How do you stop this window popping up for tables being imported via DoCmd.TransferSpreadsheet?
I'm importing quite a few tables, so having to click "open" on this pop-up for each one is annoying.
I've tried DoCmd.SetWarnings False but that doesn't seem to work.
I know that it may also be possible to set the folders that contain the files being imported to trusted locations, but unfortunately I don't have permissions on our network to do that at the moment (I also think that would only affect the settings of my version of Access rather than the Access file I'm creating and distributing).
The issue I was having was due to our network security policy. Our IT tech has amended the policy so that I don't get these pop-ups from files I try to import in to Access from a particular folder.
He has given the following instructions should anyone else have the same issue in Access on a network, though I suspect this could be done from other Office programs too:
For a Microsoft Active Directory domain network, add trusted locations
using Group Policy. Creating, linking and security filtering for group
policy objects should be familiar before continuing, also the admx
files for the version of MS Office in use should be loaded in the
central store.
Settings are under:
User configuration/Policies/Administrative
Templates/Microsoft Access /Application
Settings/Security/Trust Center/Trusted Locations
Policy: Allow trusted locations on the network – set to enabled (must
be enabled otherwise any trusted locations on a network share
specified below will be ignored)
Trusted location #1
Set to enabled
Path - can be network path (e.g. \\), if using
mapped drive letter the policy is applied using the network path
anyway, quotes around the path should not be used even with spaces
in the path name
Date - enter a date from which the location should be trusted (e.g.
todays date)
Description - optional – this will show up in Access trust centre
locations list Allow subfolders – tick to include any subfolders
under the above path if needed
Add other locations using Trusted Location #2, #3 etc.
For standalone Access, add the locations directly into Trust Centre
locations dialogue using the Add New Location button. If the locations
are in a shared folder on the network, make sure the box: Allow
trusted locations on my network (not recommended) is ticked otherwise
any network locations will be ignored.
You need to create a Digital Certificate that determines that the source is trusted. I wrote a doc for my company, I'll copy/paste it here but it's going to lose the screenshots I provided.
In order to get around this issue, you will need to create a Digital Certificate. Digital
Certificates are good only on the computer they are created on, so if this database will be used
on multiple computers then each one will have to create a Digital Certificate.
To do this, you will need to perform the following tasks:
1) Click on Start -> All Programs -> Microsoft Office -> Microsoft Office Tools ->
Digital Certificate For VBA Projects (If you don’t have this, you will need to contact the CSC)
2) Enter a Certificate Name. Make it generic like “MyCertName” and Click OK
3) Open your Access database that you want to bypass the security warning
4) Go into the Design View of any Module
5) Click on Tools -> Digital Signature
6) Choose your Digital Certificate you created in Step 2
7) Save and close the database
8) Re-Open the database. You will now be prompted with a different Security Warning:
9) Check off the “Always trust files from this publisher…” box and click the Open button
10) All subsequent times you enter this database, you will not be prompted with a security warning.
The CSC, in Step 1, is our internal help desk. In our case, it requires specific priviledges that they need to assign in order to be able to do this.
The open file security warming has NOTHING to do with Access.
The open file security warning has NOTHING to do with trusted locations.
The open file security warning has NOTHING to do with you having some security certificate.
When you download a file (or perhaps copy from a USB drive), then windows 7 will toss up a security prompt. This occurs for ANY type of file from Word to PDF to whatever.
If you just have one file, then the common solution is to right click on the file and then properties.
You then choose UNBLOCK.
The dialog looks like this:
So you can open up that folder, and select all (ctrl-A) and then again choose the un-block.
You can also consider a registry edit, but then again that likely not a good security setting.
Related
I am looking for a way to upload files to One Drive using SSIS. I've researched and there are some third party tools like CozyRoc, KingswaySoft which provide one drive connection manager. Anyone out there who already have experience doing this? If so please share!
I found a much easier way to do this without the need of any third party software. Download one drive to your local machine and then login.
You can upload, download, delete files.To map the One Drive for Business cloud drive on Windows follow the below steps
Map network location in File Explorer (My Computer)
a. Open File Explorer (or My Computer in older Windows) and select This PC on the left side tree.
b. Click on Add Network Location button in the ribbon (or right click on empty space in File Explorer and select Add Network Location).
Map network location in File Explorer here
c. Click Next on Add Network Wizard window
d. Click to select Choose custom network location and click Next
e. Copy the URL from the address box and add Documents in the end like below example
https://<your Office365 tenant name>-my.sharepoint.com/personal/<yourrname>_company_com/Documents
Add Network Wizard window
f. Enter a name for your network location and click Next and Finish to complete the wizard.
network location name
g. You will find the mapped network location in My PC section.
Mapped Network location
Use File System Task to upload, create, delete etc.. And you're done.
Our SSIS Productivity Pack offers OneDrive Destination component which supports Create/Update/Delete data from your OneDrive. You can download the toolkit and give it a try, if you run into any problems, please feel free to let us know. We are more than happy to help!
We have an SSRS 2012 report we have used URL access in order to automatically save to CSV upon running. This works fine, However, now I am told they want to force the report to save to a specific folder location for security reasons (they don't want it being saved to desktop) instead of allowing the user to save wherever. Is there a way to at the very least force a default location using URL access? Assuming this cannot be accomplished purely through the URL any suggestions for an alternative method?
You can find all of the applicable URL parameter commands here in the MS documentation.
That being said, there is no reference to the save location for the export render command that you are using to generate the CSV files. This makes sense because when a website serves a file to download to a browser, the location that the file is saved is actually a browser setting (IE instructions to change location)
I see two possible options:
Utilize a GPO to target the specific users and modify their registries to set the default download location (note that this affects everything they download). An example of this tutorial can be found here.
Use a Windows File Share subscription. If you view the report properties and click 'Subscribe', you can setup a file share delivery on a scheduled interval and export as a csv. Note that this is a schedule delivery though and obviously won't work if you users need to ad-hoc run the report on their timing.
Issue:
A Dashboard (created in SAP Dashboards) has URL Buttons set up with OpenDocument URLs as links.
When this ‘landing page dashboard’ is opened from the BI Launchpad (whether it’s saved as your default/home page or accessed directly from the platform file structure)… it requires additional authentication to follow an OpenDocument URL. Regardless of file type, Webi documents, or other dashboard files.
Not all users experience this issue, but at least ½ do. Need to understand the difference in behavior and the root cause of it to advise fix.
Referencing OpenDocument user session documentation, there are workarounds with tokens and serialized sessions, but what other settings come into play to explain that only half of the users are impacted and prompted when using native functionality from launchpad?
One possible reason for this behavior is that the domain of the BO server as displayed in the address bar of the browser is different from the domain in the openDocument link.
For example, after logging in to BI launch pad, the browser displays the following in the address bar:
http://bi4server.company.com/BOE/BI
but the openDocument link is:
http://bi4server/BOE/OpenDocument/opendoc.....
In this case, the domain is different so the original session isn't recognized. If this is the case, the easiest solution is to remove the protocol and domain values from the URL, so that it begins with:
/BOE/OpenDocument/opendoc.....
Is there a way to get sandboxed, user-selected directory access on any major file service without first getting read level access to their entire filesystem?
There's a lot of talk about "unhosted" static webapps that allow users to access their data from a 3rd party file service (Google Drive, Dropbox, their own server, etc.). The most notable effort I've found so far is remoteStorage.io, but there doesn't seem to be a way with any major provider to let the user select a directory and then use that as a sandbox without breaking their trust (i.e. getting read access to all their files first).
From the user's perspective, the webapp shouldn't have access to anything else on the remote file storage except the one folder the user grants it access to (for example, I might grant a text editor access to my FunnyJokes folder).
The current work around seems to be having the webapp force a specific folder name ahead of time ("this app wants access to /appname_notes"), but that rules out letting the user point it to where they may already have their notes.
Does anyone know of a nice way to do this with Google Drive, Dropbox, or the like?
The user experience that makes the most sense to me is something like...
User opens an unhosted webapp (for example, a basic text editor TextyApp). They click a button to connect with their data.
3rd party auth page appears (for example, Google Drive) and it says "The app TextyApp has requested read/write access to your files. Please select a directory to use."
Confirmation screen: "Grant read/write access to folder FunnyJokes for TextyApp?"
The page redirects back to the webapp with sandboxed accessed to the user-specified folder and the files within it.
This seems like how remote file storage should work, but I haven't found a way to do it yet. Any thoughts/suggestions would be great!
Cheers,
Adam
Edit: To clarify, I'm not talking about storing hidden "application data", but instead letting the user specify a particular directory to sandbox for use with a webapp that they may not want to give broader access to.
The Dropbox Apps API provides the ability to restrict any app using your API key to a single directory of your Dropbox account. So users could create an API key with access to a specific directory and then plug that into your app. However, that's not a user-friendly workflow.
I think the Dropbox Drop-Ins Chooser/Saver API might be close to what you want. The user is presented with a Dropbox file selection popup, and your app only gets access to the specific file(s) that the user selects.
With remoteStorage, sandboxed directory access is currently the default way for apps to request (and users to grant) access to the storage. However, users cannot manually select or enter custom directories during the connect phase.
I have already researched the following existing SO questions and the links that they reference:
User '' does not have required permissions, SSRS 2008 on Windows 8
Reporting Services permissions on SQL Server R2 SSRS
SQL Server Reporting Service - Service Manager Error - User Does not have required permission
I've taken the steps already outlined by these suggested solutions, but even after all that and also logging out and back in, nothing has changed. In fact my user name was already listed as a System Administrator before I started any of this.
One of the solutions (http://thecodeattic.wordpress.com/category/ssrs/) also mentions a "Folder Settings" area where you can specify roles for a user - "Content Manager," "Publisher," "Browser," "Report Builder," and "My Reports" - but I don't see a way to navigate to this section anywhere.
Any ideas? Thanks!
SSRS has 2 security/role sections available in the web GUI: Folder Settings and Site Settings. The navigation path to get to each is kind of weird.
For Folder Settings, login to the report server (/Reports by default). In SSRS 2012, there's a button in the top toolbar called 'Folder Settings'. I believe the link is the same in 2008, but it's been a while since we migrated.
Adding user permissions here allows the named users to run reports. Here you should add your own user account, plus the account used to run reports. In my case (web app), this is my IIS Application Pool identity (IIS AppPool\DefaultAppPool).
Site Settings controls who can login to the Report server and access more report metadata. You'll see the 2 roles are System Administrator and System User, so these are all really trusted users. Beyond giving yourself admin, you'll only need to grant permissions to user accounts that do "adminy things", like deploying reports. In my case I've got a local user account that my web application impersonates in order to deploy or delete reports. Users (ReportViewer) don't need this access.
I suspect all you're missing is the Folder Settings (e.g. "permission to run reports") settings, which are accessible from the first page when you login to the report server.
If you don't see that link, try the direct URL:
http://MYREPORTSERVER.COM/Reports/Pages/Folder.aspx?ItemPath=%2f&SelectedTabId=PropertiesTab
(Tested on 2012 only)
It is important to run your browser (IE) "As Administrator".
Another important bit is to go to http://localhost/reports, not http://SERVERNAME/reports !
Than click that "Folder Settings" link. Than follow instructions in that postings above.
I ran into the same pickle myself with the SSRS 2014 user access settings.
In my situation I have a folder for each of the company's departments - which are a lot!!
After some digging (well, digging and actually giving/revoking myself the user rights) I realised that:
1) I have to add each user in the root HOME Folder Settings (just with "browser" role)
2) Doing this will grant that user access to every report in every folder!! What the hell's with that, MicroSoft?!?
3) I have to edit each of the folders for which that user SHOULDN'T have permissions and remove each of these users manually so that, that particular user(s) will eventually have rights just for the one folder(aka dept) they belong to.
Has someone found a better/faster way of achieving this w/o all the extra, huge, painfull, frustrating manual work of removing an user from all the other folders, except the only one that user should only have access in?
If I add an user just to that folder - w/o adding it in the the HOME folder security - then that user will get the same error message as in the OP's description.
And I think I remember, back in the days of SSRS 2005, a SSRS ReportManager admin user was able to edit/modify this so called profiles. I couldn't find that anywhere in SSRS 2014 Report Manager
One trick is to run internet explorer 11 in administrator mode.
Then you can add your windows user.
Also, accessing the URLs in an InPrivate IE tab will raise the permission error.
This worked for me to add my domain account to the local instance:
Create a local admin user within Computer Management
Download and Launch Edge-Chrome as an administrator (https://www.microsoftedgeinsider.com/en-us/)
Ensure you're browsing as a guest by clicking the profile pic to the right of the address bar
Launch the reports site e.g. http://yourpc/reports
Click on the cog in the top right of the web page, select "site settings"
Click "Security" on the left menu and add the user account to Administrator
Reboot for luck
This may work in another browser, but haven't tried it.
EDIT: You'll need to add the domain user to the default folders too.