mlunsford
asked on
Need to sign and deploy an Access 2007 database *with* an installation wizard.
I have developed a database application in Access 2007 for a client. The client needs to be able to distribute this application in an install package to end users (paying customers) who may or may not have Access 2007 installed. I've been using the Package Solution Wizard and it suits my needs fine, except for one issue. We can't have the Access security alerts pop-up every time the user starts the application.
A signed certificate seemed the obvious solution; however, the ability to sign and distribute code in Access 2007 seems very limited (quite surprising to me). I tried the "Package and Sign", but that just seems to create signed self-extracting zip file, which is entirely insufficient for my needs, and even when I click "Always trust this publisher", I still get the security alerts when running the extracted database.
It seems that I probably have no choice but to ditch the Package Solution Wizard entirely and use a third-party installation wizard. I have limited experience with Inno Setup, but I've only done pretty plain-vanilla install scripts with it.
I need a packaging and distribution option that will allow the following:
Thanks.
A signed certificate seemed the obvious solution; however, the ability to sign and distribute code in Access 2007 seems very limited (quite surprising to me). I tried the "Package and Sign", but that just seems to create signed self-extracting zip file, which is entirely insufficient for my needs, and even when I click "Always trust this publisher", I still get the security alerts when running the extracted database.
It seems that I probably have no choice but to ditch the Package Solution Wizard entirely and use a third-party installation wizard. I have limited experience with Inno Setup, but I've only done pretty plain-vanilla install scripts with it.
I need a packaging and distribution option that will allow the following:
Sign the application files so that when a user clicks "always trust", they are never prompted again when they start the application.
Set a desktop icon and start menu short cut.
Distribute multiple files in the package.
Easy to use installation wizard.
Include a EULA that must be agreed to, to install the application.
Thanks.
Last Comment
I've been using the Package Solution Wizard and it suits my needs fine, except for one issue. We can't have the Access security alerts pop-up every time the user starts the application.
Sounds like you are not having the P&D wizard create the trusted locations registry keys.
With Access 2007/2010 you do not need to sign the code. The new security model is to create a trusted location.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Sounds like you are not having the P&D wizard create the trusted locations registry keys.
Can you tell me how to do this?
ASKER
I just downloaded the SageKey 14 day trial to test it out. I created an installer; however, when I try to run the installer it created on my Win7 VM, i get an error that it can't register a DLL.
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Thanks for the link. Is the registry modification considered a recommended practice? Having a program trust itself seems a little odd.
Glad the link was helpful.
If someone makes the choice to install a program are they not trusting it already?
Yes, the registry modification is considered a recommended practice. Did you happen to read Sagekey's page?
This is on Sagekey's Page: http://www.sagekey.com/installation_access.aspx
If someone makes the choice to install a program are they not trusting it already?
Yes, the registry modification is considered a recommended practice. Did you happen to read Sagekey's page?
This is on Sagekey's Page: http://www.sagekey.com/installation_access.aspx
No digital signature
No macro security warnings and no need for a digital certificate. Your application will always be trusted so no annoying pop-ups.
ASKER
I was able to test his out last night. My app is installing to %localappdata%, so when I set the trusted locations via the registry key, I used that path variable; however, when it set the registry key, it actually set the location to "%localappdata" instead of resolving it. Is there a way to set an OS-independent path key via the installer or will I have to set the trusted location the first time it runs via VBA?
ASKER
Any thought on setting a relative path in the installer or whether it has to be done through VBA?
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
TheHiTechCoach:
Yes, I'm logged in as admin when installing. I didn't realize that %localappdata% was new to Vista, I will most likely switch to %appdata% in that case, but I don't think that was causing my problem.
I'm using the Access Package Solution Wizard (the limitations of this tool are quickly becoming quite apparent to me). I've been using very simple Inno Setup scripts for updates to the main application (they simply install a new front end) and I'm strongly considering switching to it for initial installation, as well, but that will take some time to create and test the script (I appreciate the link to your script and the Inno Setup GUI tool, I'm looking over those) and the client is extremely anxious to get a product out the door.
What I attempted that didn't work was setting the path via the "Additional Registry Keys" section in Package Solution Wizard. Here are the values I was using and the result I got:
Root: Current user
Key: Software\Microsoft\Office\
Name: path
Value: %localappdata%\[App Name]\
What I got was a trusted location of "%localappdata%\[App Name]\" instead of the expanded version of %localappdata%. This is on a Win7 machine. What I'm trying as an intermediate solution is using WshShell to test the value of the key path and if it doesn't match the application path, I change it. This is clearly a sub-optimal solution for many reasons (not least of which is it creates an additional reference), but if I can't get another solution that I can setup and test today (tomorrow at the latest), this is my current "get it out the door" solution.
Yes, I'm logged in as admin when installing. I didn't realize that %localappdata% was new to Vista, I will most likely switch to %appdata% in that case, but I don't think that was causing my problem.
I'm using the Access Package Solution Wizard (the limitations of this tool are quickly becoming quite apparent to me). I've been using very simple Inno Setup scripts for updates to the main application (they simply install a new front end) and I'm strongly considering switching to it for initial installation, as well, but that will take some time to create and test the script (I appreciate the link to your script and the Inno Setup GUI tool, I'm looking over those) and the client is extremely anxious to get a product out the door.
What I attempted that didn't work was setting the path via the "Additional Registry Keys" section in Package Solution Wizard. Here are the values I was using and the result I got:
Root: Current user
Key: Software\Microsoft\Office\
Name: path
Value: %localappdata%\[App Name]\
What I got was a trusted location of "%localappdata%\[App Name]\" instead of the expanded version of %localappdata%. This is on a Win7 machine. What I'm trying as an intermediate solution is using WshShell to test the value of the key path and if it doesn't match the application path, I change it. This is clearly a sub-optimal solution for many reasons (not least of which is it creates an additional reference), but if I can't get another solution that I can setup and test today (tomorrow at the latest), this is my current "get it out the door" solution.
ASKER
I finally confirmed that the VBA code I'm using is actually setting the correct trusted location. I would still like to be able to have the key correctly set during installation, but that looks like it's going to take Inno Setup or another installer and I'll ask another question if I need help with that.
Unfortunately, it seems that adding the correct Tl was not my only problem (client is still getting the Microsoft Access Security Notice saying it can't determine if the content is trustworthy, etc) so I asked a new question here: https://www.experts-exchange.com/questions/26834025/Microsoft-Access-Security-Notice.html
Unfortunately, it seems that adding the correct Tl was not my only problem (client is still getting the Microsoft Access Security Notice saying it can't determine if the content is trustworthy, etc) so I asked a new question here: https://www.experts-exchange.com/questions/26834025/Microsoft-Access-Security-Notice.html
Microsoft Access
Microsoft Access is a rapid application development (RAD) relational database tool. Access can be used for both desktop and web-based applications, and uses VBA (Visual Basic for Applications) as its coding language.
226K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
Kelvin