?
Solved

Can 'trusted locations' be set via automation?

Posted on 2011-09-27
23
Medium Priority
?
590 Views
Last Modified: 2012-05-12
We will soon be using the Access2007 runtime to run database applications on Citrix.  

Each user will have a front end copy of each database on their 'M:\apps' folder.  The Access run time will be installed on the citrix server.

In testing this, I see of no ('easy') way of setting this as a trusted location, short of a registry hack that I have seen in other posts.

Is anyone using automation to set a trusted network location for access databases? If so, how please?

Can it be done with 'group policy' or via a login script? (other ideas I have read, but don't fully understand.)

Lastly:  The citrix server is currently running a full version of Office 2000, including Access 2000.  It will soon be updated to Microsoft Office 2010 Standard.  Until then Access 2000 will be on there, but  is it ok to install the Access2007 runtime and have it co-habitate with Access 2000 so I can really test using the run time?  Or will that cause conflicts, (having both...) etc...


Thanks
0
Comment
Question by:snyperj
  • 8
  • 7
  • 4
  • +2
23 Comments
 
LVL 85
ID: 36710013
There is no UI convention in the Runtime to set Trusted Locations. You'd have to do so via code (i.e. your registry hack).

< is it ok to install the Access2007 runtime and have it co-habitate with Access 2000 so I can really test using the run time?  Or will that cause conflicts, (having both...) etc...>

2007/2010 do NOT play well with earlier versions, and that includes the Runtime versions. Unless those running Access 2000 need design-time functionality, then remove Access 2000 from those machines, or at the very least make it difficult for the users to get there (i.e. remove shortcuts, etc etc, rename the msaccess.exe executable for the 2000 version, etc). Then install the 2007 Runtime and associate it with all known Access extensions (this should be done automatically during install).

0
 
LVL 75
ID: 36710724
snyperj:
Did you see the posts I made and the answer Nick came up with in your Q from yesterday - at the bottom ?

http://www.experts-exchange.com/Microsoft/Development/MS_Access/Q_27326491.html?cid=1135#a36600039

mx
0
 
LVL 26

Expert Comment

by:Nick67
ID: 36711103
You have an IT department.
One way to get apps to run without hassle is reghacking the Trust Center.
Another is to have the app digitally signed.
There is Group Policy, which can push out settings, too.
http://technet.microsoft.com/en-us/library/cc179039.aspx

You cannot use VBA to push the Trust Center locations because what use would the trust center be against viruses then?
It should be possible to create a .reg file that will get merged to the registry of the RDP box when the user logs on as part of a login script.
There are lots of options.
None of them are dead simple.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 85
ID: 36711685
You can also just use the standard Registry API to do this:

http://support.microsoft.com/kb/145679

I've used code similar to this for quite some time to manipulate registry settings from within VB/VBA applications, and it works on every platform I've tested. Basically you just check for the existence of the reg keys when starting the app, and create them if they do not exist (probably be wise to inform the user that they'll have to restart their app in order for the reg modifications to work correctly).

And be very careful working with the registry. Slipups here can cause a lot of trouble, and even cause the machine to be non-bootable.

0
 

Author Comment

by:snyperj
ID: 36711733
"Did you see the posts I made and the answer Nick came up with in your Q from yesterday - at the bottom ?"

No, I manually check in on all of my posts because, despite several calls to our "IT Department",  ee generated emails do not clear our spam folder- so I never see them.  Once I get my answer and award the points I never check the post again... but I just read it now.  Thanks.

"You have an IT Department"
Yes, but they are not overly flexible and see Access db's as old technology in a web enabled world and don't want to even have conversations about them- much less research for solutions related to issues with them.

So I try to do all the research myself so that I can then go in and say, "this is all you have to do, blah, blah, blah... put this in everyones login script"  or  "put this in group policy", etc.  

Monumental waste of time for me (because I don't understand a lot of it)  but if I don't do it ...nothing will happen.

So I ask questions here, follow links, read, compile, try to learn. Then fake it the best I can.

and sometimes it works.



0
 
LVL 26

Expert Comment

by:Nick67
ID: 36711821
<ee generated emails do not clear our spam folder- so I never see them>
You can try replying to noreply@experts-exchange.com
Most spam software whitelists anything you send mail to.
<Once I get my answer and award the points I never check the post again>
LMAO
ROFL
(not at you)
You should go back and check you Avoiding Nulls question to see what became of it
<grin>
<wide grin at @mx>
0
 
LVL 75
ID: 36711827
IT .... yep ... I GET it :-)

mx
0
 

Author Comment

by:snyperj
ID: 36712005

"You should go back and check you Avoiding Nulls question to see what became of it"

wow. makes me feel sorry I even asked.

I did inquire as to what was behind the ' no nulls' directive.  Still no answer back- so probably nothing behind it.
0
 
LVL 26

Expert Comment

by:Nick67
ID: 36712033
<wow. makes me feel sorry I even asked.>
It was...diverting, even if it did get a little out of hand.
And it was a good discussion of null and normalizing with lots of good links to useful resources.

I think anybody else coming across it would find it...enlightening
<grin>
0
 
LVL 58
ID: 36716742
<<I think anybody else coming across it would find it...enlightening>>

 Well your on the record now; not sure if I tweeted it or posted it to Linked In or both, but I remember posting it somewhere.  Quite interesting.

Jim.
0
 
LVL 26

Expert Comment

by:Nick67
ID: 36717819
@JDettman
<Well your on the record now; not sure if I tweeted it or posted it to Linked In or both, but I remember posting it somewhere.  Quite interesting.>

?

Nick67
0
 
LVL 75
ID: 36717988
Guess we are all on record then!

mx
0
 
LVL 58
ID: 36718207
<<@JDettman
<Well your on the record now; not sure if I tweeted it or posted it to Linked In or both, but I remember posting it somewhere.  Quite interesting.>

?>>

  You may or may not have noticed it, but there is a new share bar at the bottom of each question:

 Screen shot 1
 There is also the abilty to share a single comment:

 screen shot 2

 These are then published on the social media sites you select with a logged in view so non EE members can see them.

  This is even more incentive to get an Expert Discussion going, but I think I have some even better ideas for that, which I'm developing.

Jim.
0
 
LVL 26

Expert Comment

by:Nick67
ID: 36718247
<Quite interesting.>
Hopefully that was a good thing.
0
 
LVL 26

Accepted Solution

by:
Nick67 earned 2000 total points
ID: 36897503
Looks like it is a simple as
regedit.exe /s trust.reg
being added to the login script, where trust.reg is the file attched, edited for your own requirements and placed in the netlogon share
http://support.microsoft.com/kb/310516
trust.reg
0
 
LVL 75
ID: 36897519
Sweet. Is that set to include Subfolders.  
Also need "Allow Trusted Locations on my Network" - for one of the two entries I have to make.

0
 
LVL 26

Expert Comment

by:Nick67
ID: 36897572
Set everything on a machine with the full install.  Do a find for the key noted in the file in the registry and then export the whole key.
0
 
LVL 75
ID: 36897590
Yeah ... I just found the key on my A2010 system.  I see what's happening now.

I'm gonna create a small Access mdb with just the code that will auto run the script when it loads, then close (with appropriate error trapping of course).  I will then add to my Database Loader - and each user can run it one time - prior to me finally 'activating' A2010 on each users system. All users now have O2010 and Access is there, just not set to 'Run From Computer'. So, I just need to go to Add/Remove programs >>O2010>> and change that setting, and A2010 will replace A2003.  IT did a GREAT job setting this all up a while back earlier this year.

I owe you :-)

thx.mx
0
 
LVL 75
ID: 36897596
0
 

Author Comment

by:snyperj
ID: 36912843
This looks great, but I am a little confused on the screen shots.  

Is it showing three subfolder locations (Location0,Location1,Location2) because you have three different folders to trust?  

In my case, I need it to trust the users network folder which is going to be M:\Apps and then all subfolders off of that.

The actual share would be:

\\SERVER1\USERNAME$\Apps

but it maps to M:\Apps
0
 
LVL 75
ID: 36912931
"Is it showing three subfolder locations (Location0,Location1,Location2) because you have three different folders to trust?   "

Yes. Exactly.

"Is it showing three subfolder locations (Location0,Location1,Location2) because you have three different folders to trust?   "
The first screenshot shows that fact that the "Allow Trusted Locations on my network .." setting is True.

mx
0
 

Author Closing Comment

by:snyperj
ID: 36913281
Thank you for this Nick and particularly like the KB link.  Very helpful.   Thanks MX for your contribution to this discussion. As always, very helpful.
0
 
LVL 26

Expert Comment

by:Nick67
ID: 36913864
@snyperj
Did you get your anti-spam issue sorted out so you get notifications through?
ANother way around that would be to create a hotmail account just for EE and have it forward everything to work email.

Nick67
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you need a simple but flexible process for maintaining an audit trail of who created, edited, or deleted data from a table, or multiple tables, and you can do all of your work from within a form, this simple Audit Log will work for you.
Microsoft Access has a limit of 255 columns in a single table; SQL Server allows tables with over 255 columns, but reading that data is not necessarily simple.  The final solution for this task involved creating a custom text parser and then reading…
In Microsoft Access, learn how to “cascade” or have the displayed data of one combo control depend upon what’s entered in another. Base the dependent combo on a query for its row source: Add a reference to the first combo on the form as criteria i…
In Microsoft Access, when working with VBA, learn some techniques for writing readable and easily maintained code.
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question