files to an update folder on the network
After this, the network staff are involved just once.
Their role is to run a script to install the front end folder/files, desktop shortcut & run the registry script on the workstation of each authorised user.
This happens automatically at next Windows login
The latest update for each app is placed in a designated network folder.
When users click the desktop shortcut it runs a small starter utility (splash form) which checks for a newer version on the network.
If their version is up to date, the utility opens the app then closes automatically. Otherwise, the newer files are first downloaded.
If newer files exist, the download process typically only takes a second or two as API calls are used.
The starter utility can even update itself if a newer version exists.
I distribute digitally signed mde front ends so the security is embedded in the file and can actually be run from anywhere without adjusting settings.
Domain Group Policy controls which users are allowed to run Office documents with signed or unsigned code. It exactly works the same as signing the code in other Office documents.
Of course Group Policy can also distribute the Trust settings for accde. Being on a domain makes management a lot easier.