You still need to force Outlook to use these settings when you configure these settings that you want to create by creating projects on the Exchange server. To use this feature, you need to configure a new registry key value for the client computer. That's why this is a good setting when you first use Office or Outlook.
The easiest way to do this is to use the Custom Installation Wizard, including the registry key value in the transformation when you configure the Office system. If you have already configured office, you can use the Custom Maintenance Wizard to add registry key value information to the client. However, these methods are not mandatory, so the client can manually modify their local settings. If you want to force a new registry key value, you need to configure it in a system or Group Policy.
If you use policy to manage your Office installation, it is easy to add this operation. Just add the correct policy template (. adm file) so that your policy object contains the necessary key values. Next, set the policy to apply to the target user. If you use the System Policy Editor (Policy Editor) that contains the Office Resource Bundle toolbar, this means that the correct template has been loaded. If you use the Active Directory Group Policy object, you need to manually add the template. Every time a user logs on to the system, the policy file automatically examines the custom security settings that you make for the client computer.
In this case, which of the "incredible" key values you have to modify? The registration value is a DWORD named "CheckAdminSettings" and the key value below it.
Hkey_current_usersoftwarepoliciesmicrosoftsecurity. This key value defines where Outlook searches for security settings. Table 13-2 shows how this value is set.
Note: Because the. reg file is blocked through a security update, you cannot save the registry key value to a file and send it by mail, and it is blocked by default Outlook settings when the server does not have security settings. Also, the best way to ensure that users do not change these settings is to force their applications to use Group Policy objects (GPOs). This is Microsoft's recommendation (though you).
Table 13-2: CheckAdminSettings value
value |
How Outlook 2003 operates |
Key not present |
Use default settings |
0 |
Use default settings |
1 |
To view the settings in the Outlook Security Settings folder, apply the settings by default and the specified user you specify. |
2 |
View the Outlook10 Security Settings folder and do not use any settings in the Outlook Security Settings folder. Use this value when you want Outlook 2002,outlook 2003 and Outlook 2000 to use different settings. |
Other |
Use default settings |
Customizing Microsoft Outlook message Security settings for end users
You can choose not to configure the public folder and apply settings to your Outlook client (although nothing can be done to temporarily empty a useful security feature). If you don't, Outlook 2003 will continue to use the level 1 and Level 2 restrictions discussed earlier, but there are some differences: each user can personalize his or her own copy of Outlook to control Level 1 and Level 2 lists. The trick is to add a value named Level1Remove to the Hkey_current_usersoftwaremicrosoftoffice11.0outlooksecurity key. The extensions that you add to here (if more than one, separated by semicolons) are removed from the blocked Level 1 list, thus creating the value of the knowable file, PL will allow to be executed, and the Perl scripts are saved to disk instead of completely blocking them. In fact, the extension you specified was reduced from level 1 to Level 2, and they were completely blocked. End users cannot drop file types from level 2 to unprotected, and only system administrators can do so.
If you want to add a new file type to the Level 1 list, you need to create a new string named Level1Add, in the following location: Hkey_current_ Usersoftwaremicrosoftoffice10.0outlooksecurity key.
Tip:sue Mosher that a record should contain tools that link to your users ' ability to customize their local attachment settings without having to edit the registry directly. As a choice, you can set a value for Level1Remove as part of a GPO or system policy. In this way, you do not need to spend time on the user's local settings.
Note: Check to see if a user has customized Outlook security settings, using the Help | Microsoft Outlook related command line. On top of the license information, Outlook shows Safe mode (I mean Safe mode: default), and a user-defined machine will point out that the security mode is: User control.
Of course, it is much more that you will need to make users do not have to customize their own security settings. The easiest way to do this is to add a new REG_DWORD value named DisallowAttachmentCustomization to the Outlook key value. Position in: Hkcusoftwarepoliciesmicrosoftoffice11.0outlook. When this value is set, Outlook will no longer use the previously established Level1Add and Level1Remove key values.