This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 27%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
Greetings,
since the update of office in june excel files with macros cannot be opened on our network locations by default, we wanted to roll out a GPO to restore the previous state.
The problem we are facing is, the checkbox for the "Allow Trusted Locations on my network (not recommended)" inside the Trust Center is not being set by this GPO even though it is activated and rolled out. The paths for our network locations are however added and present inside the Trust Center under Trusted Locations.
We checked our GPO by using gpresult on our clinets and it shows up.
We checked the registry as well. Here the value "allownetworklocations" under "Computer\HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\office\16.0\excel\security\trusted locations" is set to "1".
Our Excel 365 clients do not care unfortunately...
We've also noticed that shortly after the GPOs are updated on our clients (checked with event viewer) the checkbox is set and grayed out. But if you reopen this after a minute it is gone again.
It seems something else is overwriting this setting. What could this be?
Do we need to roll this out in The Office 365 Admin Center under Configuration and not in our GPOs on our DMCs, perhaps?
Welcome to Q&A forum ~
For Office, do other group policy in the same OU or one of other OUs not work as "Allow Trusted Locations on my network (not recommended)"?
Please try manually forcing a gpupdate.
> Do we need to roll this out in The Office 365 Admin Center
From an Office perspective, you can try pushing cloud policy to a small test group.
For Office, do other group policy in the same OU or one of other OUs not work as "Allow Trusted Locations on my network (not recommended)"?
I cannot check every user but we have several tickets which describe the same problem in our OU. (I hope I understood your question correctly)
Please try manually forcing a gpupdate.
We tried this and did not have any positive effect unfortunately.
From an Office perspective, you can try pushing cloud policy to a small test group.
We will need to try this.
Here a screenshot for clarifications.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 43%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETT%3C/text%3E%3C/svg%3E)
We have been struggling with this exact issue too lately.
O365 GPO's are being applied in the registry but not always picked up by O365 (Excel in our case).
The only reliable way for us was adding the registry keys outside the policy hive.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\office\16.0\excel\security\trusted locations
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 95%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
I Had to create a host record in this host file before mine would work.
C:\Windows\System32\drivers\etc\
Edit the host file
Scroll to End and add the file location eg: ipaddress, Press Tab and then the device name.
This worked for me.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 68%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELT%3C/text%3E%3C/svg%3E)
Hello there,
This behavior has been confirmed by Microsoft in one of their blogs.
VBA macros are a common way for malicious actors to gain access to deploy malware and ransomware. Therefore, to help improve security in Office, we’re changing the default behavior of Office applications to block macros in files from the internet.
To prepare for this change, we recommend that you work with the business units in your organization that use macros in Office files that are opened from locations such as intranet network shares or intranet websites.
Macros from the internet will be blocked by default in Office https://learn.microsoft.com/en-us/deployoffice/security/internet-macros-blocked
--------------------------------------------------------------------------------------------------------------------------------------------------------------------
--If the reply is helpful, please Upvote and Accept it as an answer–
Hello,
yes I am aware of this change.
This is why I want to get a GPO running to deactivate this behavior for our trusted locations inside our internal network. This is however not working correctly for us since checkbox "Allow Trusted Locations on my network (not recommended)" inside the Trust Center is not being set by our GPO. My question was as to why this is the case. Ergo if we have set our GPO incorrectly or there is a Bug in Office perhaps...
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 44%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETM%3C/text%3E%3C/svg%3E)
Just wanted to see if you found a solution to this as we are seeing the same thing?
Thanks.
