Exchange: Corporate Signature configuration
After the release of Exchange 2007 we got a simple disclaimer configuration using transport rules. Our scripting experts started pulling the AD attribute and made a signature out of it. This was an awesome innovation.
It does some easy to the corporate signature where ever it was acceptable but we still were not achieve a perfect signature function and feel which you get in the manual signature like you can see the signature as soon as you click new email. In compare to the transport rule which does not show any signature to the sender and only recipient see it. Also reply or forward does not show any signature and Signature placement does not come after your reply text.
So when I presented the same solution to my customer, they asked me to work on a client side corporate signature where we had the following requirement.
- End user should not be able to edit the signature
- Signature should pull the AD attributes to create a signature.
- Every users signature should similar
- Company logo should show up in the signature and if you click it you should get company website
- Facebook and Twitter connectors should there in the signature pointing to company Facebook and Twitter profile.
So over all signature came like below: different fonts, bold, italic, blue, black, hyperlink, images.
Now we got the scope so here we go with the solution.
Solution:
Step 1. Disable user from changing the corporate signature.
I tried the GPO with admx file by enabling “Do not allow creating, replying, or forwarding signatures for e-mail messages”.
But this setting will totally disable the signature and none of the signature will show up. You need to log off and log in to change this setting.
So the other solution is creating a registry entry as mentioned below at the location: HKEY_CURRENT_USER-> Software ->Microsoft-> Office-> 1x.0-> Common-> MailSettings
x is the office version for Office 2007 use 2, for Office 2010 use 4 and for Office 2013 use 5.
- Add a new string key NewSignature with the value we will mention in the signature script. This is the name of the signature something like AD Signature
- Add a new string key ReplySignature with the value we will mention in the signature script. This is the name of the signature something like AD Signature
I have uploaded the registry here
Make sure to copy this .reg file at this location: “\\ domain \ SysVol \ domain \ Policies \ {GPO guid} \ User \ Scripts \ Logon”
Step 2. Signature Script
Now Signature script. I used VB script to create the signature as mentioned below and I have uploaded it here.
Make sure you copy the images to the image folder mentioned below and give the same name as mentioned in the script:
DomainSysVoldomainPolicies{GPO guid}UserScriptsLogonImageFolder
VB Script
======================================================================
On Error Resume Next
Set objSysInfo = CreateObject(“ADSystemInfo”)
strUser = objSysInfo.UserName
Set objUser = GetObject(“LDAP://” & strUser)
strName = objUser.FullName
strTitle = objUser.Title
strCompany = objUser.Company
strStreet = objuser.streetaddress
strCity = objuser.l
strstate = objuser.st
strzip = objuser.postalCode
Stremail = objuser.mail
strPhone = objUser.telephoneNumber
StrMobile = objuser.mobile
StrFax = objuser.facsimileTelephoneNumber
Strweb = wWWHomePage
Set objWord = CreateObject(“Word.Application”)
Set objDoc = objWord.Documents.Add()
Set objSelection = objWord.Selection
Set objEmailOptions = objWord.EmailOptions
Set objSignatureObject = objEmailOptions.EmailSignature
Set objSignatureEntries = objSignatureObject.EmailSignatureEntries
objSelection.Font.Name = “Arial”
objSelection.Font.Size = 11
objSelection.Font.Bold = True
objSelection.TypeText strName
objSelection.TypeText Chr(11)
objSelection.TypeText strTitle
objSelection.TypeText Chr(11)
objSelection.Font.Name = “Arial”
objSelection.Font.Size = 10.5
objSelection.Font.Bold = True
objSelection.Font.Italic = True
objSelection.Font.Color = vbBlue
objSelection.TypeText strCompany
objSelection.TypeText Chr(11)
objSelection.Font.Name = “Arial”
objSelection.Font.Size = 10
objSelection.Font.Bold = False
objSelection.Font.Italic = False
objSelection.Font.Color = vbBlack
objSelection.TypeText strStreet
objSelection.TypeText Chr(11)
objSelection.TypeText strCity & “, ” & strState & “, ” & strZip
objSelection.TypeText Chr(11)
objSelection.TypeText strPhone & ” Office”
objSelection.TypeText Chr(11)
objSelection.TypeText strFax & ” Fax”
objSelection.TypeText Chr(11)
objSelection.TypeText strMobile & ” Mobile”
objSelection.Font.Name = “Arial”
objSelection.Font.Size = 10
objSelection.Font.Color = vbBlue
objSelection.Font.underline = True
objSelection.TypeText Chr(11)
objSelection.TypeText stremail
objSelection.TypeText Chr(11)
objSelection.TypeText “http://MSEXchangeGuru.com”
bjSelection.Hyperlinks.Add objShape, “http://MSEXchangeGuru.com”
objSelection.TypeText Chr(11)
set objShape = objSelection.InlineShapes.AddPicture(“(“DomainSysVoldomainPolicies{GPO guid}UserScriptsLogonImageFoldercompanylogo.jpg”)
objSelection.Hyperlinks.Add objShape, “http://MSEXchangeGuru.com”
objSelection.TypeText Chr(11)
set objShape = objSelection.InlineShapes.AddPicture(“(“DomainSysVoldomainPolicies{GPO guid}UserScriptsLogonImageFolderFb.jpg”)
objSelection.Hyperlinks.Add objShape, “https://www.facebook.com/MSEXchangeGuru”
set objShape = objSelection.InlineShapes.AddPicture(“DomainSysVoldomainPolicies{GPO guid}UserScriptsLogonImageFolderTwitter.jpg”)
objSelection.Hyperlinks.Add objShape, “https://twitter.com/MSEXchangeGuru”
Set objSelection = objDoc.Range()
objSignatureEntries.Add “AD Signature”, objSelection
objSignatureObject.NewMessageSignature = “AD Signature”
objSignatureObject.ReplyMessageSignature = “AD Signature”
objDoc.Saved = True
objWord.Quit
======================================================================
Copy this VB script to this location: “\\ domain \ SysVol \ domain \ Policies \ {GPO guid} \ User \ Scripts \ Logon”
Step 3: Creating bat file to execute registry file.
Create a batch file is mentioned below.
You need to mention the following text and save it as a .bat file.
Regedit.exe /s SignatureReg.reg
Make sure to copy the registry file at the location mentioned below: “\\ domain \ SysVol \ domain \ Policies \ {GPO guid} \ User \ Scripts \ Logon”
Step 4: Create GPO to run logon script.
Now we need to deploy this solution to all the users. I would recommend to test the solution on a test users OU when it satisfy the need then deploy on corporate users. The deploy needs linking of this GPO from Group policy manager and logoff then login of the user on the client computer.
Create a new GPO
Edit the GPO and expand to the location: User configurations à Policies à Windows settings à Scripts à logon properties
Add the 2 login scripts.
One for registry and other for vb script.
Post implement testing.
- Once we implement the solution, we can log off and log in the user and open the outlook and click on new email or reply an email and you should see the corporate signature.
- Go to Outlook à Tools à Options à Mail format à Signatures and you will see options are greyed out and signature is populated as screen below
Prabhat Nigam
Microsoft Solutions Architect
Team@MSExchangeGuru
October 25th, 2014 at 2:58 pm
Hi,
thanks for that great article, if you wan’t to set signatures to OWA, you could have a look on my site, there is a quick & dirty example:
http://www.frankysweb.de/quick-dirty-einheitliche-e-mail-signaturen-fr-outlook-web-app-owa/ (german language)
regdards,
Frank
October 25th, 2014 at 3:16 pm
I am already working on owa signature powershell script but I will surely take a look to see if I am doing any different.
January 9th, 2015 at 6:37 pm
Thank you much for posting this solution!
Our scripts are running great, but there seems to be a long delay before they take effect, and in some cases we have to access the signature area in Options or close and reopen Outlook again. Most of the script is very close to yours. Do you think there is something we need to do to trigger the signature blocks?
Also, my current thought is that rerunning the script at every login is excessive, as the same issue happens over and over again. After these have been in place for a little while, I think I will take a look at using a conditional statement that will bypass reproducing them if they already exist. That may miss a few where the AD is updated, but once these are mostly in place it would be less hassle, I think. If you have an idea, I would appreciate your thoughts here.
January 9th, 2015 at 6:52 pm
Delay can be because of unhealthy AD. There are 2 things we are doing – 1 deploying Script through GPO and 2 query AD attributes.
All clients should have correct DC and DNS configured. If clients are at home then there can be some issue which might be resulting improper deployment or execution of the script
We should close and reopen the outlook. This is happening when you login.
December 31st, 2015 at 11:03 am
How would I do a corporate signature while allowing users to edit/add other signatures too?
December 31st, 2015 at 2:07 pm
You either apply corporate signature or manual. Both can’t be together.
May 11th, 2017 at 10:58 am
It would be easy to incorporate the creation of the registry settings into the .vbs file as well. This would take away the need to run the command based .reg file import command via the policy.
But this gave me a great direction to work with… Thanks..
May 11th, 2017 at 11:57 am
Here is the vbs code to just make the regkey within the .vbs file itself.
Of course more error checking can be done but this is cleaner, easier.
Set objShell = WScript.CreateObject(“WScript.Shell”)
objShell.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\MailSettings\NewSignature”, “AD Signature”, “REG_SZ”
Also when I cut/past your .vbs code the “” turn to “” and with error on resume next (turned on) it might dork up new scripters as they are testing.