Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Publishing an InfoPath form that contains Sandboxed code to a SharePoint server that is also a domain controller fails

Publishing an InfoPath form that contains Sandboxed code to a SharePoint server that is also a domain controller fails

Symptoms

You work with a SharePoint server that is also a domain controller. On this server, the Microsoft SharePoint Foundation Sandboxed Code Service is enabled. You design an InfoPath form template that contains sandboxed code. When you try to publish this form template to the server, InfoPath returns the following error:

The form template has been published to the server but it can only be opened in the InfoPath Filler.

If you click Details, you see one of the following messages:

    • This operation is not allowed at this time
    • The sandboxed solution could not be activated
    • There is an error in the InternalStartup method of form code

Note InfoPath form contains sandboxed code if the Administrator-approved form template (advanced) option is not enabled when the form is published.

↑ Back to the top

Cause

Promoting a SharePoint Server to be a domain controller modifies permissions to some registry keys to be more restrictive.

↑ Back to the top

Resolution

To make the form template usable, the Users group needs Read access to the following three registry keys on the SharePoint Server:

  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BFE
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Cryptography\Providers
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Cryptography\Configuration
Important: This article contains information about how to modify the registry. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, view the topic Back up the registry in Windows Help.
 
Caution: Making these modifications to the registry will decrease security on this domain controller. 

To add Read access to these three keys, follow these steps:

  1. On the SharePoint Server and domain controller, click Start, click Run, type regedit in the Open box, and then click OK. 
  2. Locate and then right-click the following registry subkey:
    • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BFE
  3. Click Permissions, click to select Users, click to select the Read check box in the Allow column of Permissions for Users, and then click OK.
  4. Locate and then right-click the following registry subkey:
    • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Cryptography\Providers
  5. Click Permissions, click to select Users, click to select the Read check box in the Allow column of Permissions for Users, and then click OK.
  6. Locate and then right-click the following registry subkey:
    • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Cryptography\Configuration
  7. Click Permissions, click to select Users, click to select the Read check box in the Allow column of Permissions for Users, and then click OK.
  8. Exit Registry Editor.

 

↑ Back to the top

Keywords: vkball, kb

↑ Back to the top

Article Info
Article ID : 2026191
Revision : 1
Created on : 1/8/2017
Published on : 2/8/2011
Exists online : False
Views : 185