MS Word and VB Webservices
-
Good day all, I currently have a VB Webservice that opens, edits and saves an MS Word 2003 document via impersonation (my code is below, for those searching for impersonation techniques). Everything works fine, what I would like to know is if there is a better way of manipulating an MS Word 2003 document without using impersonation? Due to security reasons, I am hoping to find a better way of approaching this. I would highly appreciate it if you could help me out on this (if it is even possible!) Thanks a lot Rossouw de Bruin Code:
' Values used by the LogonUser function's logonType parameter Public Enum LogonType LOGON32_LOGON_INTERACTIVE = 2 LOGON32_LOGON_NETWORK = 3 LOGON32_LOGON_BATCH = 4 LOGON32_LOGON_SERVICE = 5 LOGON32_LOGON_UNLOCK = 7 LOGON32_LOGON_NETWORK_CLEARTEXT = 8 LOGON32_LOGON_NEW_CREDENTIALS = 9 End Enum ' Values used by the LogonUser function's logonProvider parameter Public Enum LogonProvider LOGON32_PROVIDER_DEFAULT = 0 LOGON32_PROVIDER_WINNT35 = 1 LOGON32_PROVIDER_WINNT40 = 2 LOGON32_PROVIDER_WINNT50 = 3 End Enum Declare Function LogonUser Lib "advapi32.dll" Alias "LogonUserA" ( _ ByVal username As String, _ ByVal domain As String, _ ByVal password As String, _ ByVal logonType As LogonType, _ ByVal logonProvider As LogonProvider, _ ByRef token As IntPtr _ ) As Integer Public Sub LetterTemplate() Dim username As String = "username" Dim domain As String = "domain" Dim password As String = "password" ' A handle to the user who will be impersonated Dim token As IntPtr ' Log the user into Windows. Dim bLogonSuccessful As Boolean = Convert.ToBoolean( _ LogonUser( _ username, domain, password, _ LogonType.LOGON32_LOGON_NETWORK, _ LogonProvider.LOGON32_PROVIDER_DEFAULT, token)) If Not bLogonSuccessful Then "Return someth -
Good day all, I currently have a VB Webservice that opens, edits and saves an MS Word 2003 document via impersonation (my code is below, for those searching for impersonation techniques). Everything works fine, what I would like to know is if there is a better way of manipulating an MS Word 2003 document without using impersonation? Due to security reasons, I am hoping to find a better way of approaching this. I would highly appreciate it if you could help me out on this (if it is even possible!) Thanks a lot Rossouw de Bruin Code:
' Values used by the LogonUser function's logonType parameter Public Enum LogonType LOGON32_LOGON_INTERACTIVE = 2 LOGON32_LOGON_NETWORK = 3 LOGON32_LOGON_BATCH = 4 LOGON32_LOGON_SERVICE = 5 LOGON32_LOGON_UNLOCK = 7 LOGON32_LOGON_NETWORK_CLEARTEXT = 8 LOGON32_LOGON_NEW_CREDENTIALS = 9 End Enum ' Values used by the LogonUser function's logonProvider parameter Public Enum LogonProvider LOGON32_PROVIDER_DEFAULT = 0 LOGON32_PROVIDER_WINNT35 = 1 LOGON32_PROVIDER_WINNT40 = 2 LOGON32_PROVIDER_WINNT50 = 3 End Enum Declare Function LogonUser Lib "advapi32.dll" Alias "LogonUserA" ( _ ByVal username As String, _ ByVal domain As String, _ ByVal password As String, _ ByVal logonType As LogonType, _ ByVal logonProvider As LogonProvider, _ ByRef token As IntPtr _ ) As Integer Public Sub LetterTemplate() Dim username As String = "username" Dim domain As String = "domain" Dim password As String = "password" ' A handle to the user who will be impersonated Dim token As IntPtr ' Log the user into Windows. Dim bLogonSuccessful As Boolean = Convert.ToBoolean( _ LogonUser( _ username, domain, password, _ LogonType.LOGON32_LOGON_NETWORK, _ LogonProvider.LOGON32_PROVIDER_DEFAULT, token)) If Not bLogonSuccessful Then "Return somethYou have me confused. Why doesn't this work if you don't use impersonation? Hang on, I probably know... Your Web Service is running as IIS_USER or something. Now IIS_USER has never used Office interactively, so the whole Office suite is not really setup in his profile. Try logging on to the server once as the IIS_USER (or run your web server under another id), and Use Office once. This will setup zillions of registry keys in his profile, and integration should work afterwards.
-
You have me confused. Why doesn't this work if you don't use impersonation? Hang on, I probably know... Your Web Service is running as IIS_USER or something. Now IIS_USER has never used Office interactively, so the whole Office suite is not really setup in his profile. Try logging on to the server once as the IIS_USER (or run your web server under another id), and Use Office once. This will setup zillions of registry keys in his profile, and integration should work afterwards.
Oh, and don't forget to restart the service after doing this, otherwise the profile will not be reloaded...