I am currently using Microsoft Outlook 2013 and Access 2013. When I upgraded to 2013, there was a security update that doesn't allow the SendObject method in Visual Basic. It's not allowing me to send emails from my program in Access.
Is there a way around this security update?
There was no such security updates. Most probably you are talking about the standard security prompt in Outlook. See Outlook "Object Model Guard" Security Issues for Developers for possible options.
I'd recommend using the Outlook Security Manager component which allows to supress such prompts or avoid errors in the code.
Related
I just wanted to know if I can disable MAPI in outlook 365 in order to prevent the cyber attack using ruler/MAPI? If I disable the MAPI, will the clients email flows be affected ? or Is there any business impact if I disable the MAPI?
Also, some sort of suggestions to prevent the ruler/MAPI attack would be much appreciated.
Thanks,
Praba
No, MAPI is the native API for Outlook. It cannot be disabled.
Outlook is built on top of Extended MAPI subsystems and if you disable them you will not be able to use Outlook at all. It is like if you disable Windows API - any application will not be run on Windows.
I have code which will send email when done through a button click.
I have scheduled the same code to run periodically through Task Scheduler. The mail gets in draft stage.
Issue 1: if I use .Send, there is a security pop up with allow or deny options
Issue 2: to avoid the above pop up, I used .Display, wait for the application and sendkeys --> this is working when run through button click but when run through scheduler the email stays in draft stage.
Issue 1 : if I use .send in mail, it ask for a security pop up with allow or deny option
This is a standard security prompt in Outlook. "Security" in this context refers to the so-called "object model guard" that triggers security prompts and blocks access to certain features in an effort to prevent malicious programs from harvesting email addresses from Outlook data and using Outlook to propagate viruses and spam. These prompts cannot simply be turned off, except in Outlook 2007 with an anti-virus application running. This page discusses strategies for avoiding security prompts.
Issue 2 : to avoid the above pop up, I have used .display, wait for the application and sendkeys -->
All current versions of Microsoft Office were designed, tested, and configured to run as end-user products on a client workstation. They assume an interactive desktop and user profile. They do not provide the level of reentrancy or security that is necessary to meet the needs of server-side components that are designed to run unattended.
Microsoft does not currently recommend, and does not support, Automation of Microsoft Office applications from any unattended, non-interactive client application or component (including ASP, ASP.NET, DCOM, and NT Services), because Office may exhibit unstable behavior and/or deadlock when Office is run in this environment.
If you are building a solution that runs in a server-side context, you should try to use components that have been made safe for unattended execution. Or, you should try to find alternatives that allow at least part of the code to run client-side. If you use an Office application from a server-side solution, the application will lack many of the necessary capabilities to run successfully. Additionally, you will be taking risks with the stability of your overall solution. Read more about that in the Considerations for server-side Automation of Office article.
As a possible workaround, you may use a low-level API which doesn't trigger security prompts - Extended MAPI. Or just any wrappers around this API such as Redemption. It allows bridging both issues.
We have a Excel Web Addin, that was deployed to a group of users using the Office 365 Admin Center. But the add-in is not visible in Excel 2016 (Version 1803,Build 9126.2275, Click to Deploy) for those users.
Fiddler trace shows the following when the user tries to refresh the "Admin Managed" add-in dialog box.
Fiddler Trace
<MessageText>User must have a mailbox for name resolution operations.</MessageText>
<ResponseCode>ErrorNameResolutionNoMailbox</ResponseCode>
I also came across this post
"No add-ins currently available." when deploying add-in using Centralized Deployment
that talks about enabling Exchange. I am not sure what that really means.
So any help is appreciated in understanding the issue and resolution.
Thanks
-kudlur
Based on the error message, I'd assume you're having issues with users not being assigned mailboxes, which are required to enable Centralized Deployed add-ins.
Could you try running through the compatibility checking steps outlines here? It will help provide more detail on the exact issue.
Download the compatibility checker here: https://www.microsoft.com/en-us/download/details.aspx?id=55270
Run the compatibility checker Start an elevated PowerShell.exe window.
Run the \Import-Module O365CompatibilityChecker\ command.
Run the \Invoke-CompatibilityCheck\ command, which prompts you for TenantDomain (for example, TailspinToysIncorporated.onmicrosoft.com) and TenantAdmin credentials, and then requests consent.
You can also find more ways to debug in this help article: https://learn.microsoft.com/en-ie/office365/admin/manage/centralized-deployment-of-add-ins?redirectSourcePath=%252farticle%252fDetermine-if-Centralized-Deployment-of-add-ins-works-for-your-Office-365-organization-b4527d49-4073-4b43-8274-31b7a3166f92&view=o365-worldwide#BKMK_UserAndGroupAssignments?omkt=de-CH&ui=de-DE&rs=de-CH&ad=CH
Thanks, Alan
I have an Outlook add-in ("Apps for Office" type, i.e. HTML, not VSTO or COM) that is published in the Office store.
Some users have complained that the add-in appears grayed out (GitHub issue). I cannot reproduce the issue on my machine. The "Microsoft Office Alerts" event log on the user's machine shows only "Activated App" events.
How can I diagnose the problem (logging etc)?
Fiddler is usually a good tool for tracing the web requests. Otherwise there are general guidelines for troubleshooting loading issues here: https://dev.office.com/docs/add-ins/testing/testing-and-troubleshooting.
For issues loading your add-in, including run-time logging, see here: https://dev.office.com/docs/add-ins/testing/troubleshoot-manifest
Also check the local cache for the manifest; see: https://dev.office.com/docs/add-ins/outlook/troubleshoot-outlook-add-in-activation
Is there any other way to get rid of this outlook security message? "A program is trying to automatically send e-mail on your behalf ... and so on" and it gives me an option to select Yes , No & Help.
Im currently developing an outlook automation app using Ms Access. Everytime I issue Send command this message popups, I tried using SendKeys "%s" but it does not work in Access 2007.
Is there any alternative solution for this? Thanks!!
You may wish to consider Outlook Redemption
From the blurb:
Outlook Redemption works around limitations imposed by the Outlook Security Patch and Service Pack 2 of MS Office 98/2000 and Office 2002/2003/2007 (which include Security Patch) plus provides a number of objects and functions to work with properties and functionality not exposed through the Outlook object model.
Microsoft doesn't want scripts to be able to send email without the user's consent. According to KB 263084, you can do one of the following (which avoid the scriptable interface or configure the system to supress the message):
change some Exchange Server settings
use CDO
Use Extended MAPI
use a COM add-in
I don't think any of the programming solutions is particularly simple, and applying changes to Exchange might not be a solution for you (especially if your application is supposed to work with Outlook clients that aren't in an Exchange environment, of course).
You can avoid this by relaying the message directly to an SMTP server, rather than using Outlook to relay the message. The security warning is there to stop people like you from sending messages from my account without my knowledge. Although you have good intentions, what you are writing is essentially virus-like (imagine if you could do this without the security prompt - spam-heaven!)
If you don't want to use Redemption (others already adviced so I think you don't), you have another option that I can assure will be a lot more painful to implement.
Basically what you will need to do is to create an Add-In instead an external program. The Add-In is able to do whatever you want to Outlook, without getting those messages.
You can probably make the Add-In act like a simple server - do things you want by receiving commands from the outside world (in case you can't do whatever you need to do from within Outlook).
Maybe you can lift a WCF service (IPC or Inter Process Communication, that works like a shared memory between two processes).
Please note however that you will probably be better if you just use Redemption or just an Add-In.
Connecting Outlook with external process is a pain and it get's worse by the fact that the Outlook classes are not serializable. So basically you will need to do add Data Transport Objects for each and every class you need to access through your app.
Maybe if you resolve this one it will be a bit easier to implement but it is still a challenge.