[THIN] Re: Excel 2007 file Encryption with Mandatory Profiles
- From: "Andy Friar" <Andy.Friar@xxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Mon, 21 Apr 2008 11:26:27 +0100
Rick,
Interesting article, which has highlighted that infact there are 2
errors here, first as you mentioned the encryption process is not
working as expected, and second was the original error with excel saving
to the incorrect location.
Although you are able to go through the process of encrypting the file,
if you close and reopen the same file within the same session is doesn't
prompt for the password.
They are currently running Appsense Environment Manager so i may have a
little dig into its option to save certificates.
Thanks
Andy
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Rick Mack
Sent: 17 April 2008 11:45
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Excel 2007 file Encryption with Mandatory Profiles
Hi Andy,
Excel "ought" to be trying to save the private key certificate under
%appdata%\microsoft\crypto\%usersid%.
But in the normal course of events, encryption shouldn't be working at
all because if the o.s. detects that you've got a mandatory profile,
you're stuck. Check out http://support.microsoft.com/kb/940790 if you're
interested.
The fact that you've got it working for other office apps makes me
suspect that you're either using Flex profiles with the value
ENABLE_CERTIFICATES=1 set and permissions to
"HKLM\Software\Microsoft\Windows NT\Currentversion\Profilelist" set to
the special permission "set value" for "Authenticated Users" on this key
or you're using a third party profile management product that is
certificate aware.
All the office apps use the same encryption/certificate mechanism and
the error you're seeing is almost always due to a certificate save
problem or permissions on the profilelist key.
Are you positive that ecryption only fails for excel and that all other
office apps support encryption properly on the same server?
regards,
Rick
Ulrich Mack
Quest Software
Provison Networks Division
On Wed, Apr 16, 2008 at 9:32 PM, Andy Friar <Andy.Friar@xxxxxxxxxxx>
wrote:
Wondering if anyone's come across this before?
I have a user that's running mandatory profiles and group policies to
redirect My Documents to fileserver.
From within Excel 2007 they would create a document, then prepare ->
encrypt and then save or save as the document.
As soon as they clicked on save it would try to save to the local
Temporary Internet Files\Content.MSO\*** location and fail.
Doing the exact same in any other office application saves to the
correct location without error.
Latest office hotfixes do not resolve the issue.
Switching the user back to a local or roaming profile fixes the issue,
so it's only down to excel within a mandatory / hybrid.
Anyone able to replicate?
Thanks
Andy
Novus Group
The Old Corn Mill
Congleton Road
Siddington
Macclesfield
Cheshire
SK11 9JR
01260 292 500
http://www.novus.co.uk
The information in this E-Mail is intended for the named recipients only. It
may contain privileged and confidential information.
If you are not the intended recipient you must not copy, distribute or take any
action or place reliance on it.
If you have received this E-Mail in error, please notify the sender immediately
by using the E-Mail address and then delete the message.
The views expressed in this message are personal and not necessarily those of
Novus Networks Ltd. Novus Networks Ltd, Company Registration: GB 3858005.
Other related posts:
