tph1100
asked on
VBA DOMDocment Load Method - Access Denied if not Admin
I am attempting to load an XML document using DOMDocument.load from a VBA program in MS Word. When I do so from an account with Administrators group privileges, all works OK. When I do so from a Users group account, I get Access Denied errorCode -2147024891. How do I load an XML document using the DOMDocument and subsequent MSXML2.IXMLDOMLIST/NODE without Admin privileges? Can domcnfg be used to make the COM object operate at the correct permission level? How? I am very new at VB and XML... please help.... thanks.
try to add permission to the registry keys of "Classes" which contains DOMDocument objects by using "regedt32". when Users groups has the permission to access the keys, it should be worked.
ASKER
Turns out this was not a DOMDocument issue, but rather a .NET/SharePoint permissions issue. I was calling a class that called a function requiring admin permissions. I used impersonation and encrypted uid/pw in a registry key to solve the problem. Here are the steps:
1. Go to: http://support.microsoft.com/default.aspx?scid=kb;en-us;329290 and download the aspnet_setreg.exe package.
2. Unzip the package and please in an appropriate “Tools” folder. This solution may be used by any .NET webService requiring permissions beyond Users.
3. From a command prompt navigate to the directory containing the apsnet_setreg program and enter the following:
• Aspnet_setreg -k:Software -u:DomainName\User_ID -p:PASSORD
4. At this point, a registry key HKEY_LOCAL_MACHINE\SOFTWAR
5. Using regedt32, edit the created key HKEY_LOCAL_MACHINE\SOFTWAR
• Change the name of key, if desired.
• Change the name of the key attribute userName (to uid for example)
• Change the name of the key attribute password (to pwd for example)
6. Edit the web.config file for the webService .Ensure the following 2 lines are present in the web.config (all entries are case sensitive):
<authentication mode=”Windows” />
<identity impersonate=”true” userName=”registry:HKLM\So
1. Go to: http://support.microsoft.com/default.aspx?scid=kb;en-us;329290 and download the aspnet_setreg.exe package.
2. Unzip the package and please in an appropriate “Tools” folder. This solution may be used by any .NET webService requiring permissions beyond Users.
3. From a command prompt navigate to the directory containing the apsnet_setreg program and enter the following:
• Aspnet_setreg -k:Software -u:DomainName\User_ID -p:PASSORD
4. At this point, a registry key HKEY_LOCAL_MACHINE\SOFTWAR
5. Using regedt32, edit the created key HKEY_LOCAL_MACHINE\SOFTWAR
• Change the name of key, if desired.
• Change the name of the key attribute userName (to uid for example)
• Change the name of the key attribute password (to pwd for example)
6. Edit the web.config file for the webService .Ensure the following 2 lines are present in the web.config (all entries are case sensitive):
<authentication mode=”Windows” />
<identity impersonate=”true” userName=”registry:HKLM\So
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.