Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Document generation not working. Constant Silverlight prompt.

SA-5448

Summary




A user attempts to generate a document using Word is leading to a pop-up appear, which offers to install Silverlight prerequisites. In fact the prerequisites and Silverlight are present in the system. This was reproduced on Win7 32 and 64 bit (IE 9 and IE10).
 
1. Steps to reproduce: click Document Now
 
Following the popup, the document is not generated.


Error Messages



Silverlight Installation required.

Steps to Reproduce



1. click “Document Now”
2. Notification appears:



Note: the PDN article 68786 “Word merge support with Microsoft Silverlight plug-in” shows this popup is not expected in Internet Exploer.  We should just see a security warning.

Root Cause



It was found 3 Windows registry key were preventing the Silverlight from being called.

First Registry key: AllowLaunchOfElevatedTrustApps
Second Registry key: AllowInstallOfElevatedTrustApps

This was set to 0x00000000 (disable).
Microsoft documents this registry key as follows in an article for Group Policy Settings for Silverlight:
Silverlight Trusted Applications
Silverlight allows users to install out of browser applications via the Install dialog. Silverlight supports two kinds of out of browser applications, sandboxed applications which run with the same security restrictions as in browser, and trusted applications which run with additional permissions. Trusted applications are only available in Silverlight 4 and later. A trusted application can read and write user data, run other programs, and run without cross domain networking restrictions. Much like running a .exe, trusted apps should only be installed if it's from a website you trust.
Silverlight provides settings to disable support for trusted applications, which is particularly useful for locked down environments. To provide additional control, Silverlight provides two different settings, one to control the installation of trusted applications, and the second to control the running of trusted apps that were previously installed. Neither setting affects sandboxed out of browser applications.
Both of these settings are available in the custom ADM or ADMX file you create using the text provided at the bottom of this page. The registry setting for trusted application installation that the administrative template files contain is:
Key path: HKEY_LOCAL_MACHINE\Software\Microsoft\Silverlight\
Value Name: AllowInstallOfElevatedTrustApps
Value Type: DWORD
Valid Values:
Disabled — 0x00000000
Enabled — 0x00000001

The registry setting for running trusted applications that the administrative template files contain is:
Key path: HKEY_LOCAL_MACHINE\Software\Microsoft\Silverlight\
Value Name: AllowLaunchOfElevatedTrustApps
Value Type: DWORD
Valid Values:
Disabled — 0x00000000
Enabled — 0x00000001


Third registry key: “AllowElevatedTrustAppsInBrowser
This was set to 0x00000000 (disable).
Microsoft documents in an “How to: Enable Trusted Applications to Run Inside the Browser” article:
 

To enable in-browser trusted applications

1.    Configure the target computers to allow trusted applications inside the browser by setting the following registry key:
o    Key path for 32-bit computers: HKEY_LOCAL_MACHINE\Software\Microsoft\Silverlight\
o    Key path for 64-bit computers: HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Silverlight\
o    Value name: AllowElevatedTrustAppsInBrowser
o    Value type: DWORD
o    Valid Values:
§  Disabled - 0x00000000
§  Enabled - 0x00000001
2.    Ensure that you do not set conflicting registry keys. For more information, see the AllowInstallOfElevatedTrustApps and AllowLaunchOfElevatedTrustApps registry keys in Group Policy Settings. Specifically, you can disallow the installation of trusted applications without affecting their in-browser use. However, disallowing the launch of trusted applications will cause them to run in partial trust, even inside the browser.
3.    Sign the .xap files with a valid, code-signing certificate. For more information, see the "Application Signing" section of Trusted Applications.
4.    Install the certificate to the Trusted Publishers certificate store and (if necessary) the Trusted Root Certification Authorities store. For more information, see Deploying Certificates to the Trusted Publishers Store.
 


Resolution



Registries “AllowLaunchOfElevatedTrustAppsandAllowElevatedTrustAppsInBrowserand ""AllowInstallOfElevatedTrustApps" were set to 0x00000001 (enabled)  to allow Silverlight to run.

Published January 31, 2016 - Updated October 8, 2020

Was this useful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us