First Published 28 June 2022 Difficulty level : Easy
This article was written partly in response to several forum threads including:
How to Close Database When Macro errors
Ribbon Before Autoexec
Hiding A Form
The Autoexec macro is widely used to run various actions when a database loads.
This is a fairly simple example:
However, there are several fallacies about the autoexec macro that are widely believed, even by experienced developers:
1. Autoexec runs first before any other code
WRONG – code in the startup form runs followed by any actions from the autoexec macro
2. Autoexec doesn’t run if macros are blocked
WRONG – disabling macros has no effect on the autoexec macro
3. Autoexec doesn’t run if the database app isn’t trusted
WRONG (at least partly so) – certain ‘SAFE’ actions still run though ‘UNSAFE’ actions are blocked.
There are two types of macro action:
a) Safe actions e.g. Message Box or Open Form - these ALWAYS run
b) Potentially unsafe actions e.g. Quit Access / Import/Export Data are blocked depending on the trust settings
Macro actions flagged as unsafe are by defaulthidden in the macro Action Catalog but can be made visible by clicking Show All Actions on the Macro Design ribbon.
These actions are normally shown with a warning symbol:
|Default view – safe actions only
||All macro actions visible
By default, database apps that have been downloaded from the internet or email are NOT trusted.
However, an app is trusted if it is in a trusted location or has been trusted by e.g. clicking the security banner
The autoexec macro will still run safe actions even if the security banner is visible
However, code from the startup form is blocked – it does NOT run
The Macro settings in the Trust Center can also cause some confusion. There are 4 options:
1. Disable all macros without notification: Not trusted – but no security banner displayed
2. Disable all macros without notification: Not trusted – security banner shown
3. Disable all macros except digitally signed macros: Not trusted – no banner
4. Enable all macros (not recommended; potentially dangerous code can run): Trusted – no banner
I strongly RECOMMEND using setting 2 – disable all macros with notification so the security banner is shown where the app isn’t trusted
The ONLY way to prevent any code running is to open the application using the SHIFT BYPASS i.e. hold down the shift key when the application is opened
Developers will often disable the shift bypass before distributing apps to ensure that code DOES run.
However, it is possible to circumvent this and re-enable the shift bypass. I am deliberately not going to explain how to do that in this article
I have created an example app to illustrate what actions are allowed even in apps that have NOT been trusted
Click to download: Autoexec Trust Example
Test the app by doing the following in turn:
a) Save the app to a non-trusted location
b) Open the app using the shift bypass and check that macros are disabled with notifications (macro setting 2 above)
c) Disable all trusted documents
d) Reopen the app – the security banner is displayed – don’t click it yet.
The Autoexec macro still runs despite itself being a macro!
This message is shown:
. . . followed by this . . .
The app doesn't close as Quit Access is marked as unsafe in the macro designer
e) Repeat opening the app from a trusted location.
First of all this message appears when the startup form loads - BEFORE the autoexec macro runs:
Next this message is triggered by the autoexec macro:
. . . followed by this . . .
Close down then runs successfully as the 'unsafe action' is allowed in a trusted database
f) Move the app back to a non-trusted location and enable all macros
(normally this should be avoided for safety reasons)
Once again it will be shown as non-trusted (see 3 above)
REMEMBER to change the macro settings back to setting 2 again afterwards!
I hope this article helps clarify what actions occur and in which order when an Access app is opened
Colin Riddington Mendip Data Systems 28 June 2022
Return to Access Articles Page
Return to Top