ActiveX control Definition

An ActiveX control is essentially an OLE or Component Object Model (COM) object. It is a self-registering program or control; that is, it adds registry entries for itself automatically the first time it is run.

An ActiveX control can be as simple as a text box, as complex as an Office Viewer Component, and in some cases as complex as a small application. ActiveX controls are used as controls or dialogs for Internet Web sites, as add-ins to major applications from third-party vendors, and as plug-in utilities. Therefore, ActiveX is synonymous with Java, Netscape plug-ins, and scripting. However, the advantage of ActiveX over these other programming options is that ActiveX controls can also be used in applications written in different programming languages, including all of the Microsoft programming and database languages.

ActiveX controls are not stand-alone solutions. They can only be run from within host applications, such as Internet Explorer, a Microsoft Visual Basic® application, Visual C++® development system, Visual Basic, Delphi, DotNet for Applications, and so on. ActiveX controls facilitate the distribution of specialized controls over networks and the integration of those controls within Web browsers. This includes the ability of the control to identify itself to applications that use ActiveX controls.

ActiveX controls can be scripted from Web pages. This means you can use an ActiveX control to provide a control for a user interface or graphics device interface element. Once created, you can use a scripting language such as Visual Basic Scripting Edition (VBScript) or JavaScript to use the control. Your script instructs the control how to work.

EDraw Office Viewer Component is a standard ActiveX Control. It can be intergrated into the other develop circumstance supports the ActiveX Control.

regsvr32 fails to DllRegisterServer in Vista


I am using Vista Beta 2 and Web Office Component with Visual Studio 2005.

When attempting to register a COM object (e.g. Active-X component or OCX) with ‘Regsvr32’, i.e.: regsvr32 COM

it fails with a message box displaying:

DllRegisterServer in COM failed.
Return code was: 0x80070005

Where ‘COM’ is the name of the COM object file.


This behavior may occur if you try to register a DLL by using Regsrv32 while you are logged on using an account that does not have administrative credentials, such as an account that is a member of the standard users group. An account that does not have administrative credentials cannot write to the registry or change files in the System32 folder.

The behavior occurs because Windows XP and Windows Server 2003 use a more restrictive security scheme than earlier versions of Windows use. This scheme prevents standard users from registering DLLs.

There are some solutions as follow:

1. Login in as Administrator.

2. Set “Run as Administrator” property of regsvr32.exe  

3. Turned off UAC (User Account Control) in Vista OS.

System Requirement for EDraw Office Viewer Component

The client needs Microsoft Office installed. If you want to view the Microsoft Word document, you need Microsoft Word installed in your cient.

If you are doing the web application with the EDraw office Viewer Component, you can choose the any type server such as Linux, Unix or Windows.

  • Support Office 2000/XP/2003/2007
  • Support Windows 2000/XP/2003/Vista

Note: Please test our product before you buy our product firstly.

Creating the CAB files for Office Viewer Component

If your control will be used on web pages, it is very convenient to distribute it as a .cab (cabinet file)This is a compressed archive – the classic use is to put the .cab file on a web server, and refer to it from web pages that host the control. Internet Explorer is smart enough to download and install the control if it is not already installed on the client machine, and to selectively update any files that are newer in the .cab file. Microsoft provides Makecab.exe for creating and editing .cab files.

In the install directory you can find the CAB file. We have created it for you. But if you want to create a new CAB file with the Office Viewer Component, you can download the CabArc.Exe from Microsoft official site.

About the Digital Signatures / Code Signing

An ActiveX control is an application that can run inside Internet Explorer. When an ActiveX control is signed, it indicates that the control was produced by the signer and has not been altered. EDraw Office Viewer Component is signed by EDrawSoft, and you will not be prompted to install an unsigned control or a control signed by anyone else while using EDraw Component.

By default, Internet Explorer allows signed ActiveX controls to run and you should be prompted to install the EDraw signed ActiveX control. If you have changed your Internet Explorer Security Settings, take the follow steps to ensure that you are able to install the EDraw Office Viewer ActiveX Control:

  1. Select Tools, then Internet Options from the menu at the top of the Internet Explorer window. The Internet Options section will appear.
  2. Select Security from the list of tabs at the top of the Internet Options window. The Security section will appear.
  3. Select the Custom Level button. The Security Settings window will appear.
  4. Scroll down to the Download signed ActiveX controls entry and select the prompt radio button.
  5. Scroll down to the Run ActiveX controls and plugins entry and select the enabled radio button.
  6. Select the OK button to accept the changes.
  7. You will now be prompted to accept signed ActiveX controls from websites that you visit.

Determining if an ActiveX control is safe

Since the digital signature of an ActiveX control stays with the file it was attached to, there is a permanent evidence of the designed intent of the control by the developers. However, this evidence does not account for all possible conditions the control may be used in but were never tested for.

ActiveX controls marked as safe are supposed to be safe in all possible conditions. So a control marked as safe for scripting (SFS) or safe for initialization (SFI) must be written to protect itself from any unpredictable results a script author might unintentionally create when scripting the control. While it is relatively easy for a programmer to create a control with adequate guards to avoid misuse, it is impossible to guarantee that the control is always safe when used with scripting created by another author or programmer.

If a control is marked safe for initializing or safe for scripting, the developers are claiming that no matter what values are used to initialize the control, it will not do anything to damage a user’s system or compromise the user’s security when the control is initialized in any way.

The developer of an ActiveX control should take extra care to ensure that a control is in fact safe before it is marked as safe. For example, each ActiveX control, at a minimum, should be evaluated for the following issues:

  • It does not over-index arrays or otherwise manipulate memory incorrectly, thereby causing a memory leak or corrupt memory region.
  • It validates and corrects all input, including initialization, method parameters, and property setting functions (implements acceptable I/O validation and defense methods)
  • It does not misuse any data about, or provided by, the user
  • It was tested in a variety of circumstances

Installing The EDraw Office Viewer ActiveX control

If a user attempts to install and run an unregistered ActiveX control from the Internet, Internet Explorer checks to see if the control was digitally signed. If the ActiveX (OCX) file has a certificate of trust that is already trusted on the user’s computer, it is accepted, installed, and registered. Depending on the security level set for use by Internet Explorer, if the certificate of trust is unknown to the system, the user is presented with the option to install the control. If the user accepts the option to install the control, the certificate of trust associated with the control is noted in the registry.

If the ActiveX (OCX) file is installed as part of an application from a CD or other locally opened resource, there is no examination of the certificate (if there is one) associated with the OCX file. It is assumed the file is associated with an application which has been deemed safe to install by the user, and it is installed and registered without challenge.

Once the control is installed on a user’s system, the control no longer invokes code-signing dialog boxes when started. After a control is installed, it is considered safe even if it was not digitally signed originally.

EDraw Office Viewer Component has been signed with EDrawSoft digital signature. It’s safe to download with the default internet safety level.

Enable ActiveX controls marked safe for scripting

If you can’t open the word document or excel workbook in your internet explore, you need check your IE setting. The simple method is to restore the IE security as Default setting.

Click on the “Tools” menu and select “Internet Options”. Click on the “Security” tab.

Click on the globe marked “Internet”. This will display a slider which, by default, is set to “Medium”. Click on the “custom” button and scroll down until you find the setting “Script ActiveX controls marked safe for scripting”. Enable this setting. Click OK as needed to save the setting.

Note: You computer needs MS office installed.

Signing EDraw Office Viewer ActiveX control

Downloading and running a piece of code from the Internet is a fundamentally dangerous act.

Microsoft attempted to ameliorate the problem through a standard called authenticode. This is a technology for signing files with a non-forgeable digital signature. Signing a file this way ensures that any alteration to the file is detectable, and the signer of the file can be positively identified.

To digitally sign a control, you will need to obtain a certificate from a certificate authority, which can be located by using the term “certificate authority” in a Web-based search engine. Follow the directions for signing controls from the certificate authority you decide to use.

If you do not sign and timestamp your executables and .cab files, Internet Explorer may display a warning message (which gets more threatening with each major rev of IE) to let the user know they are taking a risk if they continue with the installation. This is normally suppressed when the source is in the ‘Trusted Sites’ zone.

We provide the cab file and ocx file with the digital signature in the full verion. We allow the licensed users to sign the EDraw Office Viewer Component with your own digital signature too.