About this article
This article will explain how the document creation works from Templafy perspective and how Symantec Endpoint Protection comes into play and prevents the process from being completed.
Sections in this article:
Prerequisites
|
Symptoms
When creating a document using Templafy Add-in in Word, Templafy task pane appears to get stuck on creating the document and no document is generated.
If you close down the Templafy task pane, keep the same Word instance open and re-open Templafy, the document gets created succesfully.
Additional findings based on futher investigations:
|
What is happening in the background- Technical perspective
- User starts an Office Application
- Templafy Add-in contacts the settings endpoint https://<customer>.templafy.com/api-v1/UserSetting/GetAutomaticallyOpenTaskPane
port 443
- Office Application opens with Templafy buttons available from Ribbon and Templafy web app is loaded in Office Task Pane
- The Templafy web app redirects to customer Security Token Service (STS) to authenticate user
- If authentication is successful, the STS returns token and claims to the Templafy web app
- The Templafy web app HTML / JavaScript / CSS is loaded and presented from https://<customer>.templafy.com
port 443
- Navigation in the Templafy web app makes api calls like https://<customer>.templafy.com/api-v2/AssetFolder/GetAssetFolderContent
port 443
- Opening a document calls https://<customer>.templafy.com/api-v2/Document/CreateDocument
port 443
to generate the document - The server fetches the template from Azure Blob Storage
templafyprodstor.blob.core.windows.net
- A document download link is provided to the Templafy web app using the endpoint https://<customer>.templafy.com/api-v1/Document/OpenDocument
port 443
- The document is stored temporarily under
%localappdata%\Temp\Templafy\WordVsto
until it is opened in Office Application. At this point the document is handed over to Office application (Word) to carry out the move.
The step 11 is interrupted by Symantec Endpoint Protection (Auto-Protect function – live scanning of files being manipulated, created, moved), whereby Symantec deletes the document from %localappdata%\Temp\Templafy\WordVsto
before this document can be moved to an active Word instance.
Possible solution
Please note that the solution suggestions outlined below might not prove successful for your organisation, as they are dependent on the policies and their sensitivity level applied in Symantec Endpoint Protection software and these might differ for each company.
- Excluding
Office16/WINWORD.exe
from Download Detection function in Symantec Endpoint Protection - Excluding
Office16/WINWORD.exe
from Sonar in Symantec Endpoint Protection
In addtition to the above, we recommend whitelisting/excluding Templafy Temp folder %localappdata%\Temp\Templafy\WordVsto
as well as Templafy Add-ins %localappdata%\Templafy\AddIns\Library
from Symantec Endpoint Protection
|
Comments
Article is closed for comments.