What I do is use selfcert.exe to create a digital signature that can be
applied to the mdb file. Another twist I came across recently was that
for a certain machine I had to run mmc (Microsoft Management Console)
using the Add/Remove Snap-in option to drag and drop the digital
signature into a Trusted Certificates category. So far I have been
able to get rid of all the warnings. Only a few machines have needed
the digital signature fix so I create the digital signature with the
user's name. I haven't had to do this in a more automated way yet. I
hope this helps.
James A. Fortune
James, you have selfcert.exe generated certs to work on PCs other than the one the cert
was generated on? That's not supposed to happen...
The "proper" procedure is to get a cert from a Certificate Authority but the cost/process
may be unreasonable for some applications.
There are work arounds ranging from modifying registry settings (that is considered rude
to do to a customer/client without their approval) to using Automation to start Access and
modify the security settings for the immediate session.
If you search this group on "macro security 2003" you should get lots of info.
--
'---------------
'John Mishefske
'---------------
>
> James, you have selfcert.exe generated certs to work on PCs other than the one the cert
> was generated on? That's not supposed to happen...
I'm sorry for being unclear on this point. I use selfcert.exe on the
target PC. After that, I usually modify the mdb by importing the
changes rather than compacting so that I don't have to create the
Digital Signature again.
> The "proper" procedure is to get a cert from a Certificate Authority but the cost/process
> may be unreasonable for some applications.
I'm not aware of any EULA's being violated by using selfcert.exe. For
a custom app selfcert.exe seems quite "proper." I certainly trust the
author :-). In what situations would a cert from a Certificate
Authority be useful?
> There are work arounds ranging from modifying registry settings (that is considered rude
> to do to a customer/client without their approval) to using Automation to start Access and
> modify the security settings for the immediate session.
I definitely don't want to change any registry settings. With
selfcert.exe I don't have to change the security settings at all.
> If you search this group on "macro security 2003" you should get lots of info.
That's a possibility. I'm more interested in why I had to do the
Trusted Sources for only one particular machine.
James A. Fortune
Ahh.. I see. I haven't tried that...
>
>
>>The "proper" procedure is to get a cert from a Certificate Authority but the cost/process
>>may be unreasonable for some applications.
>
>
> I'm not aware of any EULA's being violated by using selfcert.exe. For
> a custom app selfcert.exe seems quite "proper." I certainly trust the
> author :-). In what situations would a cert from a Certificate
> Authority be useful?
Didn't mean to imply anything nefarious; only that Microsoft would encourage you to follow
a procdure to get a cert. I don't do it since my clients aren't interested in the extra
expense and lack of benefits for our particular market.
>
>>There are work arounds ranging from modifying registry settings (that is considered rude
>>to do to a customer/client without their approval) to using Automation to start Access and
>>modify the security settings for the immediate session.
>
>
> I definitely don't want to change any registry settings. With
> selfcert.exe I don't have to change the security settings at all.
Agreed.
>
>>If you search this group on "macro security 2003" you should get lots of info.
>
>
> That's a possibility. I'm more interested in why I had to do the
> Trusted Sources for only one particular machine.
Not sure about that; perhaps someone reading this has experienced this problem and
identified the cause?