Can Security Policies stipulate that a given VBA application has permission to run?
Posted on 2006-11-06
This likely falls under the heading of dumb questions but since I'm out of my element with corporate Security Policies and how flexibly they can (or cannot) be administered, I'm hoping someone can provide some insights here.
I've written an Add-in Application for Excel that is almost entirely written in VBA, uses a fair amount of API calls and in one instance uses scripting to communicate with Outlook. I did my first demo last week of the application at a prospective corporate customer and ran into some problems with my installation program throwing handled errors that I hadn't expected to be triggered. As further background, the Installation program was designed to:
a) Simplify the installation process for those users that aren't familiar with the process of installing add-in applications (so I do that in the background via code)
b) In the free Trial version of the program that I was demonstrating, there is also an automatic uninstall after the 30 day trial ends.
Basically the error that got triggered was from code that detects whether or not a user has bypassed my normal installation program and did the install from Excel's Tools | Addins menu (Since using my Install program sets the stage for the automatic uninstall 30 days later, detecting this bypass of the install process is necessary to prevent users from "converting" a free Trial version to an (unpaid) "production" version.
I've tested the install program extensively on standalone PC's and have also been able to install it on a laptop from a Shared Folder on a Desktop and been able to successfully install it and automatically uninstall it 30 days hence in that environment. While I was able to successfully demo the product by using the "production" version, my intent is to make the free trial version available on my web site and am trying to anticipate what corporate IT administrators can do to allow my installation program to run.
A long way to say: can corporate Security Policies stipulate that a given VBA application has permission to run? That is, without opening "holes" in their systems that would allow other (unwanted) code from others to run? If it helps answer the question, I do use Digital Certificates on all the files in my application. Also, if there is any "generic" advice I could offer to corporate IT administrators to accomplish this, I'd be interested in that detail, too.
I appreciate any insights.