[THIN] Re: Excel 2007 file Encryption with Mandatory Profiles

• From: "Rick Mack" <ulrich.mack@xxxxxxxxx>
• To: thin@xxxxxxxxxxxxx
• Date: Thu, 17 Apr 2008 20:44:48 +1000

Hi Andy,

Excel "ought" to be trying to save the private key certificate under
%appdata%\microsoft\crypto\%usersid%.

But in the normal course of events, encryption shouldn't be working at all
because if the o.s. detects that you've got a mandatory profile, you're
stuck. Check out http://support.microsoft.com/kb/940790 if you're
interested.

The fact that you've got it working for other office apps makes me suspect
that you're either using Flex profiles with the value ENABLE_CERTIFICATES=1
set and permissions to "HKLM\Software\Microsoft\Windows
NT\Currentversion\Profilelist" set to the special permission "set value" for
"Authenticated Users" on this key or you're using a third party profile
management product that is certificate aware.

All the office apps use the same encryption/certificate mechanism and the
error you're seeing is almost always due to a certificate save problem or
permissions on the profilelist key.

Are you positive that ecryption only fails for excel and that all other
office apps support encryption properly on the same server?

regards,

Rick

Ulrich Mack
Quest Software
Provison Networks Division

On Wed, Apr 16, 2008 at 9:32 PM, Andy Friar <Andy.Friar@xxxxxxxxxxx> wrote:

>  Wondering if anyone's come across this before?
>
>
>
> I have a user that's running mandatory profiles and group policies to
> redirect My Documents to fileserver.
>
> From within Excel 2007 they would create a document, then prepare ->
> encrypt and then save or save as the document.
>
> As soon as they clicked on save it would try to save to the local
> Temporary Internet Files\Content.MSO\*** location and fail.
>
> Doing the exact same in any other office application saves to the correct
> location without error.
>
> Latest office hotfixes do not resolve the issue.
>
>
>
> Switching the user back to a local or roaming profile fixes the issue, so
> it's only down to excel within a mandatory / hybrid.
>
>
>
> Anyone able to replicate?
>
>
>
> Thanks
>
>
>
> Andy
>
>
>
>
>
>
>

• Follow-Ups:
  • [THIN] Re: Excel 2007 file Encryption with Mandatory Profiles
    • From: Andy Friar

• References:
  • [THIN] Excel 2007 file Encryption with Mandatory Profiles
    • From: Andy Friar

Other related posts:

• » [THIN] Excel 2007 file Encryption with Mandatory Profiles
• » [THIN] Re: Excel 2007 file Encryption with Mandatory Profiles
• » [THIN] Re: Excel 2007 file Encryption with Mandatory Profiles

1. Home
2. thin
3. Archive
4. 04-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---