Secure Deployment

When you create an Office solution, your development computer is updated automatically to allow the code in your project to run. However, when you deploy your solution, you must provide evidence on which to base a trust decision by signing the solution with a certificate, or using the ClickOnce trust prompt key. For more information, see Granting Trust to Office Solutions.

Applies to: The information in this topic applies to document-level projects and application-level projects for Office 2013 and Office 2010. See Features Available by Office Application and Project Type.

For document-level customizations, if you deploy the document to a network location, you must also add the document's location to the list of trusted locations in the Trust Center of the Office application. For more information about how to set document permissions on end user computers, see Granting Trust to Documents.

Administrators can use the registry to prevent all Office solutions from running on a computer. When an Office solution that has managed code extensions is opened, the Visual Studio Tools for Office runtime checks whether an entry with the name Disabled exists under one of the following registry keys on the computer:

  • HKEY_CURRENT_USER\Software\Microsoft\VSTO

  • HKEY_LOCAL_MACHINE\Software\Microsoft\VSTO

To prevent Office solutions from running code, create a Disabled entry under one or both of these registry keys, and specify one of the following data types and values for Disabled:

  • A REG_SZ or REG_EXPAND_SZ that is set to any string other than "0" (zero).

  • A REG_DWORD that is set to any value other than 0 (zero).

To enable Office solutions to run code, set both of the Disabled entries to 0 (zero), or delete the registry entries.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft