Re: Access 2003 Macro Security Modification

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Mike Wachal (mikewa_at_online.microsoft.com)
Date: 02/20/04 

Date: Thu, 19 Feb 2004 16:45:19 -0800

Hi Beth,

I'm sorry to hear that you are strugling with the Automation Security
property. It might help if you copy the code that is failing for you into
the newsgroup so we can take a look at it. If you are trying to use this
property from VBA inside an Office application, you will need to have a
reference to the Office 11 TypeLib.

I've written two pieces of sample code, both are working successfully in my
test environment (WinXP Pro, Office 2003 Pro). Here is my code for
reference.

This is VBA code that I run from within Access to use automation to open a
separate database.

Sub OpenAutomationLow(strPath As String)

    Dim oAcc As Access.Application
    
    Set oAcc = CreateObject("Access.Application.11")
    oAcc.AutomationSecurity = msoAutomationSecurityLow
    oAcc.OpenCurrentDatabase strPath, True
    oAcc.Visible = True
    oAcc.UserControl = True
    
End Sub

I just call:

OpenAutomationLow "D:\Program Files\Microsoft
Office\Office11\Samples\Northwind.mdb"

from the immediate window to test this. Obviously, you'll need to change
the path to a valid one for your computer. It is worth pointing out that
this only works for opening a different database than the one you are in.
This code only changes the security setting for the Access instance that is
being opened through automation, oAcc in this case. This doesn't make any
kind of setting on the database or change a setting permanently in Access.

The second sample code I actually pulled from the following help topic:

http://office.microsoft.com/assistance/preview.aspx?AssetID=HP010397921033
&CTT=98

This code is in VBScript and is a great way to open your development
database on a computer that has High or Medium security. The idea here is
that while it makes sense that any production database on you computer
would be signed, the database your are currently developing might not be.
You can open them by making a shortcut to the script rather than to the
database itself.

Const cDatabaseToOpen = "D:\Program Files\Microsoft
Office\Office11\Samples\Northwind.mdb"

On Error Resume Next
Dim AcApp
Set AcApp = CreateObject("Access.Application")
If AcApp.Version >= 10 Then
        AcApp.AutomationSecurity = 1 ' msoAutomationSecurityLow
End If
AcApp.Visible = True
AcApp.OpenCurrentDatabase cDatabaseToOpen
If AcApp.CurrentProject.FullName <> "" Then
        AcApp.UserControl = True
Else
        AcApp.Quit
        MsgBox "Failed to open '" & cDatabaseToOpen & "'."
End If

Needless to say, a little tweaking and you could make this script more
generalized to take a parameter and thus use the same script to open
different database based on the parameter passed to it.

In my tests, both of these scripts opened Northwind in Access without
showing the Macro Security warning. Northwind otherwise shows me a warning
prompt.

Let me know if these samples don't work for you. 

-- 
Regards,
Mike Wachal
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no rights.
On 19 Feb 2004 09:41:03 -0800, Beth wrote:
> Thanks for the replies.  I did have a reference to the correct
> library, but it didn't work.  I changed to the integer value and still
> didn't work.  So, I did what every good developer does... Rearched
> until I need a new perscription in eyeglasses!   This is what I have
> found so far.  Maybe it will keep someone else from reading till they
> go blind while looking for a resolution!
> 
> Access installs with Security Level default of Medium.  Users are
> prompted when opening an Access database and receive the message "This
> file may not be safe if it contains code that was intended to harm
> your computer.  Do you want to open this file or cancel the
> operation?"  They are then prompted with Cancel, Open or More Info. 
> If they choose Cancel, the app will not open.  To quote Microsoft,
> "This message is a result of new security features that are part of
> Access 2003. For more information on these features, see Migrating to
> Access 2003, on Office Online." Microsoft also publishes the
> following:
> 
> <snip>
> To hide this message, try one of the following:
> • When the preferred security level is High or Medium, make sure you
> work only with files signed by trusted publishers.
> For more information on how to keep the list of trusted publishers
> up-to-date, see the following Access 2003 Help topic: • Modify the
> list of trusted publishers for macros
> • When the security level is set to Low, the warning will not be
> displayed. Setting the security level to Low is not recommended.
> A scenario where you might want to lower the security level is when
> you programmatically open a database. A High or Medium macro security
> setting might interrupt your program execution, if the database is not
> signed by a trusted publisher. You can avoid this interruption by
> turning off macro security in the new instance of Access by setting
> Application.AutomationSecurity = msoAutomationSecurityLow. Lowering
> the security level will suppress the macro security warning. Make sure
> your program sets the level back to the original value as soon as
> possible.
> Warning  Setting the security level to Low is not recommended. You
> should do this only if you are absolutely sure that the database you
> are opening is safe and does not contain malicious code. </snip>
> 
> Any one who is using SP-8 for Jet 4.0 will experience these issues.
> 
> The line of code supplied by MS does not work.  With modifications, it
> could be utilized, however, once the settings have been changed, it is
> my understanding that is it necessary to log out and back in again
> before the settings are recognized.  This would not allow you to
> modify a client's settings and then reset to original settings after
> logging out of the database, thereby leaving them exposed to possible
> malicious code.
> 
> Registry Key modifications would also solve the issue, but then again,
> you would be affecting their security settings for all Access
> databases, not just yours.
> 
> Digital Certs are available from VeriSign, Inc for a cost of $400 and
> would allow applications to be opened without any warning messages
> being received by the client if you aren't able to modify the registry
> key.
> 
> Again, I hope this saves someone else some undo frustration in the
> future!
> 
> Beth

Relevant Pages

  • UK - Safety fears over new register of all children
    ... Senior social workers have given warning of the dangers posed by a new ... The security fears are fuelled further by the admission that information ... The database, which goes live next year, is to contain details of every one ...
    (alt.true-crime)
  • Re: setting a password on a button on the switchboard
    ... Could you send me the sample database for the fourth option (4. ... > Security in an Access database can probably be broken down into two big ... > points about being easier than User Level Security, ... > What type of data are you trying to protect? ...
    (microsoft.public.access.forms)
  • Re: access 2003
    ... security in access 2003. ... The data will go on the server and the program database ... than the alternative of creating an mde file. ... MDW file from the written record. ...
    (microsoft.public.access.conversion)
  • Re: access 2003
    ... security in access 2003. ... The data will go on the server and the program database ... than the alternative of creating an mde file. ... MDW file from the written record. ...
    (microsoft.public.access.conversion)
  • Re: Is this possible??
    ... I understand Windows security but since I've not seen A2007 live, ... The backend is on the server in it's own file. ... database, but everyone does not need to have access to tblwage which is ...
    (microsoft.public.access.tablesdbdesign)