You have Microsoft Office for Mac 2011 applications installed on a client computer. From that client computer, you try to access a Microsoft Office file that is stored on a Web server (such as a SharePoint server) that is configured for Basic authentication. The connection between your computer and the Web server does not use Secure Sockets Layer (SSL). When you try to open or download the file, you experience the following symptoms:
- The Microsoft Office file is not opened or downloaded.
- You do not receive a Basic authentication password request when you try to open or download the file.
- You do not receive an error message when you try to open the file. The associated Office for Mac 2011 application starts. However, the selected file does not open.
To resolve this problem, enable SSL encryption on the Web server. By default, Office for Mac 2011 applications can access and download files from a Web server that uses Basic authentication over an SSL connection.
This workaround may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.
To work around this problem, let Office for Mac 2011 applications connect to a Web server by using Basic authentication over a non-SSL connection.
Caution Enabling Basic authentication without SSL can be a significant security risk.
Because user credentials are not encrypted for network transmission and are sent over the network in plain text, we do not recommend that you use Basic authentication over an unsecured HTTP connection. For more information, see the More Information" section. If you want to use Basic authentication, we recommend that you always enable SSL encryption on the server.
The following information describes how to enable Office for Mac 2011 applications to open Microsoft Office file types directly from a server that supports only Basic authentication over a non-SSL connection. This method should be used only if you are confident that you are using an encrypted channel between the user and the Web server. A direct cable connection or a dedicated line would be considered optimal for secure connections.
On the client computer, add the basicauthlevel registry key and the appropriate valueImportant
This section, method, or task contains steps that tell you how to change the registry. However, serious problems might occur if you change the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you change it. Then, you can restore the registry if a problem occurs.
- On the Go menu, click Utilities.
- Start Terminal.
- At the Terminal prompt, paste the following command, and then press ENTER:
defaults -currentHost write MicrosoftRegistrationDB hkey_current_user\\hkey_local_machine\\software\\microsoft\\office\\14.0\\common\\internet\\basicauthlevel -int [Authentication]The placeholder [Authentication] is one of the following values:
- 0 - Basic authentication disabled
- 1 - Basic authentication enabled for SSL connections only
- 2 - Basic authentication enabled for SSL and for non-SSL connections
is a widely used, industry-standard method for collecting user name and password information. The advantage of Basic authentication is that it is part of the HTTP specification and is supported by most browsers. However, Basic authentication prompts the user for a user name and a password. This information is then sent not encrypted
over the network. The Basic authentication method is not recommended unless you are sure that the connection between the user and the Web server is secured (such as by using SSL or a direct connection). With Basic authentication, the password is sent over the network in plain text. If this password is intercepted over the network by a network sniffer, an unauthorized user can determine the user name and the password and then reuse these credentials. Because of this security risk, Basic authentication over a non-SSL connection is disabled by default for Microsoft Office applications.