Access911.net   |   a9BBS   |   OTaA System  
  搜索文章:  
Access911欢迎您光临  
   主页      上传      繁體版       论坛     
设为首页  |  加入收藏   
  
你现在的位置:文章索引 -> 文章分类 -> 安全  
 首页|  近日更新|  下载  |  文章索引  |  搜索|  术语|  承接工程|  
 
系统正在加载内容,请耐心等待...
 
 查询
 窗体
 报表
 
 
 VBA
 函数
 ADO/DAO/ADO.NET
 API
 ADP
 安全
 发布
 OA
 ASP/ASP.NET
 其他语言
 控件
 DELPHI
 C#/.Net
 本站
 其他
 小例程
 常用软件
 参考文档
 业主作品
 网友大作
 
 
友情链接
 access911.net
 
访问人次
 1702233
 
站长 E-Mail
 net911@sina.com
 access911@gmail.com
 
RSS 订阅

显示附加信息 >>>

无法打开局域网内已经共享的数据库(英文)

作者:MS  摘自:Microsoft  :cg1  更新日期:2004-7-14  浏览人次:

 

问题:

所在的网络是几台机器组成一个局域网,通过一台服务器上外网。
要共享数据库的两个机器都在局域网内,可是双击共享文件夹里的数据库文件就说打不开。
“microsoft access 无法打开该文件
该文件位于您的intranet之外,或处于一个不可信任的位置。由于潜在的安全问题,microsoft access将不会打开该文件。要打开该文件,请将它拷贝到您的本地计算机,或一个可访问的网络位置上。”

不知道是怎么回事,什么是可信任的位置?

 

回答:

Intranet site is identified as an Internet site when you use an FQDN or an IP address

View products that this article applies to.

This article was previously published under Q303650
Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry

SYMPTOMS

When you access a local area network (LAN), an intranet share, or an intranet Web site by using an Internet Protocol (IP) address or a fully qualified domain name (FQDN), the share or Web site may be identified as in the Internet zone instead of in the Local intranet zone. For example, this behavior may occur if you access shares or Web sites with Microsoft Internet Explorer, Microsoft Windows Explorer, a command prompt, or a Windows-based program when you use an address in any one of the following formats:
  • \\Computer.childdomain.domain.com\Share
  • http://computer.childdomain.domain.com
  • \\157.54.100.101\share
  • file://157.54.100.101/share
  • http://157.54.100.101
This behavior can occur regardless of whether any or all of the following settings are configured:
  • In Internet Explorer, you have added the FQDN (or *.domain.com) or the IP address (or the address range) to the Do not use proxy server for addresses beginning with box under the Exceptions section in the Proxy Settings dialog box.

    Note To locate the Proxy Settings dialog box in Internet Explorer, click Tools, click Internet Options, click Connections, and then click Proxy Settings.
  • You have selected the Bypass proxy server for local addresses check box that is on the Local Area Network (LAN) Settings dialog box.

    Note To locate the Local Area Network (LAN) Settings dialog box in Internet Explorer, click Tools, click Internet Options, click Connections, and then click Local Area Network (LAN) Settings.
  • You have selected the Include all sites that bypass the proxy server and Include all network paths (UNCs) check boxes on the Local intranet dialog box.

    To locate the Local intranet dialog box in Internet Explorer, click Tools, click Internet Options, click Security, and then click Local intranet.
This behavior can cause Internet Explorer to prompt you for credentials when you access the intranet Web sites that require authentication. Or you may be prompted or prevented from opening files on an intranet Web site or Universal Naming Convention (UNC) share in programs that use the Internet Explorer Security Manager to determine whether a file is located in a trusted security zone. For example, you may receive the following error message when you try to open a Microsoft Access database (.mdb) file on a local intranet share (by using the FQDN or IP address) with Microsoft Access 2002:
Microsoft Access cannot open this file.
This file is located outside your intranet or on an untrusted site. Microsoft Access will not open the file due to potential security problems.
To open the file, copy it to your computer or an accessible network location.
Note Windows Server 2003 includes a new, optional component named Internet Explorer Enhanced Security Configuration. This component assigns all intranet Web sites and all UNC paths that are not explicitly listed in the Local intranet zone to the Internet zone. By default, the Internet zone uses the High security level. Therefore, you may experience these symptoms when you access intranet Web sites and UNC paths by using the NetBIOS name. For example, if you use http://server or \\server\share, or when you use the IP address or FQDN, you may experience these symptoms.

For additional information about Internet Explorer Enhanced Security Configuration, click the following article number to view the article in the Microsoft Knowledge Base:

815141 Internet Explorer Enhanced Security Configuration Changes the Browsing Experience

CAUSE

This behavior may occur if an FQDN or IP address contains periods. If an FQDN or IP address contains a period, Internet Explorer identifies the Web site or share as in the Internet zone.

WORKAROUND

To work around this issue, add the appropriate IP address range or fully qualified domain names (FQDNs) to your local intranet.

Note If you are using Internet Explorer's Enhanced Security Configuration with Windows Server 2003, and you use the NetBIOS name to acces intranet sites, use any of the following methods to work around this issue:
  • Add the sites to the Local intranet zone. To add a site to the Local intranet zone, open the site in Internet Explorer, click File, point to Add this site to, click Local intranet zone, click Add in the Local intranet dialog box, and then click Close.
  • Add the sites to the Trusted sites zone. To add a site to the Trusted sites zone, open the site in Internet Explorer, click File, point to Add this site to, click Trusted sites zone, click Add in the Trusted sites dialog box, and then click Close.
  • Turn off Enhanced Security Configuration. You must be an administrator to turn off Enhanced Security Configuration. You can turn off Enhanced Security Configuration for users (such as Limited Users and Restricted Users) and leave it on for administrators. To turn off Enhanced Security Configuration for users, open Control Panel, click Add or Remove Programs, click Add/Remove Windows Components, click Internet Explorer Enhanced Security Configuration, click Details, click Users, click OK, click Next, click Finish, and then restart Internet Explorer to apply the new settings.
Administrators can use client settings or server settings to add the appropriate IP address range or FQDNs to the Local intranet. For example, administrators can use TCP/IP suffixes, add *.domain.com, or add the appropriate IP address range to the Local intranet sites zone in Internet Explorer on the client. On the server, administrators can use a proxy automatic configuration script. The following workaround adds *.domain.com or the appropriate IP address range to the Local intranet sites zone in Internet Explorer for all the client computers.

Users

To work around this behavior, each user must add *.domain.com or the appropriate IP address range to the Local Intranet Sites dialog box:
  1. In Internet Explorer, click Tools, and then click Internet Options.
  2. On the Security tab, click Local intranet, and then click Sites.
  3. Click Advanced, and then type: *.domain.com or an IP address range (for example, 157.54.100-200.*) in the Add this Web site to the zone box, where domain.com is your company and top-level domain names.
  4. Click Add, click OK, click OK, and then click OK again to close the Internet Options dialog box.
  5. Restart the computer.

Administrators

Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

Administrators can deploy this setting by making the following changes to the registry:
  1. For each domain that should be included in the Local intranet zone, add a domain.com key to the appropriate registry key under either HKEY_CURRENT_USER (for a currently logged-on user only) or HKEY_LOCAL_MACHINE (for all users on the local computer):
    • Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains (For 32-bit versions of Internet Explorer or 64-bit versions of Internet Explorer on 64-bit versions of Windows XP or Windows Server 2003, if Enhanced Security Configuration is turned off.)
    • Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains (For 32-bit versions of Internet Explorer on 64-bit versions of Windows XP or 64-bit versions of Windows Server 2003, if Enhanced Security Configuration is turned off.)
    • Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ESCDomains (For Internet Explorer on 32-bit versions of Windows Server 2003, or the 64-bit version of Internet Explorer on 64-bit versions of Windows Server 2003, if Enhanced Security Configuration is turned on.)
    • Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ESCDomains (For the 32-bit version of Internet Explorer on 64-bit versions of Windows Server 2003, if Enhanced Security Configuration is turned on.)
    NoteBy default, security zones settings are stored in the HKEY_CURRENT_USER registry key. Because this key is dynamically loaded for each user, the settings for one user do not affect the settings of another. Only the local machine settings will be used if the Security Zones: Use only machine settings setting is enabled in group policy or the Security_HKLM_only DWORD value is set to 1 in the following key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings

    With this policy setting enabled, only machine settings will be used instead of user settings.

  2. Add a DWORD value named * (the asterisk character) to the domain.com key and set it to 1.
  3. For each IP address range that must be included in the Local intranet zone, add a Rangex key (where x is 1, 2, 3, and so on) to the following registry key under HKEY_CURRENT_USER (for a currently logged-on user only) or HKEY_LOCAL_MACHINE (for all users on the local computer):
    • Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges (For 32-bit versions of Internet Explorer or 64-bit versions of Internet Explorer on 64-bit versions of Windows XP or Windows Server 2003.
    • Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges (For 32-bit versions of Internet Explorer on 64-bit versions of Windows XP or 64-bit versions of Windows Server 2003.
    Note By default, security zones settings are stored in the HKEY_CURRENT_USER registry key. Because this key is dynamically loaded for each user, the settings for one user do not affect the settings of another. Only the local machine settings will be used if the Security Zones: Use only machine settings setting is enabled in group policy, or if the Security_HKLM_only DWORD value is set to 1 in the following key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings

    With this policy setting is enabled, only machine settings will be used instead of user settings.
  4. Add a DWORD value named * (the asterisk character) to the Rangex key and set it to 1.
  5. Add a String value named :Range (the colon character followed by the word "Range") to the Rangex key, and then set it to the IP address range (for example, 157.54.100-200.*).
Note Administrators can deploy settings in an Active Directory environment.

For additional information about how to do so, click the following article number to view the article in the Microsoft Knowledge Base:

274846 Set advanced settings in Internet Explorer by using Group Policy objects

Important This workaround does not work for UNC or file:// addresses that use an IP address. For example, Internet Explorer identifies \\157.54.100.101\share, or file://157.54.100.101/share, as being in the Internet zone, even if you add the appropriate IP address range to the Local Intranet Sites list. In this case, you must use a file:// URL that has the NetBIOS name (for example, \\server\share) for the site to be identified in the Local intranet zone. Also, some applications may not be able to open files by using an http:// address even if the Web site is on your LAN and you use the NetBIOS name (for example, http://server). For example, Microsoft Access 2002 cannot open files from http:// addresses. If you try to open an Access database file (.mdb) on an intranet Web site by using either the IP address, FQDN, or NetBIOS name, Access 2002 will incorrectly report that the file is outside your intranet or on an untrusted site by displaying the error message in the "Symptoms" section of this article. For additional information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

810582 Error Opening Access Database from a Web Server

STATUS

This behavior is by design.

The information in this article applies to:

  • Microsoft Access 2002
  • Microsoft FrontPage 2002
  • Microsoft FrontPage 2000
  • Microsoft Excel 2002
  • Microsoft Excel 2000
  • Microsoft Internet Explorer 6.0, when used with:
      the operating system: Microsoft Windows Server 2003
      the operating system: Microsoft Windows XP
      the operating system: Microsoft Windows 2000
      the operating system: Microsoft Windows NT 4.0 SP6
      the operating system: Microsoft Windows Millennium Edition
      the operating system: Microsoft Windows 98 Second Edition
      the operating system: Microsoft Windows 98
  • Microsoft Internet Explorer 5.x, when used with:
      the operating system: Microsoft Windows 2000
      the operating system: Microsoft Windows NT 4.0
      the operating system: Microsoft Windows Millennium Edition
      the operating system: Microsoft Windows 98 Second Edition
      the operating system: Microsoft Windows 98
  • Microsoft Internet Explorer 4.x, when used with:
      the operating system: Microsoft Windows NT 4.0
      the operating system: Microsoft Windows 98
  • Microsoft Outlook 2002
  • Microsoft Outlook 2000
  • Microsoft PowerPoint 2002
  • Microsoft PowerPoint 2000
  • Microsoft Windows Server 2003, 64-Bit Datacenter Edition
  • Microsoft Windows Server 2003, 64-Bit Enterprise Edition
  • Microsoft Windows Server 2003, Datacenter Edition
  • Microsoft Windows Server 2003, Enterprise Edition
  • Microsoft Windows Server 2003, Standard Edition
  • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows Small Business Server 2003, Premium Edition
  • Microsoft Windows Small Business Server 2003, Standard Edition
  • Microsoft Windows XP 64-Bit Edition Version 2002
  • Microsoft Windows XP 64-Bit Edition Version 2003
  • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Media Center Edition
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Tablet PC Edition
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Server
  • Microsoft Windows NT Server 4.0
  • Microsoft Windows NT Workstation 4.0
  • Microsoft Windows Millennium Edition
  • Microsoft Windows 98 Second Edition
  • Microsoft Windows 98
  • Microsoft Word 2002
  • Microsoft Word 2000

Last Reviewed: 5/3/2004 (9.0)
Keywords: kbenv kberrmsg kbprb KB303650

参考文档位置:
http://support.microsoft.com/default.aspx?scid=kb;en-us;303650&Product=acc

 

 

 
相关文章
     没有手动相关文章
     如何解决共享目录加访问密码后导致链接表出错问题?
     如何取消 Access2003 刚打开的安全警告或者 RUNTIME 的安全警告?
     Access安全吗?Access安全性之QA详解
     如何操作远程internet http服务器上mdb数据库?
     了解Access安全性
 
评论
     查看或发表更多的评论,请单击这里。
 
 
 
 
 
   
  Access911.net   |   a9BBS   |   OTaA System   |
建站日期:2000年4月2日  |  设计施工:陈格 ( access911 & cg1 )
 Copyright © 2000 - 2003 COMET, 陈格 保留所有权利