Skip navigation
bob:)
bob:)
Currently Being Moderated

Reader 9.3.2 security block

May 3, 2010 10:25 AM

Hi we recently updated Reader9.3.1 to Reader9.3.2

(Reader9.3.1 worked just fine)

 

This new issue pops up saying

 

"(Security block) Acrobat does not allow connection to:

http://www.webpage.gov/link/filename.pdf  "       <------------as an example, not a real address

 

The way we got to 9.3.2:

We used the working Reader9.3.1 and slipstreamed that with the new UpdateFile9.3.2.msp

running command: msixec /a reader9.3.1.msi /p UpdateFile9.3.2.msp

 

Thanks,

bob

36613 Views   13 Replies   Latest reply: brogers_1, May 4, 2011 8:52 AM
 
Replies
  • brogers_1
    Currently Being Moderated
    1. brogers_1,
    May 11, 2010 5:09 PM   in reply to bob:)
    Report

    Hi Bob,

     

    What does "pops up new issue" mean? If you are getting a Yellow Message Bar on the top, choose the Options button and choose to trust that site.

     

    Ben

     
    |
    Mark as:
  • Gregmann
    Currently Being Moderated
    2. Gregmann,
    Jun 7, 2010 8:58 AM   in reply to bob:)
    Report

    Bob,

     

    Did you ever find a resolution to this?

     

    We have the same problem.  A group policy deployment to 9.3.2 and now anyone who clicks on a url in a pdf gets the "(Security block) Acrobat does not allow connection to:"  notification.

     

     

    GregPDF-SecurityBlock.jpg

     
    |
    Mark as:
  • brogers_1
    Currently Being Moderated
    3. brogers_1,
    Jun 7, 2010 10:25 AM   in reply to Gregmann
    Report

    Your problem is that you have URL restrictions set in Trust Manager.

     

    1. Go to Edit > Preferences > Trust Manager > Internet Options.
    2. Allow all URLs or specify a list of allowed URLs.

     

    My guess is you have blocked all URLs. That is not the default setting.

     

    Ben

     
    |
    Mark as:
  • testingxyz
    Currently Being Moderated
    4. testingxyz,
    Jun 8, 2010 3:02 AM   in reply to brogers_1
    Report

    Got the same issue here.  We deploy via group policy using the customisation wizard to a few thousand desktops, so configuring by individual client obviously isn't an option.  I'm not seeing how to configure the internet access options in the customisation wizard, only the trusted source options.  Anyone know how to define a list of target URLs, (preferably wildcarded domains) that reader will allow users to click links to using the wizard?

     

    Thanks

     
    |
    Mark as:
  • brogers_1
    Currently Being Moderated
    5. brogers_1,
    Jun 8, 2010 11:21 AM   in reply to testingxyz
    Report

    Any registry setting can be configured via the Wizard or GPO. To figure out how to configure the registry for what you want (or almost anything else), download AIM.

     

    Here's the standard blurb:

     

     

    There are new and updated resources that might help. A new Enterprise resource portal exists at http://kb2.adobe.com/cps/837/cpsid_83709.html . From there you can find the main enterprise libraries and tools. It links to an Enterprise Admin Guide (in its nascent stages but it's rapidly evolving) and the Administrator's Information Manager (AIM). AIM is an AIR application that contains several documents as well as a Preference Reference which documents a growing list of registry keys.

     

    ----

     

    Ben

     
    |
    Mark as:
  • testingxyz
    Currently Being Moderated
    6. testingxyz,
    Jun 9, 2010 1:06 AM   in reply to brogers_1
    Report

    Thanks for your response Ben, I'll explore those resources.  If push comes to shove I'll crack out procmon and see where it is writing those settings to.

     

    Phil

     
    |
    Mark as:
  • brogers_1
    Currently Being Moderated
    7. brogers_1,
    Jun 9, 2010 11:59 AM   in reply to testingxyz
    Report

    Hi again,

     

    There's not much exploring to do. Simply open the preference reference, go to Trust Manager, and see what keys can be configured. It's a simple doc look up and key fix.

     

    ben

     
    |
    Mark as:
  • testingxyz
    Currently Being Moderated
    8. testingxyz,
    Jun 10, 2010 1:46 AM   in reply to brogers_1
    Report

    Perhaps not quite as simple as one might hope.  The documentation gives the path for iUnknownURLPerms and tHostPerms as HKCU\Software\Adobe\(product name)\(version)\TrustManager, whereas (finding that didn't work and looking on a non-managed machine) the actual path is HKCU\Software\Adobe\(product name)\(version)\TrustManager\cDefaultLaunchURLPerms.

     

    The bit I can't get at the moment, and doesn't seem to be covered by the docs, is how to set a wild card, i.e. to allow access to all URLs in example.com.  Just adding something like *example.com doesn't seem to work. Any ideas?

     

    Thanks

     

    Phil

     
    |
    Mark as:
  • brogers_1
    Currently Being Moderated
    9. brogers_1,
    Jun 10, 2010 1:43 PM   in reply to testingxyz
    Report

    Hi Phil,

     

    You're right. The doc is both incomplete and incorrect. It will be fixed in a few days. Here is some additional information:

     

    • iURLPerms is another key in the same location. Set to 2 for allow all and 3 for block all.
    • There is no way to use a wildcard in the Trust Manager. The UI lets you do it, but it doesn't work.
    • Therefore, there is no way to use wildcards for domains. It's an all or nothing situation unless you specify a white list of URLs.

     

    Also note that while you can use * for Enhanced Security > Privileged locations, that is only for cross domain access and won't help you with simple URL access.

     

    Ben

     
    |
    Mark as:
  • Gregmann
    Currently Being Moderated
    10. Gregmann,
    Jun 11, 2010 9:58 AM   in reply to brogers_1
    Report

    Phil,

     

    This took care of it for me: http://forums.adobe.com/message/2785579 and http://forums.adobe.com/thread/617561?tstart=0

     

    Greg

     
    |
    Mark as:
  • BackOfficeThinking
    Currently Being Moderated
    11. BackOfficeThinking,
    Aug 12, 2010 5:38 AM   in reply to bob:)
    Report

    I found a second issue preventing the web page to load:

     

    After I did changed my Trust Manager Settings, the problem persisted.

     

    I opened to PDF in Adobe LifeCycle Designer and noticed that the URLs were mal formed. Any link that I created as http://www.backofficethinking.com. was converted to http:www.backofficethinking.com  (the // were removed).  I added them back, opened the file in acrobat pro and clicked on the Extend features link which made the form fillable and the // were removed again.  I then went back to Designer and changed the link to www.backofficethinking.com (no http://) , opened the file in acrobat pro and the links were correct.

     

    I assume this is a bug in acobat pro?

     

    I'm using adobe acobat pro 9.2

     
    |
    Mark as:
  • motleynutt
    Currently Being Moderated
    12. motleynutt,
    May 3, 2011 7:21 PM   in reply to bob:)
    Report

    I fixed this "Security Block" issue. Sort of.

    In registry editor: Current user\software\adobe\acrobatreader\"version"\Trustmanager\cdefaultlaun chURLperms, The name is thostperms. I deleted it and closed regeditor. Then went to the pdf and tried the link again. In perferences, under trust manager, It's now not greyed out but no matter which option I choose it always asks the first time I click a new link.

     
    |
    Mark as:
  • brogers_1
    Currently Being Moderated
    13. brogers_1,
    May 4, 2011 8:52 AM   in reply to motleynutt
    Report

    Did you try setting

    iURLPerms as described above?
     
    |
    Mark as:
Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points