This document guides you through installing and configuring Adobe Experience Manager Document Security Extension for Microsoft Office.
This document includes information about the following tasks:
- Installing Document Security Extension for Microsoft Office
- Preconfiguring the installer to point to the LiveCycle Rights Management ES2 or later or Document Security add-on for AEM 6.0 Forms or later.
- Configuring the automatic application of default policy
- You have read the Release Notes.
- Microsoft Office is activated. Activation dialog does not appear on opening Microsoft Office applications.
- Latest service packs for Microsoft Windows and Microsoft Office are installed.
- If you are installing Document Security for Microsoft Office for an unsupported language, open the Office application at least once.
Do not install the software in a folder whose name contains double-byte characters. If you do so, the AEM Document Security menu does not appear in Microsoft Office.
Installing a 32-bit version of Document Security extension on a 64-bit operating system is supported but the opposite way is not supported. You cannot install 64-bit version of Document Security extension for Microsoft Office on a 32-bit operating system.
To ensure that Office applications start smoothly on a machine that has Document Security Extension installed and McAfee VirusScan with On-Access Scan enabled, disable the Buffer Overflow Protection option in the McAfee VirusScan Console.
AEM Document Security Extension for Microsoft Office does not support third-party plug-ins for Microsoft Office applications. As this extension conflicts with third-party plug-ins, uninstall any non-Adobe plug-ins for Microsoft Office before installing Document Security for Microsoft Office. Adobe does not provide support for Document Security for Microsoft Office applications with third-party plug-ins installed.
Ensure the following minimum configurations on which you want to install Document Security Extension:
- 32-bit or 64-bit versions of Microsoft Windows 7 or Windows 10 in English, French, German, Japanese, Italian, Spanish, Brazilian Portuguese, Korean, Simplified Chinese, or Traditional Chinese.
Note: Document security extension for Microsoft Office is also expected to work on Microsoft Surface devices.
32-bit or 64-bit versions Microsoft Office 2013, 2016, 2019 and Microsoft Office desktop applications installed as part of Office 365 in English, French, German, Japanese, Italian, Spanish, Brazilian Portuguese, Korean, Simplified Chinese, or Traditional Chinese.
Note: AEM Document Security Extension for Microsoft Office does not support third-party plug-ins for Microsoft Office applications. As this extension may conflict with third-party plug-ins, any non-Adobe plug-ins for Microsoft Office applications must be uninstalled before installing Document Security Extension for Microsoft Office. Adobe does not provide support for Document Security Extensions for Microsoft Office applications with third-party plug-ins installed.
1.3-GHz processor or higher
2 GB of RAM
100 MB of available hard disk space
To use Document Security Extension, ensure that you are able to connect to Adobe LiveCycle Rights Management ES2 and later or Document Security add-on for AEM 6.0 forms or later.
You can download the installer from the download page. You cannot customize the installer executable file directly, but it can be installed interactively or in silent mode. To install the software, log in to Windows as an administrator.
Separate installers are available for 32-bit and 64-bit versions of Microsoft Office. For 32-bit version of Microsoft Office, download DocumentSecurityExtensionforMicrosoftOffice.exe. For 64-bit version of Microsoft Office, download DocumentSecurityExtensionforMicrosoftOffice64.exe.
This document uses 32-bit installer file (DocumentSecurityExtensionforMicrosoftOffice.exe) to explain various commands and options. If you are using 64-bit version of Microsoft Office, use 64-bit installer file (DocumentSecurityExtensionforMicrosoftOffice64.exe) to perform operations listed in this document.
Use a file extractor utility, such as WinZip, to extract DocumentSecurityExtensionforMicrosoftOffice.exe from the installer file. Open the command prompt, go to the folder that contains the setup file, and type the following text:
DocumentSecurityExtensionforMicrosoftOffice.exe -s -a -s -v" /qn"
The installer is also available as an MSI file, which can be used for customization.
You can preconfigure the Document Security Extension for Microsoft Office installer to point to a LiveCycle or AEM server so that users who install Document Security Extension for Microsoft Office can use the features without configuring a connection. As such, users can open protected documents with no configuration necessary. However, they cannot protect new documents until they configure the client to use a particular server.
The following steps describe how to create and configure an MSI file. This MSI file contains the registry values that are required to preconfigure the Document Security Extension for Microsoft Office installer to the LiveCycle or AEM server that is installed in your enterprise.
Use the Orca database editor to customize the installer. The following steps describe how to create a custom MSI file by modifying a copy of the MSI installation file using the Orca database editor. Orca is available as part of Windows SDK for Windows Server 2008 and .NET Framework 3.5. For more information about how to edit Microsoft Windows® Installer files using Orca, see Microsoft Support.
It is recommended that you make a full backup of all installer files before you create the custom MSI file.
Double-click the Orca.msi file in the \Microsoft SDK\bin folder.
You also need the MSI variant of the installer file. Contact Adobe support to receive the latest version of the MSI installer.
Always close the DocumentSecurityExtensionforMicrosoftOffice.msi file before running the installer. You cannot run the installer if Orca is using the MSI file.
As part of the configuration, you can configure automatic application of a default policy so that Document Security Extension for Microsoft Office protects every document that is saved.
You can specify one of the following options:
- Protect all documents with a default policy.
- Allow users to optionally save a file in an unprotected format when they cannot connect to the server. This flexibility allows you to account for cases when users are creating documents while disconnected from the network (for example, while on an airplane).
After you enable the auto-apply policy feature, the document is protected with the default policy in the following cases:
- User edits and saves a newly created document
- User edits and saves an unprotected document
- User opens an application that opens with a default document, edits, and then saves the document
Before you begin, preconfigure the installer to point to your LiveCycle or AEM forms server, as described earlier in this article.
Edit the following key name values as applicable to your enterprise installation of Rights Management or Document Security.
Key Value Default
Enable or disable the auto-apply policy feature.
The policy GUID to use when new documents are saved. Applies to the auto-apply policy feature.
Hexadecimal policy ID as visible on the RM server
Server port number.
Determines whether documents can be created without Document Security protection if the client cannot contact the server to protect the document on first save.
1: Allow unprotected saves)
0: Prevent creation of new documents when the client cannot contact the server to save the document.
AUTO_APPLY_POLICY_ALLOW_UN PROTECTED_SAVE option is useful when you want to remind customers to protect all documents without forcing them to do so. It is also useful when you know that users create documents while disconnected from the network. You do not want to prevent them from creating and saving documents.
The administrator can enable the ability to automatically protect any document that a user saves. The Administrator configures the Auto-apply policy feature in the installation program for Document Security Extension for Microsoft Office.
If Auto-apply Policy is enabled, all documents that the user saves are protected with the default policy. This action applies in these situations:
When a user creates a new document, edits, and saves it.
When a user opens an unprotected document, edits, and saves it.
For information about configuring Auto-apply policy, see Configure an automatic application of default policy.
You can enable/disable the ribbon-less user interface by modifying settings in Windows Registry. Perform the following steps to update Registry and enable ribbon less user interface:
- Take a backup of Windows Registry before you make changes to it. For detailed instructions, see How to Modify the Windows Registry.
- In the Registry Editor, navigate to HKEY_CURRENT_USER\Software\Adobe\LiveCycle Rights Management ES4\11.0.0 or HKEY_LOCAL_MACHINE\Software\Adobe\LiveCycle Rights Management ES4\11.0.0
- Create a new Dword (32-bit) value named HidePluginUI.
- Set value of the HidePluginUI property to 1 to enable ribbon-less user interface.
- Close the Registry Editor.
You can change Windows registry settings to make dynamic watermark co-exist with existing headers and footers. The registry settings make the watermark available only during printing. Perform the following steps to update Registry and enable watermarks during printing:
- Take a backup of Windows Registry before you make changes to it. For detailed instructions, see How to Modify the Windows Registry.
- In the Registry Editor, navigate to HKEY_CURRENT_USER\Software\Adobe\LiveCycle Rights Management ES4\11.0.0 or HKEY_LOCAL_MACHINE\WOW6432NODE\Software\Adobe\LiveCycle Rights Management ES4\11.0.0
- Create a new Registry key WatermarkMode.
- In the WatermarkMode registry key, create a DWORD WatermarkMode, and set value of DWORD WatermarkMode to 1.
- Close the registry editor.
In Windows Explorer, you can use the File menu or context menu to create a Microsoft Excel Document. For the documents created with stated methods, the print date cannot be retrieved or changed. It is a limitation of Microsoft Excel. AEM Document Security watermarks rely on the print date of the document. So, for such documents, the watermark is reverted to a previous date. Moreover, headers and footers are also not retained.
A user can attempt to open the protected document on a machine which does not have an AEM Document Security for Microsoft Office plug-in installed. Such machines cannot open the document. On such machines, you can display a cover page containing instructions to download AEM Document Security for Microsoft Office plug-in and other information.
- Take backup of the CommonResources.dll file. The default path is:
- (For 32-bit office on 32-bit machine) C:\Program Files\Adobe\Adobe Experience Manager Forms\Document Security Extension
- (For 32-bit office on 64-bit machine) C:\Program Files (x86)\Adobe\Adobe Experience Manager Forms\Document Security Extension
- (For 64-bit office on 64-bit machine) C:\Program Files\Adobe\Adobe Experience Manager Forms\Document Security Extension
- Ensure that you have Microsoft Visual Studio 2008 or later installed. You can also use any other utility to edit the DLL files.
- Extract the templates.zip archive. The archive contains .xlsx, .docx, and .pptx templates for the cover page. Use only provided templates for file types .xlsx, .docx, and .pptx. You can create your own templates for other file types. Customize templates to include custom messages and instructions. You can find template.zip at:
The CommonResources.dll file contains information about the resource templates. It contains two name identifiers TEMPLATE_FILE and RT_MANIFEST. To enable a custom cover page, the TEMPLATE_FILE name identifier is modified. The TEMPLATE_FILE name identifier has six resources:
Add the resources:
- With a project selected in Solution Explorer, on the Project menu, click Properties.
- Select the Resources tab.
- On the Resource Designer toolbar, point to Add Resource, click the arrow. For resource type, select TEMPLATE_FILE, and click import.
- In the Add existing file to resources dialog box, browse to the Resource.xlsx file, and then click Open. The file is added to the TEMPLATE_FILE directory.
Ensure that the language settings are correct. Delete the resource with neutral language.
Package custom CommonResources.dll file with the installer of AEM Document Security extension for Microsoft Office
You can customize the CommonResources.dll file to include add a custom cover page. After customizing the file, you can manually replace the original file with the custom file on all the workstations or you can choose an automated method to replace the file.
In a large environment, it is difficult and tedious to manually replace the default CommonResources.dll file with a custom CommonResources.dll file. You can use a self-extracting and packaging tool (For example, WinZip Self-Extractor) to package the custom CommonResources.dll file with AEM Document Security Extension for Microsoft Office installer. Later on, you can distribute the custom installer to all the workstation. This method reduces the time required to replace the default CommonResources.dll file with a custom file. It also ensures that all the workstation has the required CommonResources.dll file. Self-extracting and packaging tool is just one of the many possible methods of automatically replacing a file. You can choose any method that is suitable for your environment.
You can perform the following steps to package custom CommonResources.dll file with the installer of AEM Document Security extension for Microsoft Office:
@echo off setlocal EnableDelayedExpansion msiexec /i YOUR_FOLDER_NAME\MSI_NAME.exe FOR /F "tokens=2,*" %%A IN ('REG query "HKLM\HARDWARE\DESCRIPTION\System\CentralProcessor\0" /v "Identifier"') DO set "IDENTIFIER=%%B" set IDENTIFIER= %IDENTIFIER: =% if not %IDENTIFIER:x86=%==%IDENTIFIER% ( REM Fetching install path for 32 bit machine. FOR /F "tokens=2,*" %%A IN ('REG query "HKLM\SOFTWARE\Adobe\LiveCycle Rights Management ES4\11.0.0" /v "InstallPath"') DO set "INSTALLPATH=%%B" )else ( REM Fetching install path for 64 bit machine. FOR /F "tokens=2,*" %%A IN ('REG query "HKLM\SOFTWARE\Wow6432Node\Adobe\LiveCycle Rights Management ES4\11.0.0" /v "InstallPath"') DO set "INSTALLPATH=%%B" ) COPY "YOUR_FOLDER_NAME\CommonResources.dll" "%INSTALLPATH%" endlocal
If you are using any other version of LiveCycle or AEM Forms on JEE apart from LiveCycle Rights Management ES4 and version as 11.0.0, replace the path of the registry key as following:
- (Livecycle Rights Management ES2 and version 9.0): HKLM\SOFTWARE\Adobe/LiveCycle Rights Management ES2\9.0
- (Livecycle Rights Management ES3 and version 10.0)
- (Livecycle Rights Management ES4 and version 11.0) HKLM\SOFTWARE\Adobe\LiveCycle Rights Management ES4\11.0.0
- (AEM 6.0 Forms on JEE and later verisons) HKLM\SOFTWARE\Adobe\LiveCycle Rights Management ES4\11.0.0
Use a self-extractor and packager tool to package the folder containing the custom CommonResources.dll file, original installer of AEM Document Security extension for Microsoft Office, and the batch file.
Ensure that the self-extracting package is set to run as an administrator and automatically
runs the batch fil on completing the extraction.
Now, the self-extracting installer of AEM Document Security extension for Microsoft Office packages custom CommonResources.dll file and is ready for distribution.