Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
DiscussionsAccessExcelInfoPathOutlookPowerPointPublisherWord
DirectoryUser Groups
Related Topics
Outlook ExpressInternet ExplorerWindowsMS Server ProductsMore Topics ...
MS Office Forum / Excel / Setup / August 2007

Tip: Looking for answers? Try searching our database.

Data Connection Security in Excel 2007

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Jason - 24 Aug 2007 20:07 GMT
I'm having an issue with a spreadsheet we've created in Excel 2007.  The
spreadsheet is configured to grab some data from a SQL server on our
LAN.  The problem is, you're hit with a security dialog that states
"Security Warning:  Data Connections have been disabled."  When I add
the location of the file to my Trusted Locations, the dialog goes away.

Here's what we would like to do.  We'd like to be able to sign the
document with a certificate and set all of our client PCs to trust this
certificate via GPO.  The idea here is that any user can open a signed
document from anywhere, whether it be off Sharepoint, a network share, a
local copy, or whatever, and have the document automagically work
without having to answer any dialog prompts.  Idiot-proof active
content, in other words.  =)

I've tried signing a test spreadsheet with a certificate and adding the
same certificate to my Trusted Publishers container, but I'm still hit
with a security warning when opening the file.  Does anyone know of a
way to take care of this?

On a side note, I know you can resolve this by setting up Excel
Services, but we don't want to have to worry about where our users are
opening spreadsheets from.  Any insight is appreciated.  Thanks!
Reply to this Message
Emily Lin [MSFT] - 27 Aug 2007 02:42 GMT
Hi Jason,

I notice that you have posted the same question in this Excel Setup
newsgroup, which I have already responded. So please check my answer there
and if you need any further assistance on this particular issue, please
reply to me in that thread so I can follow up with you in time. Also,
please don't cross-post the same question so that our engineers can work on
your question efficiently. Your understanding and cooperation is
appreciated.

For your convenience, I have included my reply as follows:
************************
The files signed by trusted publishers will be trusted. It is same as that
the files are in the trusted location. Check if the certification is set
properly.
======================
1.     Click Start, click Run, type certmgr.msc , and then click OK.
2.     Expand Trusted Publishers, and then click Certificates.
3.     Double-click a certificate, and then click the Certification Path tab.
Make sure that the information "This certificate is OK" is in the dialog
box.
4.     Repeat step 3 for each certificate in this container.

If the issue persists, check the option below to see if it works.
=================
1. In Excel 2007, click Office Button > Excel Options > Trust Center tab >
click on Trust Center Settings > External Content tab.
2. Choose "Enable automatic update for all Workbook Links (not
recommended)". Click OK, OK.

What is the result?
************************

If anything is unclear or if you have any other concerns, please don't
hesitate to contact me.

Regards,

Emily Lin

Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| Date: Fri, 24 Aug 2007 14:07:22 -0500
| From: Jason <jerdmann83@newsgroup.nospam>
[quoted text clipped - 34 lines]
| Services, but we don't want to have to worry about where our users are
| opening spreadsheets from.  Any insight is appreciated.  Thanks!
Reply to this Message
Jason - 27 Aug 2007 19:34 GMT
Thanks for the reply.

I have verified that the document is signed by a trusted publisher, the
certification path is correct, and that the publisher shows up in
"Trusted Publishers" in the Excel trust center.  When the spreadsheet is
opened, it STILL says "Data Connections have been disabled."

When I choose "Enable automatic update...", the data connection works
fine.  However, remember that our goal here is to create a "trusted"
spreadsheet that a user can open from anywhere and have it work
properly.  We do NOT want to designate a specific location for trusted
content.  We also want to keep Excel's default security options in place
for all other documents opened.

Any other ideas?  Thanks.

> Hi Jason,
>
[quoted text clipped - 83 lines]
> | Services, but we don't want to have to worry about where our users are
> | opening spreadsheets from.  Any insight is appreciated.  Thanks!
Reply to this Message
Emily Lin [MSFT] - 28 Aug 2007 10:55 GMT
Hi Jason,

Have you run 'certmgr.msc' to make sure that 'the certificate is OK'?

Sign the document with another certificate. Set to trust this certificate.
Try to open the document again. What is the result?

Would you please send the signed Excel file to me so that I can test the
issue? My email address is v-emilyl@microsoft.com.

If anything is unclear or if you have any other concerns, please don't
hesitate to contact me.

Regards,

Emily Lin

Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| Date: Mon, 27 Aug 2007 13:34:53 -0500
| From: Jason <jerdmann83@newsgroup.nospam>
[quoted text clipped - 3 lines]
| Subject: Re: Data Connection Security in Excel 2007
| References: <#9MKBIo5HHA.5268@TK2MSFTNGP02.phx.gbl>
<KBM48tE6HHA.4200@TK2MSFTNGHUB02.phx.gbl>
| In-Reply-To: <KBM48tE6HHA.4200@TK2MSFTNGHUB02.phx.gbl>
| Content-Type: text/plain; charset=ISO-8859-1; format=flowed
[quoted text clipped - 110 lines]
| > | Services, but we don't want to have to worry about where our users are
| > | opening spreadsheets from.  Any insight is appreciated.  Thanks!
Reply to this Message
Jason - 28 Aug 2007 15:42 GMT
Yes, I've run certmgr.msc and verified that both the cert and the cert
authority are OK.  I've also tried using another cert, trusting it, and
re-opening the document, but the same thing occurs.

I've used this same cert to sign a macro, and when I re-open the
document, the macro automatically runs without prompting, so I know that
the cert is working and the trust is set up properly.

As far as I can tell, the only way Excel will automatically make an
external data connection is if the document is opened from a trusted
location.  At this point, we're just going to configure a share on our
network for "trusted" content and group policy our users to trust this
location.  Once we upgrade to SharePoint 2007, we'll have a better
solution in place.

Thanks for your help!

> Hi Jason,
>
[quoted text clipped - 161 lines]
> are
> | > | opening spreadsheets from.  Any insight is appreciated.  Thanks!
Reply to this Message
Emily Lin [MSFT] - 29 Aug 2007 04:04 GMT
Hi Jason,

I understand that you have signed the Excel file with the certificate
properly. However, Excel will make an external data connection only if the
document is opened from a trusted location instead of from a trusted
publisher.

You will put the Excel file to a network share and configure users to trust
this network share. Thus, all the users who can access the network share
can open the Excel file properly.

I feel sorry that I didn't provide any helpful information to fix such an
issue. Thanks for your sharing about your issue troubleshooting process and
the temp workaround.

Have a nice day!

Emily Lin,
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
======================================================
When responding to posts, please "Reply to Group" via your newsreader
so that others may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
======================================================

--------------------
| Date: Tue, 28 Aug 2007 09:42:57 -0500
| From: Jason <jerdmann83@newsgroup.nospam>
[quoted text clipped - 3 lines]
| Subject: Re: Data Connection Security in Excel 2007
| References: <#9MKBIo5HHA.5268@TK2MSFTNGP02.phx.gbl>
<KBM48tE6HHA.4200@TK2MSFTNGHUB02.phx.gbl>
<uYbY2jN6HHA.5844@TK2MSFTNGP02.phx.gbl>
<c013KmV6HHA.5204@TK2MSFTNGHUB02.phx.gbl>
| In-Reply-To: <c013KmV6HHA.5204@TK2MSFTNGHUB02.phx.gbl>
| Content-Type: text/plain; charset=ISO-8859-1; format=flowed
[quoted text clipped - 189 lines]
| > are
| > | > | opening spreadsheets from.  Any insight is appreciated.  Thanks!
Reply to this Message

 Rate this thread:






 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.