Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

avoiding the need to set Macro security level to Low

1 view
Skip to first unread message

Paul

unread,
Jun 3, 2009, 8:42:51 PM6/3/09
to
I have built an application in Access 2003 that will be shared by multiple
users. However, I have noticed that in order for the application to run,
the users must set their Macro security level to Low (Tools - Macro -
Security - Low).

Is there anything I can do to my application, which of course contains VBA
code, to run while enabling the users to keep the macro security level set
to Medium?

Thanks in advance,

Paul


Tom van Stiphout

unread,
Jun 6, 2009, 11:52:56 PM6/6/09
to
On Wed, 3 Jun 2009 17:42:51 -0700, "Paul" <Begon...@forever.com>
wrote:

Not true. If users keep their security level at Medium they will be
prompted to allow the app to run, and if saying yes it will run as
normal.

You can also digitally sign the app and avoid this issue. That's an
advanced topic.

Or you can upgrade to A2007 (remember: it has a free runtime) and work
with Trusted Locations.

-Tom.
Microsoft Access MVP

Paul

unread,
Jun 7, 2009, 8:48:03 AM6/7/09
to
Tom,

Of course you're right - I should have said that in order for the
application to run without requiring the user to click Yes at a security
prompt, they have to set their Macro security level to Low.

I don't want to present them with that prompt every they open the
application, and upgrading our organization to A2007 is not a minor
undertaking. It also seems that getting digital signatures is costly, so I
guess I'll just have the users set their Macro Security to Low.

Thanks for the information.

Paul

"Tom van Stiphout" <tom7744...@cox.net> wrote in message
news:79em25hmv6c0ftki3...@4ax.com...

Tom van Stiphout

unread,
Jun 7, 2009, 7:16:09 PM6/7/09
to
On Sun, 7 Jun 2009 05:48:03 -0700, "Paul" <beg...@spam.com> wrote:

On digital signatures: they are not costly if you use selfcert.exe.
For in-house applications that may be appropriate. The cost will be in
your ramp-up time figuring out how to do it. I am not aware of a good
step-by-step for signing applications, but you may want to google (or
bing) for it.

-Tom.
Microsoft Access MVP

Armen Stein

unread,
Jun 9, 2009, 1:52:01 AM6/9/09
to
On Sun, 07 Jun 2009 16:16:09 -0700, Tom van Stiphout
<tom7744...@cox.net> wrote:

>On digital signatures: they are not costly if you use selfcert.exe.
>For in-house applications that may be appropriate. The cost will be in
>your ramp-up time figuring out how to do it. I am not aware of a good
>step-by-step for signing applications, but you may want to google (or
>bing) for it.

Hey Tom,

On a slight tangent - have you had any experience with the act of
programmatically changing a querydef causing the cert to break?

We haven't used certs in our shop so I haven't had a chance to try it,
but at one point I heard from someone on the Access team that since
modifying SQL in a query could make it "unsafe", it broke the cert. We
do that all the time in our apps (especially those with passthrough
queries) so I was much less inclined to bother with certs. But I've
always been curious if that was true.

Armen Stein
Microsoft Access MVP
www.JStreetTech.com

Tom van Stiphout

unread,
Jun 9, 2009, 11:33:34 PM6/9/09
to
On Mon, 08 Jun 2009 22:52:01 -0700, Armen Stein
<Armen...@R3m00v3Th1s.gmail.com> wrote:

It's been many years ago that I tried this the last time. We don't
actually rewrite the sql statement of a querydef all that often. Since
you apparently do, can you answer your own question :-)

-Tom.
Microsoft Access MVP

Paul

unread,
Jun 11, 2009, 5:26:33 PM6/11/09
to
Thanks for the suggestion, Tom. I'll try it out.

Paul


Armen Stein

unread,
Jun 15, 2009, 10:46:42 PM6/15/09
to
On Tue, 09 Jun 2009 20:33:34 -0700, Tom van Stiphout
<tom7744...@cox.net> wrote:

>Since
>you apparently do, can you answer your own question :-)

Sure, I can when I find the time. I was hoping someone had already
tried it. :)

rexgolden

unread,
Aug 23, 2009, 2:39:47 PM8/23/09
to

"Paul" <Begon...@forever.com> wrote in message
news:%23az4k1K...@TK2MSFTNGP03.phx.gbl...

Paul Shapiro

unread,
Aug 24, 2009, 8:54:21 AM8/24/09
to
You can digitally sign the application with a certificate the user computers
will trust, or you can install the front end mdb to a trusted location
(don't remember for sure if this is supported in Access 2003- it's
definitely part of 2007). You can buy a code-signing certificate from Thawte
or any other certification authority accepted by Windows. I think price is
about $250/year.

"rexgolden" <rex.e....@gmail.com> wrote in message
news:Oma$cECJKH...@TK2MSFTNGP04.phx.gbl...

Banana

unread,
Sep 4, 2009, 6:02:10 PM9/4/09
to Paul Shapiro
FWIW, if it's going to be an in-house application, it's hard to justify
paying $250 per a year when one can just self-signed certificate using
either selfcert.exe or makecert.exe which are included in the Office
installation and have the end users computer set up to trust the
self-signed certificate.

For a public-facing application, OTOH, self-signed certificate wouldn't
be appropriate.

0 new messages