I want to share a document online by a URL with some colleagues. When they click the URL and view the document online, I want a task-pane add-in to be automatically opened.
I used Office-OOXML-EmbedAddin to create such a file with Script Lab auto-opened, then I put the file (view-only) on my OneDrive:
https://1drv.ms/x/s!AmAcI5jpNEmng1NhS0xbIMcUnUNZ
However, our tests show that, for people who have not signed in with Microsoft Account in their browser, the auto-open does NOT work, though they can view the document.
Is this behavior expected, given that people may not stay signed in all the time?
PS: note that if people download the document, they don't need to sign in to enable auto-open in Excel desktop.
This is a known bug. Until it is fixed, users will have to be logged in when they open a document on OneDrive in order for the autoopen feature to work. Sorry for the bad news, but it is on Microsoft's radar and we know it is important.
I've got a mysterious edge case with some Word 2016 users on Windows using my Word add-in.
I realize much more info might be required...but I also feel this is an issue that might have some proven ways to diagnose - or someone may know of a root cause.
My simple Word add-in pulls data from a MySQL db on my web server (via php) and stores it in localstorage. Works great in Word 2016 on multiple computers. A handful of users can't, essentially, download data and my solution throws errors for them.
I've even had 2 users on the same machine - one who can use my add-in, one who cannot (so each logging into different Windows accounts at the same institution. The user who was able to happily use my app is in IT and maybe had different settings).
My nose tells me there is an Internet Explorer security setting getting in the way...we've verified that localstorage is allowed.
When a user with the problem opens Internet Explorer directly, they're able to download data and use the app (part of it works outside of Word). As I understand it, Word 2016 Add-ins use Internet Explorer 11 to render html/js/css - and a setting changed in a user's IE11 settings area will cascade to Word 2016 add-ins.
Some of the weird details I've picked up:
Opening a new browser window from inside Word (clicking on a link in my add-in that opens a full web browser) prompts a "A website wants to open web content using this program on your computer" and points to Internet Explorer's Protected Mode. I've experimented with turning this on myself and can't recreate the issue.
The user isn't signed into O365. That doesn't seem to make a difference either.
Debugging via F12Chooser shows an [object error] with an error code of "-2147024891" and a "stack" message of "Error: Access is denied..." at the point where data would be pulled...I can't get much more out of the console.
The add-in is able to hit Firebase (I'm using Google's Firebase for authentication) and I get a response from their server...but not my ajax call to my php file.
Any thought or direction appreciated.
Let's take Excel for example. In Excel 2016, when I select an add-in in the STORE, after clicking on Trust It, will the code (.html, .js files) of the add-in be downloaded or installed on my machine?
In other words, have the add-ins under MY ADD-INS been already installed on my machine, such that i could load and run them without Internet (if an add-in does not send or receive special data to or from Internet)?
I am asking this question, because i want to know if a basic add-in always requires Internet access to work.
As Eric mentions, Office add-ins are indeed web based. However, to add a bit to his answer:
While you definitely need a one-time access to fetch the manifest and the original HTML/JS/CSS files, if your add-in is not using license checking (it's free) and does not require web services, you should be able to make a website that uses standard offlining techniques to load with no internet connection after the first time.
I tried it out real quick with pointing a manifest at http://html5demos.com/offlineapp. After loading it once and then disconnecting my internet, I was still able to load that page.
Hope this helps,
~ Michael
Yes, the new Office add-ins are web-based. They are all defined - and installed - by a manifest file which specifies the URL location of the web source files. These are always hosted on the provider's web server and are not cached for offline use. The licensing system used by most add-ins (the ones that aren't free) requires a connection to the provider's web server which in turns needs to verify the user's license against the Office Verification Licensing Service. If offline use was enabled users could use a trial license in perpetuity without the provider being aware.
I've created a simple (asmx) web service which returns a DataSet.
I've added the webservice to my Excel 2007 workbook using the Data -> From Web button and I'm able to view / refresh the data.
The problem comes when I need to secure the web service: I've turned on Windows authentication for the web service and the request uses SSL.
Unfortunately, the user's logged on windows credentials aren't used by Excel when trying to refresh the data - the refresh fails.
If I click on Data -> Connections -> Properties -> Definition -> Edit Query, only then am I prompted for my windows credentials and does the refresh then succeed.... not a problem for me, but not something I want every user of this spreadsheet to have to do... any ideas how to make the prompt come up when the refresh is attempted instead of having it fail??
Thanks!!
Update Answers so far are to do with SharePoint and Excel Services (neither of which are any use to me)... and one link for which "The following procedure does not apply to data that is retrieved from a text file or a Web query"... I just want a person with a copy of excel on his desktop machine to be able to update from a password-protected web service... is that so hard Microsoft??
Another Update Still no answers accepted - because no answers so far have provided a working solution ( Nice googling though - thanks guys ;-) )
While I haven't got SSL I can attest that Excel normally shouldn't ask you for authentication when using pass through authentication.
My guess is that you will need to add the destination website (with the https) to your trusted zone in IE. The effect should be that when you go to the website you shouldn't be challenged for your password at all. IE will now pass through the authentication credentials because the destination is in the trusted zone.
Once this is fixed Excel should treat it like a normal website.
Here's a link which talks you through adding your site to the trusted zone: http://www.nateirwin.net/2007/01/19/enabling-ntlm-authentication-in-firefox-and-internet-explorer/
The last time I dealt with this issue was in 2004. If I remember correctly, this is a bug in the Web Query technology in how the query deals with the SSL certificate. This is Excel 97 technology; therefore, fairly basic implementation.
After much research and troubleshooting, the only way around this issue is to create user and password parameters and post the web query. Using POST will keep the user/password hidden from prying eyes.
Following is my note from 2004: There is a problem with https, application/vnd.ms-excel, Internet Query (iqy), and Excel 2000/2002.
Have you checked out this question: What do I need to do to make Excel access a Web Query via HTTPS?
Excel's Web Queries Enable You to Populate Worksheets from Web Sites at http://msdn.microsoft.com/en-us/library/aa155714(v=office.10).aspx.
Sites requiring authentication and passwords provide additional
challenges. They may require coded workarounds or may be unsolvable.
Error message when you use Web query to a secure Web page () in Excel: "Unable to open" at http://support.microsoft.com/kb/290347.
XL97: How to Create Web Query (.iqy) Files at http://support.microsoft.com/kb/157482 is an invaluable resource. (There was a Web Query SDK once that I cannot find, but this article is a good replacement.)
Different Ways of Using Web Queries in Microsoft Office Excel 2003 at .
I don't know if this will help, but I faced a similar situation while importing data from a remote SQL Server Database. What I did was create a role inside the database itself, and assign any users who needed access to that role.
The data is updated into the workbook when the file is loaded using Microsoft Query, so I don't know how that might differ from how you have done things.
The biggest issue with doing it this way was to open the properties for the query and check the "Use Trusted Connection" box. This worked without an issue for me. Again, this was from a remote server, not a secure website. Hope this helps.
i hope this will help you : Refresh connected imported data
We had a similar situation at work, however, we are using Office 2010. I'm not sure of the limitations of 2007. Check out these links. The last two are specifically for Excel 2007.
Link 1: Configure Secure Store Service for Excel Services
Link 2: Ten Tips for Using SharePoint Server 2007 with Excel Services
Link 3: Plan external data connections for Excel Services
I have a MOSS 07 site that is configured for anonymous access. There is a document library within this site that also has anonymous access enabled. When an anonymous user clicks on a PDF file in this library, he or she can read or download it with no problem. When a user clicks on an Office document, he or she is prompted with a login box. The user can cancel out of this box without entering a log in, and will be taken to the document.
This happens in IE but not FireFox.
I see some references to this question on the web but no clear solutions:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.sharepoint.windowsservices.development&tid=5452e093-a0d7-45c5-8ed0-96551e854cec&cat=en_US_CC8402B4-DC5E-652D-7DB2-0119AFB7C906&lang=en&cr=US&sloc=&p=1
http://www.sharepointu.com/forums/t/5779.aspx
http://www.eggheadcafe.com/software/aspnet/30817418/anonymous-users-getting-p.aspx
To disable login prompt opening office documents from SharePoint 2010 do the following settings in web.config
<system.webServer>
<security>
<requestFiltering allowDoubleEscaping="true">
<!-- here's where the magic happens -->
<verbs allowUnlisted="true">
<add verb="OPTIONS" allowed="false" />
<add verb="PROPFIND" allowed="false" />
</verbs>
</requestFiltering>
</security>
</system.webServer>
If Sharepoint Shared Workspace is enabled in MS Word this may prompt users with a Windows login if users do not have permissions to access or create a Shared Workspace. Do the followoing to turn this off:
Open MS Word
Go to Tools/Options
Click General Tab
Click Service Options
Click Shared Workspace
Uncheck box that says “The document is part of a Workspace or SharePoint Site.”
Click OK
Click OK
Try to hit a MS Word document from the SharePoint site.
If this resolves issue repeat steps with every MS Office program to eliminate the prompt. (Excel, PowerPoint, Visio, ect)
http://office.microsoft.com/en-us/word/HP010414641033.aspx
Unfortuantly the only work around I've found breaks some functionality for logged in users (can't upload multiple files, connect to outlook ect..)
If that is acceptable, or you want to try it and see:
In central admin > application management > application security > authentication providers select your web app and select your provider (likely "default").
Select No for client integration and save the settings.
Open your web config, find the line <add verb="OPTIONS,PROPFIND,PUT,LOCK,UNLOCK..... and remove the verb OPTIONS.
You should no longer be asked in ie for credentials. To reverse this simply undo both changes.
If you can click cancel and it comes up the problem is...
AuthForwardServerList
http://support.microsoft.com/kb/943280
Office doesn't know the site is trusted/local so it doesn't fwd your credentials and prompts you with an opportunity to provide them. It's a feature....
If you list your site in the proper registry key it will forward your credentials which are not needed but you won't get prompted.
If you have a url rewriting module or urlscan, configure the software to send http 403 to http OPTIONS requests.
In the Sharepoint Server 2010, The solution method is a little bit changing because the new generation Sharepoint can not hold verbs in web.config. Therfore, you must change the method. First of all, you open IIS 7.0 and choose your application site. You can see many items at the middle of the screen. You choose and double click Request Filters. In the request filtres, you can see "Verbs". You can add OPTIONS and PROPFIND verbs to a deny mode. And finally test your site. Sometimes, Sharepoint needs to close Client Integration Mode of your site. If need, you can close Client Integration Mode in Central Administration.
Possible cause and resolution:
http://support.microsoft.com/kb/943280
"You are prompted to enter your credentials when you access an FQDN site from a computer that is running Windows Vista or Windows 7 and has no proxy configured"
"For example, when you open a Microsoft Office file from a Microsoft Office SharePoint site by using 2007 Microsoft Office on a Windows Vista-based client computer that has no proxy configured, you are prompted for authentication."
My guess is that the Office client is loading the underlying document template from another location where anonymous access is enabled. This also explains why you can still open the document as the Office client can also work without loading the template the document was originally created from. To see the template URL in Word 2007, enable the Developer Ribbon from Word options and click the Document Template button on the ribbon.
That doesn't seem to be it. Once of the documents in question is an Excel file, which would not use the .doc template. Also, in the Document Template dialog, it doesn't give me a url to the SharePoint template file if I create a new Word document based on it. It just says the template is "Normal." I also tried disabling the template at the document library level and it doesn't change the password situation.
When opening an Office document in IE, an ActiveX component is used to call the client application, and prompt it to open the document. In other browsers, the download is a standard hyperlink, handled by the browser.
Does this happen in search results and in standard linked columns in document libraries as well?
Using a tool like Fiddler (as referenced/suggested in your first link reference, see http://www.fiddlertool.com/fiddler/ for more info) is the only efficient way of determining the root cause of this type of issue I'm aware of. Whatever is causing this will be happening over HTTP. A debugging proxy like Fiddler will show you exactly which URL/resource is causing the request for authentication.
On a related note, are you running a recent build of the platform? It might be wise to check to make sure this issue hasn't already been addressed by MS e.g. in a hotfix. The best list of updates I'm aware of is here: http://www.harbar.net/articles/postsp1.aspx
Check this : Remove Login box when anonymous users download office document from SharePoint Site
http://www.theblackknightsings.com/RemoveLoginBoxWhenAnonymousUsersDownloadOfficeDocumentFromSharePointSite.aspx
When developing Extranet/Internet site in SharePoint you often want to allow anonymous access and this works fairly well.
But there is one are where the out of the box experience fails regarding anonymous access and that is when you allow the users to download Microsoft Office documents. In that case IE/Office pops up a couple of Login dialogs, if the user cancels out of these the document opens as expected, but you really don't want the user to have to cancel a couple of dialogs to open your documents
The problem is that office tries to be intelligent and issues a Microsoft Office Protocol Discovery request to see how much the user is allowed to do, but SharePoint responds with access denied until the users logs in.
The solution I've found is to implement a HttpModule which rejects the Microsoft Office Protocol Discovery request if the user isn't logged in and this gets rid of the Login boxes
I'm guessing that you use Windows Vista. We had this problem on Vista but not on XP.
From Microsoft: In Windows Vista, Internet Explorer uses the Web Client service when you use Internet Explorer to access a WebDAV resource. The Web Client Service uses Windows HTTP Services (WinHTTP) to perform the network I/O to the remote host. WinHTTP sends user credentials only in response to requests that occur on a local intranet site. However, WinHTTP does not check the security zone settings in Internet Explorer to determine whether a Web site is in a zone that lets credentials be sent automatically.
If no proxy is configured, WinHTTP sends credentials only to local intranet sites.
Note If the URL contains no period in the server’s name, such as in the following example, the server is assumed to be on a local intranet site:
http://sharepoint/davshare
If the URL contains periods, the server is assumed to be on the Internet. The periods indicate that you use an FQDN address. Therefore, no credentials are automatically sent to this server unless a proxy is configured and unless this server is indicated for proxy bypass.
This is a known issue that has not quite been completely fixed yet. There is a MSDN blog about it here: http://blogs.msdn.com/sharepoint/archive/2007/10/19/known-issue-office-2007-on-windows-vista-prompts-for-user-credentials-when-opening-documents-in-a-sharepoint-2007-site.aspx
There is an interesting workaround posted here: http://grounding.co.za/blogs/neil/archive/2008/11/10/workaround-sharepoint-keeps-prompting-for-login-when-creating-office-2007-documents-on-vista.aspx
Ultimately there is a patch that has been included with Vista SP1 but it also requires a registry edit. We just recently got this to work using the following steps on a Windows Vista SP2 client:
Open regedit. Navigate to the following subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters
Create a new Multi-String value called AuthForwardServerList and give it a value of (for example):
https://.Contoso.com
http://.dns.live.com
*.microsoft.com
https://172.169.4.6
Then restart the WebClient service.
We were able to get this working by changing IE settings.
We have the site URL in Trusted Sites.
Under Custom Settings set User Authentication to: Automatic logon with current user name and password
I found a solution. First of all, you open the web application config file under the inetpub. Then you find the add verbs section. In this section, many verbs were added in the installation time. Delete Options and Profind verbs and save config file. Finally test the problem and see it. The problem is finished.
I've found the following workaround:
http://www.objectsharp.com/cs/blogs/max/archive/2008/04/21/sharepoint-public-facing-website-and-microsoft-office-documents.aspx
To keep it simple:
Disable client integration
Remove the OPTIONS verb from the registration line in the web.config file for the site