If it ain’t broke, don’t fix it. That will be a rat’s nest of pain.
Instead, isolate that box/VM to allow only PAW (Privileged Access Workstation) access, the needed services in and out, and set up DUO or other 2FA to protect the box/VM from any unauthorized access.
Essentially, don’t touch something that works just isolate it as there’s no guarantees that the newer version(s) of Office will do what you want or will not break when the automagic updates happen.
Philip Elder MCTS
Senior Technical Architect
Microsoft High Availability MVP
E-mail: Phili...@mpecsinc.ca
Phone: +1 (780) 458-2028
Web: www.mpecsinc.com
Blog: blog.mpecsinc.com
Twitter: Twitter.com/MPECSInc
Skype: MPECSInc.
Please note: Although we may sometimes respond to email, text and phone calls instantly at all hours of the day, our regular business hours are 8:00 AM - 5:00 PM, Monday thru Friday.
From: ntsys...@googlegroups.com <ntsys...@googlegroups.com>
On Behalf Of Lee Wilbur
Sent: Tuesday, August 29, 2023 12:09
To: 'ntsys...@googlegroups.com' <ntsys...@googlegroups.com>
Subject: [ntsysadmin] Office 365 on IIS Server
Greetings folks,
I have an internal server with classic ASP web sites running reports. With several perpetual versions of Office falling out of support in a month, we were hoping to replace Excel on the server (used to allow ASP to generate actual excel files directly) with an Office 365 install (which we have for each of our users). Does anyone know if Office 365 can be used to on the web server and by the ASP code to generate excel files for the staff? My concern centers around the office instance being unable to “log in” to Office 365 to activate when it’s called programmatically.
I should note, I haven’t tried it yet, so maybe it’s a non-issue, but I was hoping someone here might have more direct experience and could confirm this will work or provide an alternative solution…. (Preferrable something more than a basic CSV file as an alternative).
Thanks,
-Lee
Lee Wilbur
A+, MCSA, MCTS, MS-MVP 2006-2018
Multiverse Enterprises Inc
Providing Technical Support for IT Professionals and SMBs
In the Long Island and New York City areas
I’m gonna vote for “non-issue”.
I’ve got several very large PowerShell scripts that call the Office COM+ objects to build Excel spreadsheets and Word documents, and they’ve never caused me a problem.
But in my case, the scripts do run under a single user and I’ve activated Office for that user on the server (once). It’s not clear if that matches your use case.
Thanks.
Regards,
Michael B. Smith
Managing Consultant
Smith Consulting, LLC
From: ntsys...@googlegroups.com <ntsys...@googlegroups.com>
On Behalf Of Lee Wilbur
Sent: Tuesday, August 29, 2023 2:09 PM
To: 'ntsys...@googlegroups.com' <ntsys...@googlegroups.com>
Subject: [ntsysadmin] Office 365 on IIS Server
Greetings folks,
I have an internal server with classic ASP web sites running reports. With several perpetual versions of Office falling out of support in a month, we were hoping to replace Excel on the server (used to allow ASP to generate actual excel files directly) with an Office 365 install (which we have for each of our users). Does anyone know if Office 365 can be used to on the web server and by the ASP code to generate excel files for the staff? My concern centers around the office instance being unable to “log in” to Office 365 to activate when it’s called programmatically.
I should note, I haven’t tried it yet, so maybe it’s a non-issue, but I was hoping someone here might have more direct experience and could confirm this will work or provide an alternative solution…. (Preferrable something more than a basic CSV file as an alternative).
Thanks,
-Lee
Lee Wilbur
A+, MCSA, MCTS, MS-MVP 2006-2018
Multiverse Enterprises Inc
Providing Technical Support for IT Professionals and SMBs
In the Long Island and New York City areas
Fair point... the website will not be migrated any time soon to a more modern web platform and though I'm not specifically aware of any major ASP weaknesses, I can't imagine it's much more secure than Swiss cheese. That said, the idea was to minimize the
threat surface by keeping office, at least, in a supported state.
Generally, given the environment and usage, I would think the threat potential is actually fairly low... but wanted to see the opinions of others.
Thanks for your input!
-Lee
I'm good with basic IIS management, but not necessarily a web server administrator by trade. I thought about the activation thing, but with IIS running under Local System, I wasn't sure I could activate it that way (though maybe psexec -isd could do it). I may just have to play. Though Philip has a point... with Microsoft constantly updating office, using Office 365 could mean what works today won't tomorrow!
-Lee
Using a per user licensed version of Office 365 / Microsoft 365 on a server is asking for issues. Users can only license on up to 5 devices. Managing the devices they are licensed on will quickly cause issues.
You may want to look at device-based licensing for Microsoft 365 Apps for Enterprise or upgrade to the latest volume licensed version.
My experience is things on servers change slowly and the M365 (O365) version changes rapidly. Unless the team running this on the server commits to keeping their processes up to date for each M365 (O365) release, you are better off running a supported volume license release. Even if you are the one keeping things on the servers up to date, do you have the bandwidth to test multiple times a year as each new M365 (O365) release comes out?
My advice is from deploying and supporting Office in a large Enterprise environment for over 20 years. Keep the points of failure as small as possible.
Peter
From: Lee Wilbur
Sent: Tuesday, August 29, 2023 1:08 PM
To: ntsys...@googlegroups.com
--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/54b5e5e8352e4b2e8b8633b33fd39206%40multiverseit.com.