2024 Update Rollup 1

Working With Third-Party ProductsPermanent link for this heading

A core feature of Fabasoft products is the management of a varied range of content. This includes running the tools needed for viewing and editing content like documents or pictures.

These tools are required to be installed on client devices.

The native client identifies the type of content and uses mechanisms of the client operating system to map a tool to the identified type. The native client honors security policies of the client operating system and adds Fabasoft-specific security structures on top of the operating system.

Deploying predefined configurationPermanent link for this heading

For the rollout of the Fabasoft Folio Client configuration, there is the possibility that the Fabasoft Folio Client automatically fetches the configuration from the server at startup. This configuration is necessary if the Microsoft Office ribbons or the synchronized folder should be used before a user has ever logged on to the respective domain. Because the first time the user accesses the domain via a web browser, this configuration will be loaded. Therefore, you only have to configure your web service URL on all clients.

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Fabasoft\NativeClient\Folio\cx
Value name: DomainHref
Type: REG_SZ
Value data: <web service URL e.g. https://folio.example.com/folio/>

Note: This setting can only be used with integrated authentication.

Security SettingsPermanent link for this heading

When performing operations like viewing, editing or playing content the native client runs tools installed on the device. Which tool has to perform a given operation on a given type of content is determined by mechanisms defined by the Microsoft Windows Shell. These mechanisms are described in:
https://docs.microsoft.com/en-us/windows/win32/shell/default-programs: new window

https://docs.microsoft.com/en-us/windows/win32/shell/fa-verbs: new window

In addition, the native client defines restriction points applying to Fabasoft products only. These are part of the broader customization mechanisms for running tools, defined by the registry sub tree HKEY_CURRENT_USER\Software\Fabasoft\Process Parameters.

In the root of this tree one of two policies can be declared:

  • If a named value of type String with the name Security and the value “Black” is present, the so called “Blacklist Security” policy applies.
  • Otherwise, the mode of operation is “Whitelist Security”.

Blacklist SecurityPermanent link for this heading

This security policy is the less secure tool restriction mode. It is therefore switched off by default. Any program not restricted by operating system policies and not explicitly disallowed by the native client is allowed to run. To explicitly disallow the execution of a tool, there must be a registry key HKEY_CURRENT_USER\Software\Fabasoft\Process Parameters\<base name of the tool executable> holding a named value of type DWORD with the name DisallowRun and the value “1”.

Example:

The setting in this example does not allow loading any executable from a file with the base name “notepad”. The base name comparison is case-insensitive.

Default Blacklist

If the native client security is set to “Black”, the following executables are disallowed by default:

  • Standard script engine hosts
    • wscript
    • cscript
  • Elevated browsers
    • mshta
  • Standard registry editors
    • regedit
    • regedt32

For any of these executables, no registry entry is needed to disallow its execution. If there is an explicit entry, execution can be allowed by setting the named value DisallowRun to the value “0”.

Whitelist SecurityPermanent link for this heading

This is the default native client security mode. Tool execution is restricted to an explicit list of executables. Only executables defined by that list can be executed within a Fabasoft product if not restricted by operating system policies.

To explicitly allow the execution of a tool, there must be a registry key HKEY_CURRENT_USER > Software > Fabasoft > Process Parameters > <base name of the tool executable> holding a named value of type DWORD with the name AllowRun and the value “1”.

Example:

The setting in this example allows loading an executable from a file with the base name “tracer”. The base name comparison is case-insensitive.

Default Whitelist

If the native client security is set to any value other than “Black“, the following executables are allowed by default:

  • Standard text editors/viewers
    • notepad
    • tracer
    • wordpad
  • Standard image editors/viewers
    • mspaint
    • rundll32 [shimgvw]
    • rundll32 [photoviewer]
    • snapview
    • ois
  • Standard final format editors/viewers
    • acrord32
    • acrobat
    • xpsviewer
    • xpsrchvw
  • Supported package editors/viewers
    • winrar
    • winzip32
    • rundll32 [zipfldr]
  • Supported signature editors/viewers
    • siqscc
  • Supported help viewers
    • hh
  • Supported mail clients
    • msimn
    • outlook
    • thunderbird
    • winmail
    • wlmail
  • LibreOffice
    • soffice
    • swriter
    • scalc
    • simpress
    • sdraw
    • smath
  • Microsoft Office
    • winword
    • excel
    • powerpnt
    • visio
    • msaccess
    • mspub
    • frontpg
    • fpeditor
    • winproj
    • wordview
    • xlview
    • pptview
    • moc
  • Autodesk AutoCAD
    • acad
    • acadlt
    • aclauncher
    • expressviewer
  • Windows Media Player
    • wmplayer
  • Apple Quicktime Player
    • quicktimeplayer
  • Siemens JT2Go
    • Visview_ng
  • SAP GUI Starter
    • sapgui

For any of these executables, no registry entry is needed to allow its execution.

Document PropertiesPermanent link for this heading

Document properties allow you to embed read-only metadata in documents edited with Microsoft Word. Before you can insert document properties into a Microsoft Word document, you have to activate the Fabasoft Folio COM add-in that is installed with the native client. To enable the COM add-in, click the Office button and click “Word Options”. In the dialog box, click “Add-Ins”, select “COM Add-Ins” in the Manage drop-down list box and click “Go”. In the dialog box that is opened, select “Fabasoft Folio 2024 Word Extension” and click “OK”.

Note: The document properties will only be refreshed when opening the document, if the add-in is active.

The COM add-in can be activated manually as described above, or the corresponding registry keys can be deployed after installing the native client.

[HKEY_CURRENT_USER\Software\Microsoft\Office\Word\Addins\FolioPM24.OxWord]
"FriendlyName"="Fabasoft Folio 2024 Word Extension"
"LoadBehavior"=dword:00000003

Temporary FilesPermanent link for this heading

To be able to edit or read a document in a third-party product the document file has to be stored temporarily on the client. The location of the temporary files can be manually defined by setting the following registry key:

[HKEY_CURRENT_USER\Software\Fabasoft\WebClient\ConfigValues\Enterprise22\DocDir]
@="directory path"

The directory path can be defined the following way:

  • absolute directory path (e.g. C:\MyTempFolder)
    The user needs write access to the directory.
  • <local>
    Corresponds to CSIDL_LOCAL_APPDATA under Microsoft Windows (e.g. C:\Users\<user>\AppData\Local).
  • <roaming>
    Corresponds to CSIDL_APPDATA under Microsoft Windows (e.g. C:\Users\<user>\AppData\Roaming).
  • <temp>
    The temporary directory (e.g. C:\Users\<user>\AppData\Local\Temp).

Mail Merge on Microsoft WindowsPermanent link for this heading

Microsoft Office Permanent link for this heading

Working with Microsoft Word mail merge documents differs from working with normal documents.

  • First the document is opened in the background (invisible) and the mail merge data is applied.
  • Subsequently the document is saved, closed and reopened including the mail merge data.
  • After closing the document, the document will be opened again in the background (invisible) and the mail merge data will be removed from the document.

The steps in which the mail merge data source operations are carried out can be influenced by customer macros that may prevent a correct processing. Therefore all macros will be deactivated for the background steps and are only active when the document is opened regularly including a Microsoft Word user interface. Macros can be activated at your own risk with the with following registry key:

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Fabasoft\WebClient\ConfigValues\Enterprise22]
"MSWORD_disablemacros"="false"

It is also possible to define the maximum delay (ms) and retry time (ms) for the attaching mail merge data call. This may be necessary because opening a mail merge document with macros often lasts longer.

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Fabasoft\WebClient\ConfigValues\Enterprise22]
"MSWORD_timeout"=dword:00007530

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Fabasoft\WebClient\ConfigValues\Enterprise22]
"MSWORD_retrydelay"=dword:000003e8

LibreOfficePermanent link for this heading

To use the mail merge functionality, a LibreOffice extension is required. To install the Fabasoft Folio Client for LibreOffice, perform the following steps:

  1. Download the FolioClientLibreOffice.msi installation package from the Fabasoft Folio installation.
    https://<host>/<vdir>/fscasp/content/lib/FolioClientLibreOffice.msi
    Alternatively, you find the MSI file in the Setup\ComponentsBase\Client folder of the Fabasoft Folio distribution media.
  2. Make sure that you have administrative rights.
  3. Run the FolioClientLibreOffice.msi installation package and follow the installation wizard.

After the installation is successfully completed, the extension appears in the “Extension Manager” of LibreOffice.

Mail Merge on LinuxPermanent link for this heading

To use the mail merge functionality, a LibreOffice extension is required. To install the Fabasoft Folio Client for LibreOffice, perform the following steps:

  1. Download the FolioClientLibreOffice.zip package from the Fabasoft Folio installation.
    https://<host>/<vdir>/fscasp/content/lib/FolioClientLibreOffice.msi
    Alternatively, you find the ZIP file in the Setup\ComponentsBase\Client folder of the Fabasoft Folio distribution media.
  2. Open the LibreOffice Writer application
  3. Open the “Extension Manager” in the “Tools” menu and click on “Add”
  4. In the file dialog choose the FolioClientLibreOffice.zip file and click “Open”
  5. The extension will now be installed and appear in the list of the installed extensions.
  6. After the installation is successfully completed, the extension appears in the “Extension Manager” of LibreOffice.

Note: Make sure that libreoffice-base_<version>.deb is installed. If you install LibreOffice manually, make sure that a symbolic link to soffice exists:

sudo ln -s /opt/libreoffice<version>/program/soffice /usr/sbin/soffice

Delay Uploading a Changed DocumentPermanent link for this heading

The upload of a changed document can be delayed. In normal circumstances, this setting is not necessary. However, if you use Microsoft Office 2010 and specially configured virus scanners, this setting can be used to prevent documents from being locked and opened read-only.

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Fabasoft\WebClient\ConfigValues\Enterprise22]

"UPLOAD_handsoffseconds"=dword:00000002

The registry entry defines the minimum time in seconds between the last change and the upload. The default value is 0. If you notice problems, try the value 2 (possible values are from 0 to 5).

Load TestingPermanent link for this heading

For load tests, it can be helpful to prevent third-party applications from opening. With the following registry key, all server requests are sent without starting the third party application.

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Fabasoft\WebClient\ConfigValues\Enterprise22]

"TEST_NOTOOLEXECUTION"="true"

Note: This setting may only be used in test environments.

Download PDF

Download PDF