Article ID: 2026191 - Last Review: February 8, 2011 - Revision: 3.0

Publishing an InfoPath form that contains Sandboxed code to a SharePoint server that is also a domain controller fails

View products that this article applies to.
System TipThis article applies to a different operating system than the one you are using. Article content that may not be relevant to you is disabled.
Expand all | Collapse all

Symptoms

You work with a SharePoint server that is also a domain controller. On this server, the Microsoft SharePoint Foundation Sandboxed Code Service is enabled. You design an InfoPath form template that contains sandboxed code. When you try to publish this form template to the server, InfoPath returns the following error:

The form template has been published to the server but it can only be opened in the InfoPath Filler.

If you click Details, you see one of the following messages:

    • This operation is not allowed at this time
    • The sandboxed solution could not be activated
    • There is an error in the InternalStartup method of form code

Note InfoPath form contains sandboxed code if the Administrator-approved form template (advanced) option is not enabled when the form is published.

Back to the top

Cause

Promoting a SharePoint Server to be a domain controller modifies permissions to some registry keys to be more restrictive.
Back to the top

Resolution

To make the form template usable, the Users group needs Read access to the following three registry keys on the SharePoint Server:

  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BFE
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Cryptography\Providers
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Cryptography\Configuration
Important: This article contains information about how to modify the registry. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, view the topic Back up the registry in Windows Help.
 
Caution: Making these modifications to the registry will decrease security on this domain controller. 

To add Read access to these three keys, follow these steps:

  1. On the SharePoint Server and domain controller, click Start, click Run, type regedit in the Open box, and then click OK. 
  2. Locate and then right-click the following registry subkey:
    • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BFE
  3. Click Permissions, click to select Users, click to select the Read check box in the Allow column of Permissions for Users, and then click OK.
  4. Locate and then right-click the following registry subkey:
    • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Cryptography\Providers
  5. Click Permissions, click to select Users, click to select the Read check box in the Allow column of Permissions for Users, and then click OK.
  6. Locate and then right-click the following registry subkey:
    • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Cryptography\Configuration
  7. Click Permissions, click to select Users, click to select the Read check box in the Allow column of Permissions for Users, and then click OK.
  8. Exit Registry Editor.

 

Back to the top
Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use (http://go.microsoft.com/fwlink/?LinkId=151500) for other considerations.
Back to the top
APPLIES TO
  • Microsoft Infopath 2010
Back to the top
Keywords: 
KB2026191
Back to the top