Microsoft Outlook Information Rights Management

Source: Internet
Author: User
Tags code tag command line pack resource microsoft outlook

Here is a popular saying: "Information needs freedom."

Although in many cases it is correct, the owner of the information does not want to apply it to his or her private or confidential information. Organizations such as the U.S. government or Apple computers deal with such matters by imposing strict fines on employees who leak confidential information. Most of us are not rich, so instead of using this approach to control, we want to be able to get more technical tools to control information for information owners and manage how their documents and messages are used.

The Microsoft Office System can be run on a Windows Rights Management Service (RMS) server (through an installation of the Rights Management Services (RMS) service installed by Microsoft Windows Server 2003) to provide a range of Information Rights Management (IRM) features.

The next goal of IRM is simple: Users who create documents or messages can set whether these documents can be modified, sent or copied, and whether and when the file expires. Microsoft Rights Management (RM) execution uses the xml-based Extensible Privilege Markup Language (XrML) to specify which permissions are available to the creator of the document, and in addition, it uses different cryptographic algorithms to specify that these permission definition descriptions be embedded in the document. Documents protected by RMS can only accept rules from the RMS installation. Microsoft also has an enhanced design for IE browsers that allow you to view protected documents that cannot be run on the Office system's machines.

A comprehensive discussion of how IRM takes effect is beyond the scope of this book because it covers setting up an RMS server and setting IRM usage policies for your organization. In this chapter, I'll just discuss some of the features that will allow Outlook to use the RMS server.

Customizing Microsoft Outlook Security Update

When Outlook starts running and is logged into the Exchange Server log, it looks for a registry key value (as shown in the following 13-2 table), which indicates which version of the private public folder it is looking for. This folder can be named both in Outlook Security settings (which applies to Outlook98 and Outlook2000) and in Outlook 10 Security settings, which apply to Outlook 2002 and Outlook 2003. Based on the ability to find Outlook in a folder, it can use security settings by default. The directory of these public folders defines which settings are used by Outlook, and how you can send messages to a public folder in a special form.

If you want your users to be able to personalize the security settings, then the registration key value must be set on each individual client, and you will typically configure some of the settings in the configuration. When the key values are current, Outlook applies the personalized security settings on those servers to the user. If no key values exist, they use the original settings. If the key value is not current, the built-in (built-in) security settings are applied to the computer. Microsoft chooses to say these settings are saved in a public folder because it provides a level of security. Once you have set permissions on the folder correctly, no one will be able to secretly make new settings or change the current settings.

Install Microsoft Outlook Security Pack

The Administrative Tools for Outlook security updates include several files, including files, and are usually packaged into a separate executable Admpack.exe file. The installation package can be obtained from the Office Resource Kit CD or the Office product CD. You can also download it from the Office Resource Kit Toolbox site. You need to make sure that you get the latest version of the current version.

The two management files you will use are described below:

OutlookSecurity.oft, which is published in the Outlook table, is used in public folders to send messages, and this template does not provide any security settings.

Hashctl.dll, this file is used for trusted encoding control, using tooling to specify which COM Add-ins you trust runs in Outlook (remember that this action applies only to Outlook 2002 and later)

To install the Outlook Security Pack, you need to run the Admpack.exe executable file. When you run Admpack, it installs the necessary files in the location you set up. However, you still need these files to perform the necessary security settings.

Install trusted encoding control for Microsoft Outlook

Outlook allows you to write the process space that the external program loads into Outlook, which use COM to communicate with Outlook. Because these external programs operate in a in-process way, it is not a good way to run external programs from a trusted source. When you install the security pack, you can create a list of trusted external programs so that clients can run without Outlook security prompts. You only need to operate on your management computer, and end users do not (and, in fact, do not need to run). Because the Hashctl.dll file has been installed on your computer, all you need to do is register it, although Microsoft recommends moving the Hashctl.dll file to the System32 file. Register the Dynamic Connection library (DLL) and use regsvr32 hashctl.dll this command.

Create a public folder for Microsoft Outlook Security settings

Before you create any settings for a commonly used or infrequently used application, you will need to create a top-level public folder to act as a "host" for these settings. The name of the folder is critical, because Outlook is viewed as hardware in the folder. You have three options: If you create an Outlook 10 Security setting, Outlook 2003 (and Outlook 2002) can use settings, but Outlook 2000 cannot see them. If you name the folder "Outlook Security Settings," Outlook 2002, and Outlook 2003 can use the same settings. If you create these two files, each version uses the folder that corresponds to it (assuming that you have set the client registry key value correctly). Once you create a folder, you give all users Read permission. Users are allowed to modify security settings such as creating, editing, and deleting items in a folder that need to be created. Once you create a folder, you need to prepare to publish the template and create an instance of the form. These can be accomplished by following these steps:

1. Start Outlook.

2. Open the OutlookSecurity.oft file. Outlook will prompt you to choose a location to store the new items you will create from the template. The new project is never saved, so it will choose the folder as you wish.

3. When the template is open, use the Tools | form | To publish the form command line. Name the form. If you want to replace the specified version of Outlook 2000, you need to give the form the same name as the original. Verify that you specified the security Settings public folder for the original target location for the published form. Click the Publish Form.

4. Close the default security Settings Template window. When Outlook asks you if you want to save the changes, confirm your choice.

5. Switch to the Common tab of the Public Folder dialog box, and then use when to send to the folder, using the Drop-down list to specify a defined publish form.

6. After Outlook has installed the template, open the public folder, and then create a new project-named the default security setting. You will be able to personalize the default security settings by editing this project, and create new settings for different groups by creating a copy of this default project or by creating new projects, either to leave the settings blank, or to personalize the settings.

Populate Microsoft Outlook form template Labels

The Outlook Security form template has three tabs, each of which has its own control over how the security features of Outlook work, as described below:

The Outlook Security Settings tab controls common settings that apply to Outlook clients.

The Title Settings tab controls how external applications attempt to use Outlook methods and properties, including sending messages, and retrieving address information.

The trusted code tag lets you develop which Outlook COM external program you want users to be allowed to run without security prompts; Keep in mind that these settings cannot be applied to other Office applications.

Note: When you are using an Outlook that is set to use Cached Exchange Mode, you cannot create or update the security settings template. When you try to save your updated form, Outlook will prompt you to switch to online mode.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.