Outlook Programmatic Access in Office 365 Pro Plus & RDS 2019

Question

I see this thread is discussed many times and I have read through most every one of the current documented cases but I still cannot find an answer to my issue. Hopefully I'm just missing something small to get this issue resolved. I have a customer with a 2012 DC and a 2019 RDS that runs Office 365 Pro Plus. Multiple email accounts that are being used off of the RDS box but only one per user profile. Most users don't use these email accounts for their personal/business use. These email accounts are a mixture of 365, POP and IMAP accounts. My customer has written VBA scripts that send Excel data using Outlook behind the scenes for each profile. The users are being prompted with the Programmatic Access security warning when the email kicks off to send the data. I can run Outlook in admin mode, change the Programmatic Access option not to prompt and this works for a while until something unknown (maybe windows updates) happens then the settings go back to prompting. The last time the script had sent 6 emails over a period of 6 days then it changed back. There is current Avast antivirus software running on the RDS box but according to previous documentation I see that Windows security center doesn't recognize antivirus software on Windows server operating

systems. I need to find a way to eliminate the prompting during the send for ALL/ANY user(s). We understand the risks by turning off Programmatic Access but need it turned off for now. I've added registry settings also under the admin account but these don't replicate when a general user logs into the server. I've attached several screen shots of how the environment looks in admin mode and in general user mode along with Outlook version information.

Above is what Outlook settings look like logged into the RDS as Admin to the domain. All are greyed out and not changeable and nothing selected.

Above is what the Programmatic Access registry settings looks like logged into the RDS as Admin on the domain.

Above is what Outlook settings look like logged into the RDS as a standard user to the domain. All are greyed out but "Warn Me" is selected.

Above is what the Programmatic Access registry settings looks like logged into the RDS as a standard user on the domain. One thing that is odd here is that the version here states 14.0 and the version when logged into the RDS as administrator shows 16.0. There is only one version and have only been one version ever installed here on the server. Not sure why Microsoft would indicate two different versions.

Above is current Outlook version information.

Answer 1

For those who still strugle with this. If GPOs aren't working for you and no matter what mentioned above registry keys you change and still no go.
Look in your registry here:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Office\16.0\Outlook\Security]
For us it turned out to be a correct place to create/change key 'ObjectModelGuard' and that solved it.

Answer 2

HI kennethpatterson-4715,

Thanks for your waiting.

I discover that there is a document to solve your this issue, please check if Resolution Method 1 and Resolution Method 2 can help you.

A program is trying to send an e-mail message on your behalf warning in Outlook

https://learn.microsoft.com/en-us/outlook/troubleshoot/security/a-program-is-trying-to-send-an-email-message-on-your-behalf

============================================

If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 3

So, more details after doing a little more investigation.

1. Logged in as administrator to the domain, opened regedit and removed the following three keys, rebooted, logged back in as administrator to the domain, opened Outlook as administrator and I was able to change the Programmatic access option to "Never Warn me":

[HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\office\16.0\outlook\Security]
"promptoomaddressinformationaccess"=dword:00000002
"promptoomaddressbookaccess"=dword:00000002
"AdminSecurityMode"=dword:00000003

2. logged out as administrator on the system and logged in as standard user, opened Outlook (without running as administrator), checked the Programmatic access setting and it was set to "Never Warn Me" but greyed out.

I've left the settings like this for now and will notify the actual users in the morning to try their normal routines and see how long the settings stay as they are now.

Answer 4

try this seetings, it works for me:

Note: in my case, I am u sing O365 PP 32 bit on Win 10 64 bit. May be the registry key path will be different if you use O365 PP 64 bit on OS 64 bit:

Computer Configuration (Enabled)
Preferences/Windows Settings/Registry

Hive          HKEY_LOCAL_MACHINE 
Key path      SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Outlook\Security 
Value name    ObjectModelGuard 
Value type    REG_DWORD 
Value data    0x2 (2) 

User Configuration (Enabled)
Administrative Templates/Microsoft Outlook 2016/Security/Security Form Settings
Policy: Outlook Security Mode >> Enabled  
                       Outlook Security Policy: Outlook Default Security 

Answer 5

Thanks JiaYou-MSFT for your help but I think you missed out on reading what procedures I have already tried.