"elmurado" <elmur***@discussions.microsoft.com> wrote in message
news:75B83F94-E642-4B8C-8BEB-E1C4C06E0238@microsoft.com...
> Hi, we just rolled out Office 2003 across domain using GPO and using CIW
> to
> make a transform that changed reg keys for unsafe expressions so that our
> existing database would work.
>
> However, I have one user whose upgrade went fine-however, he is having
> problems accessing certain parts of the database-specifically certain
> queries
> and reports.
> Funny thing is, if I login as domain admin on his machine it works fine
> but
> when I login as him it doesn't work.
> Now I thought that the two reg keys for the JET 4.0\engine SandBoxMode and
> the MSACCESS security level applied to everyone on the machine.
>
> However, when I compare his HKCU\Software\microsoft\ to mine(which works)
> I
> see that he has a Jet4.0 subkey whereas I don't. Is that right? Even if I
> change this to most permissive however, it still doesn't work. Could it be
> a
> registry setting that is causing this?
>
> Thanks

"Graham Mandeno" wrote:

> The HKCU registry hive *is* user specific (the "CU" stands for
> "CurrentUser").  It's HKLM ("LocalMachine") that is common to all users.
>
> Now, the macro security level is the one that is usually in HKCU and is
> therefore user-specific.  SandBoxMode is usually in the HKLM hive.
>
> You say he has a key: HKCU\Software\Microsoft\Jet\4.0\Engines?  This is
> unusual, but there may be some user settings there for some reason.  Does it
> have a SandBoxMode value at that key?  If so, I suggest you delete it.
>
> Then, open Access and go to Tools>Macro>Security and set the security level
> to medium, save it, then set it back to low and say you do not want to block
> unsafe expressions.
> --
> Good Luck!
>
> Graham Mandeno [Access MVP]
> Auckland, New Zealand
>
> "elmurado" <elmur***@discussions.microsoft.com> wrote in message
> news:75B83F94-E642-4B8C-8BEB-E1C4C06E0238@microsoft.com...
> > Hi, we just rolled out Office 2003 across domain using GPO and using CIW
> > to
> > make a transform that changed reg keys for unsafe expressions so that our
> > existing database would work.
> >
> > However, I have one user whose upgrade went fine-however, he is having
> > problems accessing certain parts of the database-specifically certain
> > queries
> > and reports.
> > Funny thing is, if I login as domain admin on his machine it works fine
> > but
> > when I login as him it doesn't work.
> > Now I thought that the two reg keys for the JET 4.0\engine SandBoxMode and
> > the MSACCESS security level applied to everyone on the machine.
> >
> > However, when I compare his HKCU\Software\microsoft\ to mine(which works)
> > I
> > see that he has a Jet4.0 subkey whereas I don't. Is that right? Even if I
> > change this to most permissive however, it still doesn't work. Could it be
> > a
> > registry setting that is causing this?
> >
> > Thanks
>
>
>

"elmurado" wrote:

> Thanks Graham, i've tried the deleting of the SandBoxMode key in
> HKCU\Software\MS\Jet\engines and then tried opening the dbase again.
> Now what happens is that  there are no prompts or warnings but the
> particular queries in question will not run. So that made me think that
> something else is causing the problem. If i elevate him to admin level they
> still don't run. That's what's got me stumped and made me wonder if there is
> another deeper setting...or is something else broken?
> I know that HKCU applies to the user and HKLM is right across the board-but
> does one override the other?
>
> "Graham Mandeno" wrote:
>
> > The HKCU registry hive *is* user specific (the "CU" stands for
> > "CurrentUser").  It's HKLM ("LocalMachine") that is common to all users.
> >
> > Now, the macro security level is the one that is usually in HKCU and is
> > therefore user-specific.  SandBoxMode is usually in the HKLM hive.
> >
> > You say he has a key: HKCU\Software\Microsoft\Jet\4.0\Engines?  This is
> > unusual, but there may be some user settings there for some reason.  Does it
> > have a SandBoxMode value at that key?  If so, I suggest you delete it.
> >
> > Then, open Access and go to Tools>Macro>Security and set the security level
> > to medium, save it, then set it back to low and say you do not want to block
> > unsafe expressions.
> > --
> > Good Luck!
> >
> > Graham Mandeno [Access MVP]
> > Auckland, New Zealand
> >
> > "elmurado" <elmur***@discussions.microsoft.com> wrote in message
> > news:75B83F94-E642-4B8C-8BEB-E1C4C06E0238@microsoft.com...
> > > Hi, we just rolled out Office 2003 across domain using GPO and using CIW
> > > to
> > > make a transform that changed reg keys for unsafe expressions so that our
> > > existing database would work.
> > >
> > > However, I have one user whose upgrade went fine-however, he is having
> > > problems accessing certain parts of the database-specifically certain
> > > queries
> > > and reports.
> > > Funny thing is, if I login as domain admin on his machine it works fine
> > > but
> > > when I login as him it doesn't work.
> > > Now I thought that the two reg keys for the JET 4.0\engine SandBoxMode and
> > > the MSACCESS security level applied to everyone on the machine.
> > >
> > > However, when I compare his HKCU\Software\microsoft\ to mine(which works)
> > > I
> > > see that he has a Jet4.0 subkey whereas I don't. Is that right? Even if I
> > > change this to most permissive however, it still doesn't work. Could it be
> > > a
> > > registry setting that is causing this?
> > >
> > > Thanks
> >
> >
> >

"elmurado" <elmur***@discussions.microsoft.com> wrote in message
news:ED0DEB94-D8B4-48D8-87AC-6C13FA1EFD6D@microsoft.com...
> Okay-here's the weird thing and I'm not sure if this has anything to do
> with
> the security settings now-if I remote desktop to the machine in question
> as
> the user, the query works and the correct fields come up etc but when i am
> sitting at the machine and trying it the correct query doesn't work. how
> strange is that?
> What is meant to happen is that when a button is pressed in the queries
> section a dialog box pops up for a parammeter to be entered. This box
> doesn't
> pop up when the user does this on their machine but when i do it via rdp
> it
> works. I can't see how a box shows on rdp but not on the machine itself.
> Weird.
>
> "elmurado" wrote:
>
>> Thanks Graham, i've tried the deleting of the SandBoxMode key in
>> HKCU\Software\MS\Jet\engines and then tried opening the dbase again.
>> Now what happens is that  there are no prompts or warnings but the
>> particular queries in question will not run. So that made me think that
>> something else is causing the problem. If i elevate him to admin level
>> they
>> still don't run. That's what's got me stumped and made me wonder if there
>> is
>> another deeper setting...or is something else broken?
>> I know that HKCU applies to the user and HKLM is right across the
>> board-but
>> does one override the other?
>>
>> "Graham Mandeno" wrote:
>>
>> > The HKCU registry hive *is* user specific (the "CU" stands for
>> > "CurrentUser").  It's HKLM ("LocalMachine") that is common to all
>> > users.
>> >
>> > Now, the macro security level is the one that is usually in HKCU and is
>> > therefore user-specific.  SandBoxMode is usually in the HKLM hive.
>> >
>> > You say he has a key: HKCU\Software\Microsoft\Jet\4.0\Engines?  This is
>> > unusual, but there may be some user settings there for some reason.
>> > Does it
>> > have a SandBoxMode value at that key?  If so, I suggest you delete it.
>> >
>> > Then, open Access and go to Tools>Macro>Security and set the security
>> > level
>> > to medium, save it, then set it back to low and say you do not want to
>> > block
>> > unsafe expressions.
>> > --
>> > Good Luck!
>> >
>> > Graham Mandeno [Access MVP]
>> > Auckland, New Zealand
>> >
>> > "elmurado" <elmur***@discussions.microsoft.com> wrote in message
>> > news:75B83F94-E642-4B8C-8BEB-E1C4C06E0238@microsoft.com...
>> > > Hi, we just rolled out Office 2003 across domain using GPO and using
>> > > CIW
>> > > to
>> > > make a transform that changed reg keys for unsafe expressions so that
>> > > our
>> > > existing database would work.
>> > >
>> > > However, I have one user whose upgrade went fine-however, he is
>> > > having
>> > > problems accessing certain parts of the database-specifically certain
>> > > queries
>> > > and reports.
>> > > Funny thing is, if I login as domain admin on his machine it works
>> > > fine
>> > > but
>> > > when I login as him it doesn't work.
>> > > Now I thought that the two reg keys for the JET 4.0\engine
>> > > SandBoxMode and
>> > > the MSACCESS security level applied to everyone on the machine.
>> > >
>> > > However, when I compare his HKCU\Software\microsoft\ to mine(which
>> > > works)
>> > > I
>> > > see that he has a Jet4.0 subkey whereas I don't. Is that right? Even
>> > > if I
>> > > change this to most permissive however, it still doesn't work. Could
>> > > it be
>> > > a
>> > > registry setting that is causing this?
>> > >
>> > > Thanks
>> >
>> >
>> >

"Graham Mandeno" wrote:

> That is *very* weird!  AFAIK, if you RDP into a machine as a particular
> user, it is exactly the same as being logged on directly - you would get the
> same registry settings and everything.
>
> As to your question about HKCU overriding HKLM, it would depend entirely on
> the application.  AFAIK there is no facility in the registry API to
> automatically return the value from HKCU if it exists, otherwise go look for
> it in HKLM.  The program developer would need to deliberately code it that
> way.
>
> Can you please post the code under your command button's Click event?  We
> may be able to see some workaround.
>
> Also, is the parameter box the standard query parameter box (shouldn't be
> affected by SandBoxMode) or is it something else your code is calling?
>
> Most SandBoxMode issues are very easy to program around.
> --
> Good Luck!
>
> Graham Mandeno [Access MVP]
> Auckland, New Zealand
>
> "elmurado" <elmur***@discussions.microsoft.com> wrote in message
> news:ED0DEB94-D8B4-48D8-87AC-6C13FA1EFD6D@microsoft.com...
> > Okay-here's the weird thing and I'm not sure if this has anything to do
> > with
> > the security settings now-if I remote desktop to the machine in question
> > as
> > the user, the query works and the correct fields come up etc but when i am
> > sitting at the machine and trying it the correct query doesn't work. how
> > strange is that?
> > What is meant to happen is that when a button is pressed in the queries
> > section a dialog box pops up for a parammeter to be entered. This box
> > doesn't
> > pop up when the user does this on their machine but when i do it via rdp
> > it
> > works. I can't see how a box shows on rdp but not on the machine itself.
> > Weird.
> >
> > "elmurado" wrote:
> >
> >> Thanks Graham, i've tried the deleting of the SandBoxMode key in
> >> HKCU\Software\MS\Jet\engines and then tried opening the dbase again.
> >> Now what happens is that  there are no prompts or warnings but the
> >> particular queries in question will not run. So that made me think that
> >> something else is causing the problem. If i elevate him to admin level
> >> they
> >> still don't run. That's what's got me stumped and made me wonder if there
> >> is
> >> another deeper setting...or is something else broken?
> >> I know that HKCU applies to the user and HKLM is right across the
> >> board-but
> >> does one override the other?
> >>
> >> "Graham Mandeno" wrote:
> >>
> >> > The HKCU registry hive *is* user specific (the "CU" stands for
> >> > "CurrentUser").  It's HKLM ("LocalMachine") that is common to all
> >> > users.
> >> >
> >> > Now, the macro security level is the one that is usually in HKCU and is
> >> > therefore user-specific.  SandBoxMode is usually in the HKLM hive.
> >> >
> >> > You say he has a key: HKCU\Software\Microsoft\Jet\4.0\Engines?  This is
> >> > unusual, but there may be some user settings there for some reason.
> >> > Does it
> >> > have a SandBoxMode value at that key?  If so, I suggest you delete it.
> >> >
> >> > Then, open Access and go to Tools>Macro>Security and set the security
> >> > level
> >> > to medium, save it, then set it back to low and say you do not want to
> >> > block
> >> > unsafe expressions.
> >> > --
> >> > Good Luck!
> >> >
> >> > Graham Mandeno [Access MVP]
> >> > Auckland, New Zealand
> >> >
> >> > "elmurado" <elmur***@discussions.microsoft.com> wrote in message
> >> > news:75B83F94-E642-4B8C-8BEB-E1C4C06E0238@microsoft.com...
> >> > > Hi, we just rolled out Office 2003 across domain using GPO and using
> >> > > CIW
> >> > > to
> >> > > make a transform that changed reg keys for unsafe expressions so that
> >> > > our
> >> > > existing database would work.
> >> > >
> >> > > However, I have one user whose upgrade went fine-however, he is
> >> > > having
> >> > > problems accessing certain parts of the database-specifically certain
> >> > > queries
> >> > > and reports.
> >> > > Funny thing is, if I login as domain admin on his machine it works
> >> > > fine
> >> > > but
> >> > > when I login as him it doesn't work.
> >> > > Now I thought that the two reg keys for the JET 4.0\engine
> >> > > SandBoxMode and
> >> > > the MSACCESS security level applied to everyone on the machine.
> >> > >
> >> > > However, when I compare his HKCU\Software\microsoft\ to mine(which
> >> > > works)
> >> > > I
> >> > > see that he has a Jet4.0 subkey whereas I don't. Is that right? Even
> >> > > if I
> >> > > change this to most permissive however, it still doesn't work. Could
> >> > > it be
> >> > > a
> >> > > registry setting that is causing this?
> >> > >
> >> > > Thanks
> >> >
> >> >
> >> >
>
>
>