Link to home
Start Free TrialLog in
Avatar of itgolfer
itgolfer

asked on

Disable Email Signatures via GPO

I started using a 3rd party program to streamline our email signatures. A number of our users already have a signature setup in Outlook and I don't want them to double up. Is there a way to disable Outlook signatures via GPO? This would be on a SBS 2011 box. Thanks.
SOLUTION
Avatar of Spencer Scherer
Spencer Scherer
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of itgolfer
itgolfer

ASKER

Thanks, Spencer. Looking at the link quickly, it looks like I need to download some files for the different versions of Outlook we have. We currently have versions 2010, 2013 and 2016 running so as long as I download those files, it should work for all users?
Yes it will.  You will need to download the files for each individual version listed there that you use (2010, 2013, 2016) and then setup the policy for each individual version as well.  You'll see them listed in your GP Editor.
Thanks. So, I need to create 3 separate policies but can point to the security group for all 3?
Yeah, one policy for each version of Outlook.  The same overhead GP can be used to configure all 3 and then apply it where you need.
Perfect, thanks.

One other question; on the downloads for the files, is the x64 or x86 related to the version of Office or Windows?
It would be for the version of Outlook / Office installed on the target machine.  If you click on one of the downloads and scroll down to "Install Instructions" it will give you all of the relevant information.   Let me know if you run into any issues!
So I've got everything downloaded but I'm not positive what to copy. In the Policy Definitions folder, I already have an en-US folder. The way I'm ready the directions, it says to copy the entire en-US folder from my downloaded folder and paste in the Policy Definitions folder. Is that write or am I just supposed to copy the admx and adml files? I don't want to create more issues.
All you'll need to copy over is the adml and admx files.
Thanks! Just the Outlook file or all of them (access, excel, visio, etc.). Sorry for all of the questions.
Just outlook.  The others are to add policies to limit / edit functionality within those programs.
Thanks for all your help. I copied the two outlook files for 2013 into the Policy Definitions folder and just added myself for the security group for testing. I'll probably just wait until I reboot to test to make sure the GPO settings are applied. Will this disable an Outlook signature or just prevent the user from creating one?
My pleasure! It should prevent both use if they already have one and future creation.
Spencer, after making the GPO changes yesterday,  I came in this morning but it still had my signature configured in Outlook and I was able to enable/disable it. I'm not a GPO expert by any means so I could have easily made a mistake. Below is what I've done and if you have any suggestions, I'd greatly appreciate it. Thanks.

-Created GPO and Enabled the policy Do not allow signatures for email messages
-Downloaded the Office 2013 files and copied the outlk15.admx file into the %SystemRoot%\PolicyDefinitions folder and the outlk15.adml file into %SystemRoot%\PolicyDefinitions\en-US folder
-Added my user account under Security Filtering so that I can test it without it affecting other users
If you send a test mail to yourself does the signature still appear as well?  Can you run a group policy results wizard and see if the policy is correctly applying to you and your current machine?
How do I run a results wizard?
About a quarter of the way down it details how to use it.  Once you pull up the report you'll see errors (if there are any) indicated by a red x with a possible reason the policy was not applied.  Let me know what the results look like.  Thanks!

https://www.petri.com/solving-group-policy-problems-with-the-group-policy-results-wizard
Under Applied GPOs, I see a few of our GPOs. Under Denied GPOs, I see Local Group Policy and then a number of entries inside of { }. I don't see the name of my new GPO anywhere in the report.
Avatar of Niten Kumar
Hello itgolfer

I think you got the steps wrong.  Did you add the administrative templates using the below method:

After placing the ADM file, open Active Directory Users and Computers, right-click ondomain, choose Properties, Group Policy tab, Edit button. A new window will display; spread Administrative Templates. If the subfolder Microsoft Office Outlook ... does not exist, right click on Administrative Templates, choose Add/Remove Templates, then clickAdd button and add the downloaded file.

You can place the ADM file anywhere.  On the c drive in a folder as long as you add it to administrative templates of the GPO you are creating for Disabling signature.
Am I placing the ADM file on each workstation or on the GPO server?
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I have downloaded the files but when I got to Add/Remove Templates and browse to the folder, they aren't displayed. I have both the ADMX and ADML files in that folder. Not sure what I'm doing wrong.
Are you trying to do this for Outlook 2010 users.  If yes then check inside the path ....\ADM\en-us\
Eventually, I will as we have instances of 2010, 2013 and 2016. I'm testing it on myself first and I'm running 2013.
I wasn't ever able to get it to work so I just deleted the signatures in the user's AppData folder on their PC. It was kind of a pain but it worked. Thanks for the suggestions.