none
Outlook Guard Ignoring Trusted Locations Reg Key RRS feed

  • Question

  • Hi,

    I seem to be having major problems with the trusted locations reg key for our MS Access applications.

    To stop the annoying nag screen when opening the application and also the Outlook Guard from moaning when the application sends emails though Outlook, I set up a Trusted Locations reg key as follows...

    [HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Access\Security\Trusted Locations\Location1]
    "Date"="01.01.2010 00:00:00"
    "Description"="Our Database Name"
    "Path"="C:\\Path_To_DB\\"
    "AllowSubfolders"=dword:00000001

    This has worked fine for several years, however, lately nearly every users is now complaining that the Outlook Guard keeps coming up?

    I've had them re-install the reg-keys but it seems to make no difference, why has this started happening and how do I resolve it?

    Thanks,

    Craig.


    To err is human, to really balls things up you need Microsoft!

    Monday, January 6, 2014 3:33 PM

Answers

All replies

  • Hello,

    Does the warning message come from Access or Outlook? Could you please take a screenshot of the message you get?

    If the message comes from Outlook, the mentioned above registry key will not help (it is for Access).

    Monday, January 6, 2014 3:53 PM
  • Hi Eugene,

    The message is from Outlook (Outlook Object Model Guard).

    It's the send message warning shown here

    http://msdn.microsoft.com/en-us/library/office/ff866986(v=office.14).aspx

    I was under the impression these reg keys authorised the application path as a trusted location so the guard doesn't get invoked.

    The blurb on the MSDN page regarding the OOMG states

    [quote]The Object Model Guard warns users and prompts users for confirmation when untrusted applications attempt to use the object model  to obtain e-mail address information, store data outside of Outlook, execute certain actions, and send e-mail messages.[/quote]

    I thought the Trusted Locations reg_key makes the application trusted, the model is meant to protect you against untrusted applications?

    Have I got this wrong?

    As an aside, I checked the trust center settings and they are set to...

    "warn me about suspicious activity when my antivirus software is inactive or out-of-date"

    We have had a lot of problem with our McAfee A/V not updating correctly, so perhaps this is the trigger point?

    Though still confused, as I though this was only for 'untrusted' applications, not trusted ones?

    Do I need a different reg_key to make the application trusted?

    Thanks,

    1DMF


    To err is human, to really balls things up you need Microsoft!

    Monday, January 6, 2014 4:19 PM
  • Outlook does not know or care about that registry key.

    It does however check if the computer has an up-to-date anti-virus application installed.


    Dmitry Streblechenko (MVP)
    http://www.dimastr.com/redemption
    Redemption - what the Outlook
    Object Model should have been
    Version 5.5 is now available!

    Monday, January 6, 2014 4:29 PM
  • OK, thanks Dmitry.

    However, can someone please explain to me the difference between a trusted application and an untrusted one and how one goes about making an Access application trusted if it isn't with a Trusted Location reg_key?

    It would appear I've been barking up the wrong tree!

    Many thanks,

    1DMF


    To err is human, to really balls things up you need Microsoft!

    Monday, January 6, 2014 4:45 PM
  • Outlook is not aware of any trusted or untrusted applications. It does not know where a call to its object model comes from.

    See http://www.outlookcode.com/article.aspx?id=52 for more details.


    Dmitry Streblechenko (MVP)
    http://www.dimastr.com/redemption
    Redemption - what the Outlook
    Object Model should have been
    Version 5.5 is now available!

    Monday, January 6, 2014 4:49 PM
  • OK, I shall just assume that the MSDN page regarding the OOMG is wrong as it constantly keeps making statements like...

    "This warning is invoked when an untrusted solution attempts to send an item programmatically. "

    Implying Outlook does see a difference between a trusted application and an untrusted one.

    However, you state the exact opposite.

    No wonder I'm getting rather confused and going round in circles.

    Thanks for pointing me in the right direction and highlighting the error on MSDN, it is very much appreciated.

    1DMF.


    To err is human, to really balls things up you need Microsoft!

    Monday, January 6, 2014 4:57 PM
  • The only trusted applications for Outlook are COM addins - they get the Outlook.Application object that is not blocked by security.

    All external applications are not trusted. You can override that behavior in the Exchange environment (see "Deploy Outlook security settings" at http://www.outlookcode.com/article.aspx?id=52 )


    Dmitry Streblechenko (MVP)
    http://www.dimastr.com/redemption
    Redemption - what the Outlook
    Object Model should have been
    Version 5.5 is now available!

    Monday, January 6, 2014 5:14 PM
  • Hi,

    Please take a look at the I get warnings about a program accessing e-mail address information or sending e-mail on my behalf article which describes Outlook security warnings. This is a standard way how Outlook behaves. If you have an antivirus software installed and updated you may not get such warnings as described in the How do I remove the warning message: A program is trying to access data from Outlook, allow this? article. However, the most widely spread solution is to use a commercial component - Security Manager. It allows you to suppress security warnings.

    Monday, January 6, 2014 6:44 PM