Hi there,
I would like to establish Power Query and signed VBA macros in our company.
Unfortunately, I came across some basic security aspects I would like to handle the best way possible:
- authors of signed VBA macros have to be added as trustworthy inside the trust center
How can you administrate a bunch of employee PCs? What is the recommended approach here?
- macro certificates have an expiration date. How is the renewal process done for all Excel documents with signed macros?
- How do you administrate the trust center of several customer PCs if you would like to add reliable network paths for power query activities?
I would be very happy if you could point me to
- useful web articles
- reference literature
- recommended websites for Office 365 administration
Thank you very much and best regards, Marco
Hi Marco,
This article should clear most issues:
https://learn.microsoft.com/en-us/deployoffice/security/internet-macros-blocked
Signing macros requires replacing the signature from time to time, if you have lots of files like that, will be a pain to update all.
You cannot "administrate the trust center of several customer PCs" remotely (if that's what you have in mind), each PC (and each PC user account) should be configured individually.
Easiest way is to ask them to run a power shell script to unblock all files in a directory, this will remove MOTW (Mark-Of-The-Web):
dir -Path "E:Downloads" -Recurse | Unblock-File
Otherwise you'll have to manage each pc to change security settings, trusted zones, as described here:
