Home |
Search |
Today's Posts |
#1
Posted to microsoft.public.excel.programming
|
|||
|
|||
How to distribute macro signature certificates in a domain?
I sign macros in my office documents and I have my macro security set to high.
How do I roll out the certificate for macro signature verification to all hosts in an AD domain in an automated way so that these signed macros (but only these!) are executed under a "high" security setting without the user having to answer to any dialog box ("Do you trust this signer?")? Thanks, Martin |
#2
Posted to microsoft.public.excel.programming
|
|||
|
|||
How to distribute macro signature certificates in a domain?
Martin,
I would hope that is not possible. But the user would only have to accept your cert once. NickHK "Martin" wrote in message ... I sign macros in my office documents and I have my macro security set to high. How do I roll out the certificate for macro signature verification to all hosts in an AD domain in an automated way so that these signed macros (but only these!) are executed under a "high" security setting without the user having to answer to any dialog box ("Do you trust this signer?")? Thanks, Martin |
#3
Posted to microsoft.public.excel.programming
|
|||
|
|||
How to distribute macro signature certificates in a domain?
Nick,
Thanks for the fast reply. I would hope that is not possible. I don't understand this statement. My situation is the following: I will, as admin, install a software solution on all my users' hosts. This solution contains macros. I want to preapprove macros signed by me, so that the users don't have to make that decision, and, in particular, never get the idea to ever accept macros sgned by anybody else. I can not rely on my users to make the correct decision if they get the "trust" pop-up, thus I want to be able to instruct to always press "no" if they get a "trust" question, not sometimes "yes" and sometimes "no". The installation for the whole solution including macros and certs has to be fully automatic (no human interaction). Any ideas? Thanks, Martin "NickHK" wrote: Martin, I would hope that is not possible. But the user would only have to accept your cert once. NickHK "Martin" wrote in message ... I sign macros in my office documents and I have my macro security set to high. How do I roll out the certificate for macro signature verification to all hosts in an AD domain in an automated way so that these signed macros (but only these!) are executed under a "high" security setting without the user having to answer to any dialog box ("Do you trust this signer?")? Thanks, Martin |
#4
Posted to microsoft.public.excel.programming
|
|||
|
|||
How to distribute macro signature certificates in a domain?
Hi Martin,
In addition to the common deployment, we also need to deploy the trusted publisher registry setting from a machine who already accepted it. Office 2003 HKEY_CURRENT_USER\Software\Microsoft\SystemCertifi cates\TrustedPublisher\Cer tificates You will have to look at the binary blob for clues to pick the right cert if there are more than one registered. NOTE: this is an documented behavior. Best regards, Peter Huang Microsoft Online Partner Support Get Secure! - www.microsoft.com/security This posting is provided "AS IS" with no warranties, and confers no rights. |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
Distribute Excel Macro | Excel Programming | |||
Signature Macro | Excel Programming | |||
How to retrieve domain user name in macro | Excel Programming |