Excel 2010 interop issues

1

Right, this is driving me insane. This works fine locally with Excel 2013, but when the website is published to a remote server with Excel 2010 it fails. From what I can see the DCOM configuration is the same locally as remote.

After fighting with Excel 2010 and DCOM permissions for over an hour now the best I have got is this exception: System.Runtime.InteropServices.COMException (0x80070BBC): Office has detected a problem with this file. To help protect your computer this file cannot be opened.

This is the result of a web application trying to open a *.xls file from a location it has just uploaded to. The application pool is running under ApplicationPoolIdentity and I have set the permissions for this specific app pool under mmc -32 on Launch and Activation Permissions so there's no problem running Excel. What I think I'm facing here is protected mode issues as the file is definitely not corrupt.

I've gone into Excel and Trust Centre settings and have added the location where the *.xls file is uploaded to (and subsequently opened) as a trusted location. If I open the file on the hosting server (under my domain account) I don't get the protected view block on the file - however, the Identity on the DCOM configuration is set to the launching user. So, what does this mean from the following (or something I haven't listed):

  1. I need to add this location as trusted at a group policy level because the account launching the actual application doesn't have this configuration in its profile?
  2. I need to create an actual account on the server and use this account as the Identity for running the application?
  3. ... ?

Just to clarify I've already been down the DCOM Security config route and RIDICULOUS issues with C:\Windows\System32\config\systemprofile\Desktop and C:\Windows\SysWOW64\config\systemprofile\Desktop. The configuration is:

  • .NET 4.5 (classic pipeline) app pool running under ApplicationPoolIdentity
  • DCOM Config > Security > Launch and Activation Permissions all set for this specific identity (Access Permissions and Configuration Permissions all set to Use Default)
  • File is uploaded correctly and appears in destination, opening on the server itself (under my domain account) respects the Trusted Location and doesn't give protected mode warning
  • Process to parse fails with the above exception.

Here is a screenshot of the Interop assembly I'm using if this is pertinent.

Excel Interop Assembly

excel-interop

1 Answer

2

Ok... for anyone stumbling on this issue I have bitten the bullet and had to do the following:

  1. Create a local account (AutomatedOffice in my instance) and set DCOM config to run Excel under this account
  2. Log in as above account and change Excel settings to add folder in application root to trusted location and disable protected mode messages
  3. Allow "Network Service" to invoke DCOM processes locally (through server DCOM config and not CLSID config)
  4. Add NTFS permissions for this account on C:\Windows[System32|SYSWOW64]\config\systemprofile\Desktop paths

What was weird, after creating the account I was getting the following exception Retrieving the COM class factory for component with CLSID {00024500-0000-0000-C000-000000000046} failed due to the following error: 80070005 Access is denied. which was resolved by adding HOST\Users and HOST\NetworkServices group to DCOM security (local only!!!) settings.

answered on Stack Overflow Sep 23, 2015 by Paul Aldred-Bann

User contributions licensed under CC BY-SA 3.0