Link to home
Create AccountLog in
Avatar of mytfein
mytfein

asked on

Access 2003: macro security

Hi EE,

I used to work with Access 2000.
With Access 2003, when i install an mdb for the first time, a macro security msg would appear.

My way around the error, was to open a blank mdb, go to tools/macro/low and save it to
db1.mdb.

Then, i would open my mdb, and the error msg would not display.

I'm attempting to execute the mdb on a colleague's desk:

She is getting:
     a) the macro warning msg
     b) then a new second msg, SAYING that macro properties cannot be modified bec.
         she is not an administrator

Have you bumped into this, i know that my colleagues are not administrators, yet i was able
to set macro to low on their machine

what should i tell the help desk, should they sign in as an administrator and do the test mdb
exercise that i described above?

pls advise, tx, sandra
Avatar of DatabaseMX (Joe Anderson - Former Microsoft Access MVP)
DatabaseMX (Joe Anderson - Former Microsoft Access MVP)
Flag of United States of America image

Maybe it does require Admin ... in general it's:

Open Access >> Tools>>Macro>>Security >> Set to Low.

mx
Capture1.gif
Personally I think you should live with the security message..
I don't agree with setting the security level to low as this potentially allows harmful files to affect the user's machine.

There is a formal solution for A2003 which is for you to buy a digital certificate and sign your app with that; your user can then approve the certificate and that will be then end of the security messages for this database.
Avatar of mytfein
mytfein

ASKER

Hi Gentlemen,

i have to run to a meeting... tx for writing...

Peter, can you offer any weblinks...

tx, s
"I don't agree with setting the security level to low as this potentially allows harmful files to affect the user's machine."
I think it really depends on the environment you are operating in.  In my case, across 150+ peeps ... there is no reason not to set it to Low.  Digital certs would be out of the question.

mx
Avatar of mytfein

ASKER

Hi guys,

whati is a digital cert, and why could it be out of the question?

tx, s
" Digital certs would be out of the question. ... For me (sorry)

Certs are discussed here:

http://office.microsoft.com/en-us/office-2003-resource-kit/macro-security-levels-in-office-2003-HA001140307.aspx

See "Digitally signing a macro"


mx
Avatar of mytfein

ASKER

tx mx!
Simply using a certificate won't get rid of the warning either. You must ensure that you have installed the correct version of Jet (SP level 8, in most cases) and that you have enabled "sandbox" mode, and that you've signed the vba with a commercial certificate.

I agree that setting the macro security to Low is not the best choice, but as mx said, if you have a very tightly controlled environment you could consider it.
Avatar of mytfein

ASKER

Hi LSM,

tx for writing,

    i have gaps in my knowledge.

           a) I generally understood Jet as the tool the Access uses internally
to retrieve data from tables. Is that correct

           b) is Jet installed when Microsoft Office is installed
           c) how can you check the version of Jet
           d) what is sandbox mode

           e) In general, your users are used to seeing the macro security msg and pressing ok
               to get past it

Hi Mx:
          a) so far, have about 15 users. It's a lightly used system. Meaning there are many features
              that are not used on a daily simultaneous basis.

              I know that the standard is to code everything in one mdb.
 
              My brain just handles "bite size"  pieces, so i have about 15 mdbs that are
              executed via a vba shell command off an Access form that serves as a menu.

              I know that if i upgrade to another version of Access, will be more work as to
              having one mdb, however for now, this works for me.

              I put the mdbs on the server and the users execute off of the server.
              That might be unorthodox, too. I used to save the mdbs on the c drive.
              But if someone else signed on, they would get a read-only  msg, i guess bec. windows
              remembers the signon of the person who saved the file to the c drive.

              What i am getting at is, to avoid the issues above, while i do not have an OOP background
              perhaps my learning web based pgming like vb.net would avoid issues described above.

              It's just that Access is quicker to develop apps bec. it's one stop shopping.
              If learn vb.net, then need to learn something like Crystal Reports, both learning curves.

              Anyway, tx for reading , s
>>bite size"  pieces"
er .. byte size :-)

Well, again ... if you 'trust' these users in the sense that they will not be loading on a bunch of 'unknown' dbs (that would never happen here), the I would go with the Low setting.  The only dbs in use by our group are the ones I provide.

However, now that we have/are moving to the O2010, and Win 7 soon, I will be using the Trusted Location paradigm.

mx
   
Avatar of mytfein

ASKER

Hi Mx,

i guess what i'm also asking... and this is going to put you (and me) on the spot

    is if you've got 150 users, wouldnt that indicate that a web based app is the way to go

    how do you install your apps on 150 desktops, or do they execute 1 version off the server

    i do some nice work in Access, yet there are many "layers" that i do not know for ex:

           - certificates
           - what's a dbs (i use mdb's)
              how do you provide it
           - what's a trusted location paradigm
           -  do you have all your work in 1 mdb
                 if not, how are you going to convert/upgrade to O2010
           - why are your users upgrading OS and OFFICE

if you need new posts on the above, pls advise, tx, s
ASKER CERTIFIED SOLUTION
Avatar of DatabaseMX (Joe Anderson - Former Microsoft Access MVP)
DatabaseMX (Joe Anderson - Former Microsoft Access MVP)
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of mytfein

ASKER

tx so much mx!

s
cool.  Could you Accept an answer then and close the question :-)

mx
Avatar of mytfein

ASKER


tx for reminding me :)

tx again for your help, s