PolicyPak: Manage Office 2010 using Group Policy, SCCM or your own management tool.

You can’t afford to have your users constantly altering the configuration settings of this key product your business users run every day. PolicyPak sets and enforces expectations for your users’ applications, so that they get the same experience, every time they launch it. Ensure your Office settings are dictated and ensured using PolicyPak. Get those settings out there using Group Policy, SCCM or your own management tool. Check out this video to see how it’s done.

Manage Office 2010 with Group Policy video transcript

Hi, this is Jeremy Moskowitz, Group Policy MVP and Founder of PolicyPak Software.  In this video, we’re going to learn how to configure some of the Office 2010 applications using PolicyPak.

I’ve already got Office 2010 installed on my computer, and I’m just a regular user here.  As you can see, I’m logged on as a guy called “eastsalesuser4.”  I’ll open up Outlookto start with and go to Options, and examine the configuration settings a user has access to, which can mess up your day.  We have lots of settings in this application but as a network administrator, I’m most interested in the “Trust Center Settings.” As you can see here we have some security settings that are unique to Outlook such as “Email Security,” “Attachment Handling” and “Programmatic Access.”

If I open up Microsoft Word and review my “Trust CenterSettings” we see some more tabs that important to this application as well such as “Protected View“ and “Attachment Handling.”  Finally, if I open up Microsoft Excel, we have some“Trust Center Settings” here that are common to many of the Office 2010 applications such as “Privacy Options” and “ActiveX Settings.”

Let’s see how we can ensure compliance and perform desktop management of settings quickly using PolicyPak.  I’ll go ahead and switch over to my Management Station computer.

We’ll go ahead and right click over our “East Sales Users”, “Create a GPO” and we’re going to call it “Manage Office 2010.”  So this GPO is now associated with the “East Sales Users.” I’ll right click over it.  I’ll click “Edit…” I’ll dive down under “User Configuration,” “PolicyPak/Applications/New/Application.” There it is, “PolicyPak for Microsoft Outlook” along with other applications like “Java,” “Flash” “Firefox,” “Skype” and lots of other important desktop applications that your users utilize every day (and you want to make more secure.).

Let’s start with Outlook once again.  Let’s go to “Email Security” and let’s check “Encrypt contents and attachments for outgoing messages” “Add digital signature to outgoing messages” as well as “Read all standard mail in plain text.” Notice how when I initially checked these settings that the text became underlined.  That means that the setting values are going to be delivered to the user.  Next let’s go to “Automatic Download” and let’s uncheck “Don’t download pictures automatically in HTML e-mail messages or RSS items.”

Now let’s go back to our GPO and let’s add the application, Microsoft Word 2010 which will give us the interface we need to manage that application.  Your users frequently download Word files so you want to ensure that “Protected View” is enabled on all accounts.  While we’re at it, let go to “Add-ins” and ensure that “Require Application Add-ins to be signed by a Trusted Publisher” is enabled.

Now I will go back to my client machine, we’ll get a command prompt and run “gpupdate.”  Now you could envision the user logging on for the very first time, using a Terminal Services or Citrix machine, using a VDI session, changing job roles, or getting a new computer.   I just happen to be using gupdate.

Now that that’s done, let’s go ahead and reopen Outlook.  We can see that our desired settings within “Trust Center Settings” have been delivered. We can then open up Microsoft Word and verify the delivery of our settings as well.  PolicyPak is doing its job.

Let’s configure one more application within the Office 2010 suite.  Let’s return to my management station computer and add one last application, Microsoft Excel 2010, to our GPO.  You would want “Privacy Options” configured for all of the Office 2010 applications, but for the sake of this video, we’ll just configure them within Excel. Notice that I am going to enforce the unchecked values for many of these settings.  Finally, I will go to “ActiveX Settings” and select “Disable all controls without notification.”

Now I will go back to my client machine but this time I’m going to log off as eastsalesuser4 and log on now as eastsalesuser5.  Now let’s open up Microsoft Excel and confirm that those settings have been delivered as well.  Just to demonstrate the controlling power of PolicyPak, let’s pretend that eastsalesuser5 is trying to modify and work around your settings.  I know you know users who love to do this, and make the machine less optimal and secure.

Now let’s close the application and reopen it and we see once again that PolicyPak has simply reverted the user’s settings right back to your desired settings.  Even if the user is offline, your settings are always preserved because PolicyPak is always working for you in the background, making the job of you the administrator, easier.

PolicyPak performs the magic. To get the magic delivered, you can use Group Policy, SCCM, LanDesk, KACE or your own systems management software. We just happen to be using Group Policy to deliver PolicyPak directives in this demonstration.

And we are done.  That is how incredibly easy it is for you to use PolicyPak to manage the Office 2010 suite is well as tons of other desktop applications.

If you’re looking for a trial of PolicyPak, just click on the “Webinar / Download” button on the right.

Thanks so much for watching, and get in touch with us if you’re looking to get started. Talk to you soon.

Back