Adobe Reader 7 DRM Plugin
Gidday,
I'm packaging Adobe Reader 7 for deployment in our builds and I have an issue with allowing the Digital Rights Management (DRM) plugin from loading, without allowing the Updater plugin from notifying or giving them (our users) the ability to modify the Adobe Reader 7 version (with updates). Blocking the Updater in the mst prevents the DRM plugin from activating.
I have been trying to hide the Updater preferences window as I cannot see a way around restricting the DRM plugin and blocking Adobe Reader 7 updater. The DRM module can be tested at this site:
http://www.bl.uk/services/document/sed.html
Just run the Test Document down in the bottom right.
Any enlightenment would be appreciated. Thanks in advance,
WayneB
I'm packaging Adobe Reader 7 for deployment in our builds and I have an issue with allowing the Digital Rights Management (DRM) plugin from loading, without allowing the Updater plugin from notifying or giving them (our users) the ability to modify the Adobe Reader 7 version (with updates). Blocking the Updater in the mst prevents the DRM plugin from activating.
I have been trying to hide the Updater preferences window as I cannot see a way around restricting the DRM plugin and blocking Adobe Reader 7 updater. The DRM module can be tested at this site:
http://www.bl.uk/services/document/sed.html
Just run the Test Document down in the bottom right.
Any enlightenment would be appreciated. Thanks in advance,
WayneB
0 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
WayneB
18 years ago
OK, I've found a workaround for this.
As well as the usual customisations, I've configured the mst to disable the unneccessary update notifications etc:
[HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\7.0\Updater]
"bShowInstCompDialog"=dword:00000000
"bShowNotifDialog"=dword:00000000
"iUpdateFrequency"=dword:00000000
(Thanks to Chris Conklin- AppDeploy Post)
To hide the Updates Preference Tab:
[HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Acrobat Reader\7.0\FeatureLockdown]
"bUpdater"=dword:00000000
(Thanks to CheeZ - - AppDeploy Post)
I've also added some extra file extensions associations to the transform using Adobe Tuner 7.0 (Preferences -> File Attachments) these were:
*.etd - Allow
*.xml - Allow
this was done according to this doc. (sent from our security team -source unknown)
Firewalls
When a personal firewall is present, it needs to allow Adobe Reader to contact the Internet. Most personal firewalls allow assigning rights to software in a very granular manner.
In case of a corporate firewall, the following aspects need to be considered:
1. Acrobat communicates on port 80 and port 443.
2. The following domains need to be reachable:
a. www.secureattachment.com
b. http://acs.ebooks.info2clear.com (drm server)
c. https://aractivate.adobe.com (Activation server)
3. Although Acrobat uses port 80 and port 443 to communicate with the servers, no html files are transmitted. The following content types are used: xml, pdf, fdf and etd.
4. Acrobat uses custom HTTP headers to communicate with ACS. Some firewalls remove them. It is important that those headers are not removed from requests for the DRM server.
If you are suspecting that your corporate firewall prevents you from downloading the secured document, contact you firewall operator to verify the above issues.
I've tested this on a dial up line and it works fine authenticating the Digital Rights Management module on our test page, however our enterprise firewall is blocking this still. Our security guys are looking into this.
Hope this helps someone out.
Regards
Wayne
As well as the usual customisations, I've configured the mst to disable the unneccessary update notifications etc:
[HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\7.0\Updater]
"bShowInstCompDialog"=dword:00000000
"bShowNotifDialog"=dword:00000000
"iUpdateFrequency"=dword:00000000
(Thanks to Chris Conklin- AppDeploy Post)
To hide the Updates Preference Tab:
[HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Acrobat Reader\7.0\FeatureLockdown]
"bUpdater"=dword:00000000
(Thanks to CheeZ - - AppDeploy Post)
I've also added some extra file extensions associations to the transform using Adobe Tuner 7.0 (Preferences -> File Attachments) these were:
*.etd - Allow
*.xml - Allow
this was done according to this doc. (sent from our security team -source unknown)
Firewalls
When a personal firewall is present, it needs to allow Adobe Reader to contact the Internet. Most personal firewalls allow assigning rights to software in a very granular manner.
In case of a corporate firewall, the following aspects need to be considered:
1. Acrobat communicates on port 80 and port 443.
2. The following domains need to be reachable:
a. www.secureattachment.com
b. http://acs.ebooks.info2clear.com (drm server)
c. https://aractivate.adobe.com (Activation server)
3. Although Acrobat uses port 80 and port 443 to communicate with the servers, no html files are transmitted. The following content types are used: xml, pdf, fdf and etd.
4. Acrobat uses custom HTTP headers to communicate with ACS. Some firewalls remove them. It is important that those headers are not removed from requests for the DRM server.
If you are suspecting that your corporate firewall prevents you from downloading the secured document, contact you firewall operator to verify the above issues.
I've tested this on a dial up line and it works fine authenticating the Digital Rights Management module on our test page, however our enterprise firewall is blocking this still. Our security guys are looking into this.
Hope this helps someone out.
Regards
Wayne
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.