Plan Excel Services security
Updated: February 26, 2009
Applies To: Office SharePoint Server 2007
In this article:
About Excel Services security
In addition to the security requirements for deploying Microsoft Office SharePoint Server 2007, you need to review security considerations for a deployment that includes Excel Services in Microsoft Office SharePoint Server 2007. Windows SharePoint Services 3.0 provides the platform on which Office SharePoint Server 2007 is built.
Excel Services in Microsoft Office SharePoint Server 2007 functionality, coupled with Office SharePoint Server 2007, is the primary way to control, secure, and manage access to Excel workbooks in the enterprise. Excel Services is an enterprise-class application server that is designed for performance, scalability, and security. An Excel Services deployment provides thin rendering of — and interactivity with — workbooks, and it enables you to easily reuse workbook components, such as charts and PivotTable reports, that can be rendered in business intelligence dashboards.
Excel Services enables you to leverage server-side Excel spreadsheet calculations for custom applications, and it provides users with the ability to lock workbooks and to secure private data and intellectual property. This ensures that data within your workbooks is protected while users interacting with workbooks on a server can take full advantage of the data refresh and recalculation functionality provided by Excel Services.
Security is an important component for enabling these data rendering scenarios. You need to consider many factors when planning for an environment that helps to ensure the security of workbooks that are rendered on a server. You need to plan for managing the security of workbooks and managing the security of the server itself. Excel Services provides you with a significant level of granular control for the processing and displaying of Excel workbooks. You can control how workbooks are opened on the server and the specific capabilities that are enabled for each workbook.
This article is an overview of the security settings for Excel Services and related components that you must consider when planning a deployment. In addition, this article provides prescriptive guidance for using Excel Services to help secure and manage access to workbooks on the server.
The security model for Excel Services is based on the concept that to ensure data integrity and quality, an administrator must be able to centrally manage shared resources and user access to corporate intellectual property contained in workbooks. To accomplish this, Excel Services enables you to specify:
Trusted file locations These are SharePoint document libraries, UNC paths, or HTTP Web sites that have to be explicitly trusted before Excel Calculation Services is allowed to access them. Excel Calculation Services opens workbooks that are stored in trusted file locations only.
Trusted data providers These are external databases that Excel Calculation Services is explicitly configured to trust when processing data connections in workbooks. Excel Calculation Services attempts to process a data connection only if the connection is to a trusted data provider.
Trusted data connection libraries These are SharePoint document libraries that contain Office data connection (.odc) files. The .odc files are used to centrally manage connections to external data sources. Instead of allowing embedded connections to external data sources, Excel Calculation Services can be configured to require the use of .odc files for all data connections. The .odc files are stored in data connection libraries, and the data connection libraries have to be explicitly trusted before Excel Calculation Services will allow workbooks to access them.
By default, cross-domain workbook and data connection access is not allowed. To allow workbooks in trusted file locations (and data connections in trusted data connection libraries) to be accessed across domains by web parts, pages, or Web services, run the Stsadm.exe command-line utility, as shown in the following example, where SSP name is the name of your Excel Services Shared Services Provider:
stsadm.exe -o Set-EcsSecurity -Ssp <SSP name> -AllowCrossDomainAccess true|false
The requesting Web pages and the workbooks or data connections must reside in the same farm.
When you open a workbook in Excel Calculation Services, a temporary file is stored in the %TEMP% folder of the application server that is running Excel Calculation Services.
Plan user authentication
Excel workbooks that are opened by Excel Calculation Services should be stored in the Office SharePoint Server 2007 content database, because Windows SharePoint Services 3.0 maintains an access control list (ACL) for these files. Excel Calculation Services can also open workbooks from UNC paths and HTTP Web sites, but we recommend using the Office SharePoint Server 2007 content database for workbook storage.
Authentication for user access to a SharePoint portal site is performed by Windows SharePoint Services 3.0. By default, Windows SharePoint Services 3.0 uses Integrated Windows authentication.
In addition to the listed authentication methods, Excel Services also supports generic forms-based authentication. However, configuring Windows SharePoint Services 3.0 to use generic forms-based authentication is beyond the scope of this article.
Plan communication among servers
You can determine how front-end Web servers communicate with Excel Calculation Services application servers, and how application servers communicate with back-end data sources, by configuring Excel Services to use either trusted subsystem data access or delegation. Trusted subsystem is the default setting for a Windows server farm, because it does not have the extra configuration requirements of the delegation model. In the trusted subsystem model, front-end Web servers and Excel Calculation Services application servers trust the accounts of the associated Office SharePoint Server 2007 applications by using the Shared Services Provider (SSP).
In a trusted subsystem environment, when opening files from Office SharePoint Server 2007, permission checks on the files can be performed against end-user identities even if Kerberos is not configured. If Excel Calculation Services application servers open workbooks from UNC shares or HTTP Web sites, the user account cannot be impersonated, and the process account must be used.
To impersonate the user account and implement workbook authorization, you must set up constrained Kerberos delegation between Excel Calculation Services application servers and UNC or HTTP resources.
Constrained Kerberos delegation is the most secure configuration for communication between front-end Web servers and Excel Calculation Services application servers. Constrained Kerberos delegation is also the most secure configuration for accessing back-end data sources from application servers. Constrained Kerberos delegation is the preferred configuration for deploying Excel Services. For external data connections, Integrated Windows authentication will only work if the delegation model is implemented.
Plan external data authentication
Workbooks can contain embedded direct data connections and links to data connection files that are stored in data connection libraries. On refresh, depending on the configuration of Excel Services, the embedded direct data connection can be used to query the data source, or the data connection library link can be used to query the .odc file. The .odc file contains data connection information and must be stored in a data connection library.
To configure Excel Services to process connections to external data sources, select a setting in the External Data section of the Excel Services Add Trusted File Location page of the SharePoint Central Administration Web application.
To configure administrative settings for Excel Services, open the SharePoint Central Administration Web application from Office SharePoint Server 2007 and perform the following procedure.
Configure administrative settings for Excel Services
On the Central Administration home page, click Application Management.
On the Application Management page, in the Office SharePoint Server 2007 Shared Services section, click Create or Configure this Farm's Shared Services.
On the Manage this Farm's Shared Services page, click SharedServices1 (Default). This is the SSP that you will configure.
On the Shared Services home page, in the Excel Services Settings section, click Trusted file locations.
On the Excel Services Trusted File Locations page, click Add Trusted File Location.
In the Address section, type the location and name of the SharePoint document library that you want to add as a trusted file location in Excel Services. If the document library is stored in the Windows SharePoint Services 3.0 content database, make sure Windows SharePoint Services 3.0 is selected as the Location Type.
Delegation is required for most farm deployments that have integrated connections. When Excel Calculation Services retrieves connection information, credentials are designated as Stored (to be retrieved from the SSO database), Integrated, or None. For data connections with integrated credentials, delegation is required for deployments that are scaled out to multiple servers. In a stand-alone deployment, delegation is not required.
Imagine a data connection in a workbook opened in an Excel Calculation Services application server that uses the Stored credentials method. Excel Calculation Services has to retrieve valid credentials from a single sign-on (SSO) authentication database. Then, it uses the credentials to authenticate against a data source, before the data connection can be established.
Excel Services supports three data authentication methods: Integrated Windows authentication, SSO authentication, and None.
Integrated Windows authentication
Integrated Windows authentication usually requires constrained Kerberos delegation, which is the most secure authentication method. We recommend that you enable constrained Kerberos delegation for authentication from front-end Web servers to application servers running Excel Calculation Services, and from Excel Calculation Services to external data sources. For Excel Services scenarios, we recommend using Integrated Windows authentication.
SSO authentication enables users to access multiple system resources without having to provide authentication credentials more than once. Office SharePoint Server 2007 implements SSO authentication by including a Windows service and a secure credentials database. Using the pluggable SSO functionality supported by Excel Services, you can implement your own SSO provider. Office SharePoint Server 2007 includes a Windows SSO provider that works with Excel Services.
Any SSO provider that you implement with Excel Services should maintain a flag for each SSO entry that specifies whether the SSO entry is using Windows-based credentials or credentials from another environment. The Windows SSO provider in Office SharePoint Server 2007 maintains a flag for this purpose. Excel Services uses the SSO database to retrieve credentials for connection authentication.
SSO authentication in Office SharePoint Server 2007 supports individual mappings and group mappings. SSO maintains a set of credentials for the application identities (App IDs) of resources that are stored in the Office SharePoint Server 2007 SSO database. For individual mappings, a security layer checks user credentials against multiple individual listings for an App ID that is stored in the SSO database. Individual mappings are useful if you need logging information about individual user access to shared resources.
For group mappings, a security layer checks group credentials for multiple domain users against a single set of credentials for a resource identified by an App ID that is stored in the SSO database. Group mappings are easier to maintain than individual mappings, and performance is better.
To enable SSO functionality for Office SharePoint Server 2007, start the Microsoft Single Sign-On service and then configure SSO settings in the SharePoint Central Administration Web application. Use the following procedures to set up and configure an SSO database to authenticate data connections.
Start the Single Sign-On service
From Administrative Tools, click Services.
Double-click Microsoft Single Sign-On Service.
On the Log On tab of the Single Sign-On Service Properties page, click This account, and then type the domain, user name, and password that you have used to install and manage your server.
On the General tab of the Single Sign-On Service Properties page, change the startup type to Automatic, click Start, and then click OK.
Start the Single Sign-On service on all front-end Web servers and all application servers in your farm that run Excel Calculation Services.
Manage SSO settings
From Administrative Tools, open the SharePoint Central Administration Web application.
On the Central Administration home page, click Operations.
In the Security Configuration section, click Manage settings for single sign-on.
On the Manage Settings for Single Sign-On page, click Manage server settings.
In the Account Name box for the SSO Administrator account, type the same domain and user name that you used to configure the Single Sign-On service. If the user name that you used to configure the Single Sign-On service is a member of a Windows security group, you can type the name of the Windows security group instead of a user name.
In the Enterprise Application Definition Administrator Account box, type the same domain and user name that you used to configure the Single Sign-On service.
When you specify None as the authentication method for your Excel Services deployment, Excel Services tries to use inbound connection strings to connect to the database specified in the string. Depending on the specific database provider, the database might be able to use the connection string to authenticate the user.
Excel Services does not parse connection strings to determine an authentication method. The connection strings are simply passed to the database provider. Connection strings can specify that Integrated Windows authentication is required. Connection strings can also contain a specific user name and password. In either case, when you specify None as the authentication method, Excel Services requires the impersonation of an unattended service account.
If the database provider determines that the connection string specifies Integrated Windows authentication, and if the database authorizes access, the connection is established by using the security context of the unattended account. If the connection string contains a user name and password, and if the database authorizes access, the connection is established by using the security context of the authorized user account.
Unattended service account
The unattended service account is a low-permissions account that Excel Calculation Services can impersonate when establishing a data connection that uses SSO credentials from an environment that is not Windows-based, or None, as the authentication method. If an unattended service account is not configured, data connections will fail if SSO from an environment other than Windows, or None, is used as the authentication method.
Impersonating the unattended account protects Office SharePoint Server 2007 databases, and any other data sources that Excel Services can directly access, from unauthorized connections by client computers that are using Excel Calculation Services to open external data connections. When an unattended service account is impersonated, the credentials associated with an Excel Calculation Services application thread cannot be used to access any other databases. Also, when an unattended service account is impersonated, external data queries are run under the security context of a low-permissions account, instead of running under the security context of an Excel Calculation Services application thread that has greater permissions.
You can configure the unattended service account either as a domain account or as a local computer account. If the unattended service account is configured as a local computer account, ensure that the configuration is identical on every application server running Excel Calculation Services. Restrict the permissions of the unattended service account to enable only logging on to the network. Verify that the unattended service account does not have access to any data sources or Office SharePoint Server 2007 databases. Use the following procedure to enable the unattended service account.
Enable the unattended service account
In the Name and Password boxes in the External Data section of the Excel Services Settings page, type the name and password that you want to use.
To configure administrative settings for Excel Services, including security settings, open the SharePoint Central Administration Web application from Administrative Tools in Microsoft Windows Server 2003, and perform the following procedure.
Configure security settings for Excel Services
On the Central Administration home page, click Application Management.
On the Application Management page, in the Office SharePoint Server 2007 Shared Services section, click Create or Configure this Farm's Shared Services.
On the Manage this Farm's Shared Services page, click SharedServices1 (Default). This is the SSP that you will configure.
On the Shared Services home page, in the Excel Services Settings section, click Edit Excel Services settings.
You can also use the Excel Services Settings page to configure the options for file access method and data encryption, which have a direct impact on secure deployment.
File access method
On the Excel Services Settings page, in the Security section, under File Access Method, select either Impersonation or Process account.
Impersonation This enables a thread to run in a security context other than the context of the process that owns the thread. Select Impersonation to require Excel Calculation Services to authorize users when they try to access workbooks that are stored in UNC and HTTP locations. Selecting this has no affect on workbooks that are stored in Office SharePoint Server 2007 databases. In most server farm deployments in which front-end Web servers and Excel Calculation Services application servers run on different computers, impersonation will require constrained Kerberos delegation.
Process account If Excel Calculation Services application servers are opening workbooks from UNC shares or HTTP Web sites, the user account cannot be impersonated, and the process account must be used.
You can use Internet Protocol Security (IPsec) or Secure Sockets Layer (SSL) to encrypt data transmission among Excel Calculation Services application servers, data sources, client computers, and front-end Web servers. To require encrypted data transmission between client computers and front-end Web servers, change the Connection Encryption setting from None to All connections. None is the default setting. If you change the Connection Encryption setting to All connections, the Excel Calculation Services application server will only allow data transmission between client computers and front-end Web servers over SSL connections.
If you decide to require encrypted data transmission, you will have to manually configure IPsec or SSL. You can require encrypted connections between client computers and front-end Web servers while allowing unencrypted connections between front-end Web servers and Excel Calculation Services application servers.
Trusted file locations
Trusted file locations are SharePoint sites, UNC paths, or HTTP Web sites from which a server running Excel Calculation Services is permitted to access workbooks.
In the Location section of the Excel Services Add Trusted File Location page, you can configure the address, the location type, and whether child libraries of trusted file locations are also trusted. By selecting Trust Children you can improve manageability, but you can also create a potential security issue by enabling subsites and subdirectories of trusted locations to be automatically trusted as soon as they are created.
Use the Trusted file locations worksheet (http://go.microsoft.com/fwlink/?LinkId=73327&clcid=0x409) to record the names of trusted SharePoint sites, UNC paths, and HTTP Web sites.
In the Session Management section, you can configure settings to help conserve resource availability and improve Excel Calculation Services performance and security. Performance can suffer when a large number of users have multiple Excel Calculation Services sessions open concurrently. You can control resource consumption and limit the duration of open Excel Calculation Services sessions by configuring two different time-out settings for open sessions.
The Session Time-out setting determines the amount of time an Excel Calculation Services session can remain open and inactive after each user interaction. The Short Session Time-out setting determines the amount of time an Excel Calculation Services session can remain open and inactive after the initial session request. You can also control the number of seconds allowed for any single session request by configuring a Maximum Request Duration value. By limiting the amount of time that sessions remain open, you can help reduce the risk of denial-of-service attacks.
In the Workbook Properties section, you can configure a maximum size of any workbook that is permitted to be opened in an Excel Calculation Services session. Performance and resource availability can be compromised when users open extremely large workbooks. Unless you control the allowable size of workbooks running in open Excel Calculation Services sessions, you risk users exceeding your resource capacity and causing the server to fail.
If an application server running Excel Calculation Services fails or is shut down, all open sessions on the server are lost. In a stand-alone installation, Excel Services will no longer be available. This means that workbooks cannot be loaded, recalculated, refreshed, or retrieved by Excel Calculation Services. In a server farm deployment that includes multiple application servers running Excel Calculation Services, shutting down one server does not affect open sessions that are running on other servers. Users with sessions running on a server that is shut down are prompted to reopen their workbooks. When users start a new session, they are automatically routed to active application servers running Excel Calculation Services.
In the External Data section, you can determine whether workbooks stored in trusted file locations and opened in Excel Calculation Services sessions can access an external data source. You can designate whether Allow External Data is set to None, Trusted data connection libraries only, or Trusted data connection libraries and embedded. If you select either Trusted data connection libraries only or Trusted data connection libraries and embedded, the workbooks stored in the trusted file locations are allowed to access external data sources.
External data connections can be accessed only when they are embedded in or linked from a workbook. Excel Calculation Services checks the list of trusted file locations before opening a workbook. If you select None, Excel Calculation Services will block any attempt to access an external data source. If you manage data connections for a large number of workbook authors, consider specifying Trusted data connection libraries only. This ensures that all data connections in all of the workbooks generated by authenticated workbook authors have to use a trusted data connection library to access any external data sources.
If you manage data connections for a small number of workbook authors, consider specifying Trusted data connection libraries and embedded. This enables workbook authors to embed direct connections to external data sources in their workbooks, but still have access to trusted data connection libraries if the embedded links fail.
In the Warn on Refresh area of the External Data section, you can specify whether a warning is displayed before a workbook refreshes from an external data source. By selecting Refresh warning enabled, you ensure that external data is not automatically refreshed without user interaction.
In the Stop When Refresh on Open Fails area, you can specify if Excel Calculation Services stops opening a workbook if the workbook contains a Refresh on Open data connection that fails. By selecting Stopping open enabled, you ensure that cached values are not displayed if a refresh operation fails when the workbook is opened. When Refresh on Open is successful, cached values are purged. By clearing the Stopping open enabled check box, you risk displaying cached values if Refresh on Open fails.
In the External Data Cache Lifetime area of the External Data section, you can specify the maximum amount of time cached values can be used before they expire.
To ensure that only trusted users have access to workbooks stored in trusted locations, it is important to enforce ACLs on all trusted file locations.
There are three core scenarios for deploying Excel Services with Office SharePoint Server 2007: enterprise, small department, and custom.
In an enterprise deployment, consider the following guidelines:
Do not configure support for user-defined functions.
Do not allow workbooks to use embedded data connections to directly access external data sources.
Limit the use of data connection libraries for external data source access from workbooks.
Restrict the size of workbooks that can be opened in Excel Calculation Services.
Selectively trust specific file locations and do not enable Trust Children for trusted sites and directories.
In a small department deployment, consider the following guidelines:
Enable trust for all file locations that are used by department members to store workbooks.
Enable Trust Children for all trusted sites and directories.
Selectively restrict access to specific file locations if problems arise.
In a custom deployment, consider the following guidelines:
Enable Excel Calculation Services to open large workbooks.
Configure long session time-out settings.
Configure large data caches.
Create a single trusted location for this deployment.
Do not enable Trust Children for this trusted location.
Trusted data providers
You can control access to external data by explicitly defining the data providers that are trusted and recording them in the list of trusted data providers. The list of trusted data providers designates specific external data providers to which workbooks opened in Excel Calculation Services are permitted to connect.
Before instantiating a data provider to enable a workbook to connect to an external data source, Excel Calculation Services checks the connection information to determine whether the provider appears on the list of trusted data providers. If the provider is on the list, a connection is attempted; otherwise, the connection request is ignored.
Use the Trusted data providers worksheet (http://go.microsoft.com/fwlink/?LinkId=73325&clcid=0x409) to record the names of trusted data providers.
Trusted data connection libraries
A trusted data connection library is a document library from which you have determined that it is safe to access .odc files. Data connection libraries are used to secure and manage data connections for workbooks that are accessed by a server running Excel Calculation Services. A list of trusted data connection libraries designates specific data connection libraries from which workbooks opened in Excel Calculation Services are permitted to access .odc files.
If a data connection is linked from a workbook that is accessed by a server running Excel Calculation Services, the server checks the connection information and the list of trusted data connection libraries. If the data connection library is on the list, a connection is attempted by using the .odc file from the data connection library; otherwise, the connection request is ignored.
Use the Trusted data connection libraries worksheet (http://go.microsoft.com/fwlink/?LinkId=73324&clcid=0x409) to record the names of trusted data connection libraries.
View Only permissions
You can specify users who are only permitted to view workbooks by adding them to the Office SharePoint Server 2007 Viewers group or by creating a new group configured with View Only permissions. The Viewers group is configured with View Only permissions by default. Users added to a group configured with View Only permissions can view, open, interact with, refresh, and recalculate workbooks, but they are prevented from accessing the file source in any way, other than by using Excel Services. This helps you protect your proprietary information. The source data is never displayed to the designated users.
Workbooks and workbook data objects configured with View Only permissions cannot be opened in Office Excel 2007; however, a snapshot of the workbook, displaying only values and formatting of the server-viewable ranges, can be rendered in Office Excel 2007.
You can configure site settings in Office SharePoint Server 2007 to control access to workbook data by setting View Only permissions on centrally managed workbooks that are rendered in a Web browser. You can also configure site settings in Office SharePoint Server 2007 to enable workbooks to refresh external data on the server, and to secure and manage external data connections. Use the following procedure to save specified data objects as View Only items.
Save specified data objects as View Only items
Open a workbook that contains data objects, such as charts and tables, in Office Excel 2007.
Publish the workbook to a SharePoint document library that is listed as a trusted location for Excel Services.
In the File Name box on the Save As dialog box, type the URL for the SharePoint document library where you want to save the file. Ensure the Open this workbook in my browser after I save check box is selected.
Click Excel Services Options.
On the Excel Services Options dialog box, select Items in the Workbook from the drop-down menu.
Select the items you want to render, and then click OK.
On the Save As dialog box, click Save.
External data connections
The Excel Calculation Services component of Excel Services is used to connect to external data sources. Excel Calculation Services processes external data connection information that contains everything the server needs to connect to a data source, including how to authenticate, which connection string to use, which query string to use, and where and how to gather credentials to use for the connection. These connections can be defined in two places: embedded within workbooks and in .odc files. The connection information is identical in both places. The .odc files are small files that persist connection information in plain text and in a format that is reusable.
You can use the Office Excel 2007 client to author and edit .odc files and connections embedded in workbooks. In the Office Excel 2007 client, you can run the Data Connection Wizard or configure the settings in the Connections properties page. You can also export an .odc file based on these settings. The Connections properties page shows connection information, including Excel Services authentication properties.
Use the External data connections worksheet (http://go.microsoft.com/fwlink/?LinkId=73323&clcid=0x409) to record the names of .odc files and the locations of corresponding external data sources.
Workbooks can contain links to .odc files and embedded connection information. This enables workbooks to retrieve the .odc file, read the contents, and attempt to connect to an external data source if the embedded connection information fails. The .odc files must be managed and maintained to ensure that they contain accurate data connection information.
You can also configure Excel Calculation Services to use connection information from the .odc file exclusively instead of first trying to connect by using the embedded information. This approach enables administrators to deploy a small set of managed .odc files that provide updated connection information to many workbooks.
Workbook authors can specify, on a per-connection basis, which connection information the workbook can use. To do this, open Office Excel 2007 client and click Workbook Connections on the Data tab. Add a connection to a workbook, open Workbook Connections, and then view the properties of the connection you just added. On the Definition tab, select Always use connection file. This setting enables the workbook to retrieve a connection file from a data connection library and use the connection information within the file to connect to an external data source. You can also configure this setting by selecting Always use connection file on the final page of the Data Connection Wizard.
Managing .odc files
Data connection libraries provide a repository for collections of .odc files. Administrators can manage data connections on the server by creating a data connection library and .odc files that require workbooks to always use a connection file. Workbooks that consume connections directly from a data connection library will always get updated connection information before connecting to a data source.
If data source information changes (for example, the server name), you only need to update one .odc file in the data connection library and all of the workbooks that consume the .odc file will be automatically updated the next time they refresh. You can also use View Only permissions to restrict access to .odc files.
If your deployment scenarios include workbooks that contain user-defined functions to extend the capabilities of Excel Calculation Services, you need to configure Excel Services to support user-defined functions.
To configure this support, you must enable user-defined functions on trusted file locations containing workbooks that require access to user-defined functions. In addition, you must register user-defined function assemblies on the Excel Services user-defined function assembly list. Use the following procedures to enable user-defined functions.
Enable user-defined functions
In the Excel Services section of the Shared Services home page, click User-defined functions.
On the Excel Services User-Defined Functions page, click Add User-Defined Function Assembly.
In the Assembly box, type the assembly strong name or the file path of the user-defined function assembly that you want to register.
In Assembly Location, perform the following actions:
Select the global assembly cache (GAC) if you are deploying a user-defined function assembly to the GAC on each Excel Calculation Services application server in your farm.
Select Local file if you want to save a user-defined function to a directory on an Excel Calculation Services application server (a local path), or to a network share (a UNC path).
Ensure the Enable Assembly check box is selected, and then click OK.
Enable user-defined functions for workbooks in a trusted file location
In the Excel Services section of the Shared Services home page, click Trusted file locations.
On the Excel Services Trusted File Locations page, click the URL of the trusted file location whose properties you want to edit.
In the User-Defined Functions section of the Excel Services Edit Trusted File Location page, select User-defined functions allowed, and then click OK.
Use the following worksheets to plan Excel Services security:
External data connections worksheet (http://go.microsoft.com/fwlink/?LinkId=73323&clcid=0x409)
Trusted data connection libraries worksheet (http://go.microsoft.com/fwlink/?LinkId=73324&clcid=0x409)
Trusted data providers worksheet (http://go.microsoft.com/fwlink/?LinkId=73325&clcid=0x409)
Trusted file locations worksheet (http://go.microsoft.com/fwlink/?LinkId=73327&clcid=0x409)
Download this book
This topic is included in the following downloadable book for easier reading and printing:
See the full list of available books at Downloadable content for Office SharePoint Server 2007.