Skip to main content
Jamf Nation, hosted by Jamf, is the largest Apple IT management community in the world. Dialog with your fellow IT professionals, gain insight about Apple device deployments, share best practices and bounce ideas off each other. Join the conversation.

Outlook 2016 autoconfigure

Now that the schedules tab is removed from Outlook's preferences... has anyone figure out a way to apply a self configuration script like this one?

https://github.com/talkingmoose/Outlook-Exchange-Setup

Our users really enjoyed everything being automagically configured.

Like Comment
Order by:
SOLVED Posted: by jrserapio

+1 to this.

Like
SOLVED Posted: by gachowski

He did a preso, that is on youtube, were he said he was working on it.. However with Apple sandboxing you never know.

C

Like
SOLVED Posted: by kstrick

Yeah, i think @talkingmoose got the script to more or less work, but I think triggering is the whole problem... i was thinking of maybe creating a launchagent/launchdaemon to run that script that would run once when Outlook starts up, but not sure how smoothly it would work... maybe trigger on creation of a /Users/USERNAME/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles folder?

Like
SOLVED Posted: by talkingmoose

Yes, launchd using watched files/folders seems to be working well in my testing so far. The issue I've had to overcome is the welcome window. Easy to do with configuration profiles and a little GUI scripting. Still working on this but that's the method I'm looking at using right now.

Like
SOLVED Posted: by hkabik

Good to know. I was thinking I could work my way around any changes to the script itself but for the life of me I couldn't figure out a reliable trigger method. Great to know you're on top of it! Thanks for your hard work!

Like
SOLVED Posted: by plawrence

@talkingmoose

Any news on a new version of the Outlook Exchange Setup script for Office 2016?

Like
SOLVED Posted: by talkingmoose

This is still a work in progress, but I've uploaded what I have so far to GitHub.

https://github.com/talkingmoose/Oulook-Exchange-Setup-5.0

The AppleScript itself should be ready for those who use it standalone as a double-clickable script or add it to Self Service. You'll find it in "ROOT/Library/Talking Moose Industries/Scripts/Outlook Exchange Setup 5.0.scpt".

What's not done yet is the launchd agent to trigger the script at first launch of Outlook. I'm still trying to find the right combination of items for the agent to watch.

Also, the guide is only updated through about page 24.

The overarching method I'm using is:

  1. Use a configuration profile to suppress the Outlook first run window. This works so far.
  2. Use a launchd agent to watch specific folders to know Outlook has been launched. Then run the script.
  3. From there, the script runs the same as older versions with a handful of changes.

As I make more progress I'll post more. For the time being, anyone who'd like to test the AppleScript part of the solution is more than welcome.

Like
SOLVED Posted: by rtrouton

@talkingmoose, thank you!

Like
SOLVED Posted: by kstrick

@talkingmoose

I've been playing around with a version of the old script that i've modded,
and so far i've had decent luck with a launchagent that watches the following path--
it seems to trigger pretty quickly when you launch Outlook.

~/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/com.microsoft.Outlook/Cache.db-shm
Like
SOLVED Posted: by Aziz

@talkingmoose Is there a way to change the Outlook "Account Description"? Making everyone's Outlook say "Microsoft Exchange" would be nice.

Changing "use Kerberos" to false sets the Outlook Account Description to "Untitled Exchange account".

Like
SOLVED Posted: by mm2270

@kstrick As far as I can tell in my testing, this path:

~/Library/Containers/com.microsoft.Outlook/

doesn't exist on a Mac that has not already had and run Outlook on it previously, so in the case of setting up newly setup/imaged Macs with Office 2016 installed on them, I don't think it'll be possible to use that full path as a WatchPath for the LaunchAgent. The directory doesn't get created as part of the Office installation, only when Outlook first gets launched, and that point its too late.
Launchd's WatchPath function can only watch items (files/folders) that exist. If its not there, the LaunchAgent won't use it as a trigger, and actually removes the path from its internal list of items to watch. @gregneagle has a writeup on this from his blog from years back. (blast from the past) I will have to double check on this, but I believe this rule of launchd jobs is still valid today.

There is the QueueDirectories item for launchd, but the thing about them is that it only works if the directory is not empty, so you can't, for example, use a path like /Library/Containers/ since its already populated with other directories.

I did a little experimenting on this though, and it seems its possible to pre-create the ~/Library/Containers/com.microsoft.Outlook/ directory along with an Office 2016 installation, say as a script run "After", leave the directory empty and then load a user level LaunchAgent watching that directory with QueueDirectories. As long as the permissions are set correctly on the folder, Outlook drops files into that dir upon first launch, and it fires the script pretty quickly. My test script simply put up a basic dialog so I knew it was working. However, as long as the directory remains non empty, the LaunchAgent will continue to run on whatever interval its set to (10 seconds by default unless otherwise specified) so the script would need to run the setup of the account, then either remove itself, or disable the LaunchAgent so it won't run again. Its possible to do, but would take some work and experimenting to get it right.

Edit: I just ran another quick test, and this is even easier than I first thought. While you can't use WatchPaths, you can use QueueDirectories and not even bother to pre-create that folder. Load the LaunchAgent that uses the path of ~/Library/Containers/com.microsoft.Outlook/ as the directory for QueueDirectories. As soon as Outlook launches it creates that directory and the script specified in the LaunchAgent fires. So no need to create the directory ahead of time.

Like
SOLVED Posted: by talkingmoose

@kstrick, I ran into the same issue you saw with WatchPaths and was considering watching ~/Library/Containers. WatchPaths should only be watching the top level folder and this area shouldn't really change that frequently. And then as part of the script, I was considering adding a check for existing files at the beginning of the script. The presence or absence of those files would determine whether the rest of the script actually executed.

However, based on your results with QueueDirectories, I'll definitely take a looksee there! If that's all it takes, well, the rest is just commentary to complete. :-)

Thanks for the sleuthing and testing!

Like
SOLVED Posted: by talkingmoose

@Abdiaziz, search within the script and locate this section:

set newExchangeAccount to make new exchange account with properties ¬
            {name:"Mailbox - " & userFullName...

The "name" here is the name of the account. You can change this part of the script to what suits your needs. I originally choose this because it mirrored Outlook for Windows.

Like
SOLVED Posted: by talkingmoose

@mm2270, my comment to @kstrick should've been directed toward you. Sorry for the confusion.

Like
SOLVED Posted: by Aziz

@talkingmoose, I did see that part before posting and modified it, the results were the same "Untitled Exchange account". It's being overwritten by something and I need to find out what.

Like
SOLVED Posted: by plawrence

Thanks everyone for your efforts with this, especially @talkingmoose .

The script works great when I run it manually once the Outlook first run windows are disabled. I modified the LaunchAgent .plist to use the QueueDirectories key instead of WatchPaths, but when I went to load the LaunchAgent I see the following errors:

UserEventAgent Ignoring path: ~/Library/Containers/com.microsoft.Outlook/
com.apple.xpc.launchd[1] (net.talkingmoose.OutlookExchangeSetup5.0[8528]): Service exited with abnormal code: 1

I'll keep testing and let you know if I get it working.

Also, how do you figure out the AppleScript options for Outlook 2016? After an Exchange account is created Outlook appears to set the Preferences -> General -> Hide On My Computer folders to On. This setting prevents the creation of Contact Groups so I'd like to turn it off, do you think that would be possible with AppleScript?

PS. The Github repository is missing the 't' in Outlook (https://github.com/talkingmoose/Oulook-Exchange-Setup-5.0) ;)

EDIT: The AppleScript to turn off Hide On My Computer folders ended up being pretty obvious: "set hide on my computer folders to false"

Like
SOLVED Posted: by fritz.schlapbach

Many thanks to @talkingmoose for the script! Very helpful. :)

Did anyone figure out how to change the first day of a week to Monday in Outlook? That's the last setting I'm not able to set.

Like
SOLVED Posted: by mm2270

@plawrence Can you post how your LaunchAgent looks here? I was not seeing an error in my testing using QueueDirectories and the path to the com.microsoft.Outlook container directory. Its possible you just need to adjust the LaunchAgent to get it to work.

Like
SOLVED Posted: by kstrick

@mm2270 @talkingmoose Good point on the QueueDirectories in lieu of WatchPaths,
that should work much better.

Like
SOLVED Posted: by plawrence

@mm2270 I started with the .plist template from @talkingmoose Github repo and just modified the WatchPaths to QueueDirectories. I then tried cutting out some of the parts (the RunAtLoad and the Environment Variables) to figure out where the error was and ended up with:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>Disabled</key>
        <false/>
        <key>Label</key>
        <string>net.talkingmoose.OutlookExchangeSetup5.0</string>
        <key>ProgramArguments</key>
        <array>
                <string>/usr/bin/osascript</string>
                <string>"/Library/Outlook Setup Script/Outlook Exchange Setup 5.0.scpt"</string>
        </array>
        <key>QueueDirectories</key>
        <array>
                <string>~/Library/Containers/com.microsoft.Outlook/</string>
        </array>
</dict>
</plist>

I am testing this on 10.11 too if that helps. Let me know if you spot anything wrong!

Like
SOLVED Posted: by mm2270

@plawrence I can't say I see anything particularly wrong with the plist you posted above. The QueueDirectories section looks identical to the one I used in testing. There are other differences in mine, but that's because I created it myself in LaunchControl, not downloaded the one from the github page.

You said you edited yours and I'm wondering what method you used to edit it, and if you made sure to correct permissions on the plist file afterwards. Launchd jobs are very particular about ownership and perms on these configuration plists it uses.

Another question is, did you try using the LaunchAgent prior to making the edit, and if so, was it working or loading correctly at that point? I'm wondering if it just wasn't working from the start for you or if its somehow the edit of the plist that's causing it not to load now.

FWIW, I created a completely new LaunchAgent that uses QueueDirectories to watch for a non existent folder I just made up, loaded the agent, then created the directory and touched a file to it and it ran the associated script immediately, so the process of using QueueDirectories to look for a folder being created and populated seems to work very nicely. Just need to make sure the launchd job gets disabled afterwards or the script is removed so it doesn't keep running over and over. That's the only pickle left with this to work through.

Like
SOLVED Posted: by mm2270

@talkingmoose
I've been looking over your Outlook setup script. Great work on this as usual!

While examining it, I wondered if there was some way to make Outlook simply use the Autodiscover process to set up an Exchange account. Right now our Macs are all joined to AD, and all accounts are AD cached mobile. Users typically launch Outlook, go into Accounts, click on the Exchange button and enter their basic credentials, like Domain\username, email address and password, leave the Configure automatically button checked and it figures out the rest to set up their Exchange account.
Is there some way with Applescript to simulate this process in Outlook, so for example. all they would need to do is enter their password (since we can get the rest of the information from their cached AD mobile account)?

Like
SOLVED Posted: by Look

@plawrence Not sure why but when I made my LaunchAgent it didn't seem to work when I had direct commands but as soon as I referenced a script directly it worked (I used a shell script for me configuration).
Also I didn't have the

        <key>Disabled</key>
        <false/>

In my one.

Like
SOLVED Posted: by plawrence

@mm2270 I must be doing something wrong as I still cant get the LaunchAgent to work!

I've tried the following on both 10.11 and 10.10.5:
- Created a new LaunchAgent .plist using Lingon 3 to make sure there were no syntax errors, it had the following contents:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>label</string>
    <key>ProgramArguments</key>
    <array>
        <string>/usr/bin/osascript</string>
        <string>/Library/Outlook Setup Script/Outlook Exchange Setup 5.0.scpt</string>
    </array>
    <key>QueueDirectories</key>
    <array>
        <string>~/Library/Containers/com.microsoft.Outlook</string>
    </array>
</dict>
</plist>

- Tried both with and without a trailing slash at the end of the QueueDirectories path
- Used the full path to the QueueDirectories path, e.g. /Users/username/Library/Containers/com.microsoft.Outlook/. This made the "UserEventAgent Ignoring path: ~/Library/Containers/com.microsoft.Outlook/" errors disappear
- Changed the ProgramArguments string to a shell script as per @Look's suggestion. The AppleScript still never ran. I added some code after the osascript line to write to a file and could confirm that part was working.

I checked the permissions on the LaunchAgent and made sure it was able to load correctly.

I even changed the .plist to just monitor a folder on the desktop (that didn't exist prior) and then run a script afterwards, all that worked. It just seems to not work when I have both the com.microsoft.Outlook folder and the AppleScript file configured :(

Does someone mind posting the contents of their LaunchAgent that I can test with?

EDIT: changed the QueueDirectories path to com.microsoft.Outlook as per mm2270's suggestion below

Like
SOLVED Posted: by RogerH

@mm2270 @plawrence I am also having issue getting this to work.

Like
SOLVED Posted: by mm2270

Hmm. I wonder if its because of the ProgramArguments array pointing to a .scpt file? In the tests I've been doing, I always pointed to a shell script. Let me try pointing to a simple .scpt file with a command similar to above and see what my results are.

Like
SOLVED Posted: by mm2270

@plawrence I just noticed this in your QueueDirectories path

~/Library/Containers/com.apple.Outlook

That's not the path. Its supposed to be

~/Library/Containers/com.microsoft.Outlook

Can you check to make sure you're using the right path to watch?

Like
SOLVED Posted: by Look

Mine which is also working is pointing directly to shell script not an Applescript and it has no arguments included.

Like
SOLVED Posted: by mm2270

I don't think it has anything to do with being pointed to a .scpt file. I changed the existing LaunchAgent I had working with a shell script to point to an Applescript file using syntax like /usr/bin/osascript /path/to/script.scpt
Loaded the LaunchAgent with no errors. Made a change to the directory in the QueueDirectories path and the Applescript ran (it just displayed a dialog on screen) But it worked, so I don't think its related to using an Applescript file.
Something else must be causing it not to work for others here.

Like
SOLVED Posted: by plawrence

@mm2270 Thanks for picking up on the error in my post, I've modified the QueueDirectories path to be ~/Library/Containers/com.microsoft.Outlook (and edited my previous post incase anyone copies it) but I am still having trouble getting this to work.

If I use the path of ~/Library/Containers/com.microsoft.Outlook when I go to launch the LaunchAgent the following error appears in the system log:

UserEventAgent Ignoring path: ~/Library/Containers/com.microsoft.Outlook/

If I change the QueueDirectories path without the ~ e.g. /Users/username/Library/Containers/com.microsoft.Outlook/ then the LaunchAgent appears to work correctly and it attempts to trigger the script when the folder is created, but the following errors appear in the system.log and the AppleScript never runs:

com.apple.xpc.launchd Service exited with abnormal code 1
com.apple.xpc.launchd Service only ran for 0 seconds. Pushing respawn out by 10 seconds

This got me to thinking that perhaps there is something wrong when the AppleScript runs, but I can run it fine manually. After a lot of trial and error I think I figured out what was causing the issue, in the AppleScript there is some code to read the users Active Directory information and it uses a dscl command with a $USER variable, when this script is called by the LaunchAgent it doesnt appear to process that correctly. If I hard-code a username in the dscl command, then the script runs!

For those of you that have this working, had you configured "getUserInformationFromActiveDirectory" to True in the AppleScript?

I also still need to figure out why my LaunchAgent doesnt respect the ~ character in the QueueDirectories path.

Like
SOLVED Posted: by Look
com.apple.xpc.launchd Service only ran for 0 seconds. Pushing respawn out by 10 seconds

This would seem to imply the directory is not empty and the script is running but taking less than the 10 second default minimum for an agent.
You basically have to have to start with no directory (or at least an empty one) if you want this process to work correctly and the directory existing being a condition of disabling the agent.

Queued directories are intended for mail agents etc... they are not looking for changes, they are looking for content.
Or at least that is my understanding of it...

Like
SOLVED Posted: by mm2270

@plawrence Sorry if this is a silly question, but the plist for the LaunchAgent is in /Library/LaunchAgents/ correct? Its not in the LaunchDaemon directory by any chance?
Also, what command are you using to load it? Are you loading it from within an app like Lingon or LaunchControl, or from Terminal? If in Terminal, can you paste the command you're using?

Finally, you may want to add the StandardErrorPath and StandardOutPath keys into the launchd file and point them to some stderr and stdout log files respectively. When you load it, and it errors, it should put something in at least one of those files that may help us figure out what's going on.

FWIW, I have set up LaunchAgents pointing to either an existing but empty directory, or a non existent directory in the QueueDirectories path, and its worked for me either way.

Like
SOLVED Posted: by plawrence

@mm2270 Thanks for the quick response!

Yes, I've put the plist into /Library/LaunchAgents/. To load the Agent I use the following command in Terminal 'launchctl load /Library/LaunchAgents/name.of.agent.plist'

I'll look at putting the error keys into my LaunchAgent and see what the output is.

Did you check if had you configured "getUserInformationFromActiveDirectory" to True in the AppleScript?
Are you currently using the ~ character in your LaunchAgent plist?

Like
SOLVED Posted: by mm2270

Hey @plawrence, so truthfully I haven't been doing testing with the actual Applescript from @talkingmoose. But I'm still not convinced it has anything to do directly with the Applescript. I've used my LaunchAgent with other Applescripts and not had an issue with loading the LaunchAgent. It should still load as long as you have things set up correctly.
As @Look mentioned above, make sure the ~/Library/Containers/com.microsoft.Outlook folder doesn't exist on the Mac, or if its there, make sure its empty. QueueDirectories works by monitoring a directory for content. It won't run the job until some files/folders get dropped into (one of) the directories its watching.
If the com.microsoft.Outlook dir is already populated when you try loading the job, it will try running the job immediately, so make sure its empty or just not there. Outlook will take care of creating it at first or next launch.

And yes, my LaunchAgent is using the ~ character. LaunchAgents don't have a problem with that since they are always run as the logged in user.
The only thing I'm just seeing that's slightly different from what you posted above is that I included the trailing slash at the end of my path, so instead of ~/Library/Containers/com.microsoft.Outlook, I'm using ~/Library/Containers/com.microsoft.Outlook/ I don't think this should make any difference, but try adding the trailing slash in and see if that helps.

Like
SOLVED Posted: by mm2270

I just wanted to post back that, once I began actually using the LaunchAgent to watch the actual folder created by Outlook on first launch, I began to see the LaunchAgent come up with errors as well. It was puzzling at first because I could point the LaunchAgent's QueueDirectories path at almost any other location and get it to load and fire a script off as soon as the dir was created and populated with some other files/folders. But when watching ~/Library/Containers/com.microsoft.Outlook/, it began generating errors. This is under Yosemite at least, since I can't install Office 2016 on anything but 10.10 and up.

I think, though not sure, that the reason is because these are sandboxed apps, and the Containers directory it creates are protected in some way, so maybe a LaunchAgent can't actually watch them with QueueDirectories? I don't know for sure since I know little about what happens behind the scenes with sandboxed apps. Maybe someone with some programming knowledge can comment to say whether or not this makes sense or not. I can't figure out why else it won't work. Any folder I make myself and have it watch, even if it doesn't exist initially, works fine. Its just with the actual ones Outlook creates that it all goes south.

If its true that its because of the sandboxing, we may have to just watch the entire ~/Library/Containers/ folder and detect if the com.microsoft.Outlook folder is being created.

Like
SOLVED Posted: by mm2270

OK, never mind my post above. I just had something configured incorrectly. I was trying to run a script that was calling cocoaDialog, and normally that's OK, but our default deployment of cD sets it so its so the app is not readable by most accounts. This was fixed with a simple chmod -R 755 across the app bundle, so the script run by the LaunchAgent can actually call the application. That's where the error was coming from, not from monitoring the com.microsoft.Outlook directory in the Containers folder. Once I fixed that and put the QueueDirectories path back to ~/Library/Containers/com.microsoft.Outlook/, it works fine. So it seems we can monitor for that and fire a script.

Now to get some other pieces working...

Like
SOLVED Posted: by AdamH

This may be a silly question- I'm just not up to snuff on my AppleScript.
I think I have the base script configured correctly, and looking at the Accounts info it seems to be.
However, when the prompt dialog box pops up to log into your Outlook account, the username is populated by the user's email address instead of their short name or username.
If you manually enter the username in place of the email address, theres no problem, but you know most users will not.

Is there a place in the script to change this behavior or is this something on my exchange server side?

Like
SOLVED Posted: by nzmacgeek

Hi @AdamH - this is a known bug in Outlook 2016, as per this issue logged on GitHub: https://github.com/talkingmoose/Outlook-Exchange-Setup-5.0/issues/1

Like
SOLVED Posted: by eholtam

I'm seeing issues with using the LaunchAgent and using either WatchPaths or QueueDirectories. Both methods are constantly watching for modifications to either a file or whole directory, respectively. In either case this can cause an undesirable launching of one or many instances of the setup script.

In my testing with QueueDirectories watching ~/Library/Containers/com.microsoft.Outlook I was getting the script running 2x during the first launch of Outlook. And if I quit Outlook something was being modified in the watched directory making Outlook launch again and fire up the script. I was getting the same experience with WatchPaths as there isn't a file that can be reliably watched and guaranteed to never be modified again.

The ultimate problem is that 2016 has gotten rid of the Schedules option that Outlook 2011 had. Outlook 2011 was able to have a script run at launch, and as a part of the script, remove itself from the schedule so no other instances would run after it was run once. That behavior, in my opinion, should be mimicked in Outlook 2016 as well, even with the absence of the Schedules option. Leaving the LaunchAgent running as a loaded gun to fire off the setup script anytime the monitored file or path is modified could lead to mis-fires of the setup script even when the account is already setup. What happens when Outlook gets updated? There's no guarantee that a file will remain un-modified for the lifetime of the user account.

I've worked on this in a fork of @talkingmoose's script that tries to implement the change of mimicking the 2011 run-once behavior. In a nutshell, this implementation has a LaunchAgent that checks a custom plist file for a specific key in the user's space to see if the setup script has run. If so, it exits. If not it copies and loads a LaunchAgent in the user's space (~/Library/LaunchAgents) that uses WatchPaths to monitor a file that gets updated only on an Outlook launch. This allows the user to dictate when the script runs as it will only trigger when the application is launched. Once launched the setup script runs and configures the account. I've added 3 lines of code to the end of the AppleScript to write the key value to the custom plist that the main LaunchAgent is looking for on every user login to flag it as having been run, deleting the ~/Library/LaunchAgent and unloading it so it doesn't run again, even if the user quits and re-launches Outlook. This is a run-once behavior like Outlook 2011 had.

The main /Library/LaunchAgent is still loaded and runs a script on every login to check for the existence of the custom plist key. To have the setup script run again you'd just have to remove the custom plist and/or key.

My fork and writeup on this POC can be found at https://github.com/poundbangbash/Outlook-Exchange-Setup-5.0

Note my AppleScript has some custom environment changes, specifically setting the username to the UPN instead of the username. The main difference between the original script and mine are the last 3 'do shell script' lines.

-Eric

Like
SOLVED Posted: by AdamH

So, I did some looking and it seems its not really a bug as much as its a configuration spec.
We've been getting ready to use O365 accounts here, and in doing that have been changing the UPN in our AD template. Once that change was made to a test account, the user was able to actually log in with the email address in that field (username worked as well).
So it seems the behavior is expected, and will work if the UPN field in the AD account is set to O365 standards.
Which is cool.....I guess.....

Like
SOLVED Posted: by Look

@eholtam I used my own setup script (with some sneaky peeks at @talkingmoose 's scripting) but got round the smoking gun as it were by doing the following.
The first thing the script does is check if there is an exchange account, if it finds one, it simply exits and unloads the launchagent. Thereby leaving it not running for the rest of the session.
The launch agent will run every login, but immediately unloads for any user that already has Outlook configured without interfering with anything however if a tech was to delete the monitored folder and exchange account the log out then it would be active again when the user next logged back in and once again reconfigure Outlook.

Like
SOLVED Posted: by eholtam

@Look Care to share your Exchange detecting code snippet?
When the script runs every login wouldn't it have to launch Outlook to be able to determine if an account exists or not?

Like
SOLVED Posted: by Look

@eholtam Sure I am calling apple script from shell, so in the shell part of the script I get my user with my preferred

Current_User=$(stat -f%Su /dev/console | awk '!/root/')

which will return any none root console user.
Then I have a function.

Get_Current_State() {
if [[ "$Current_User" ]] && [[ "$(ps -cax | awk '/Microsoft Outlook/')" ]] && [[ "$(defaults read /Applications/Microsoft\ Outlook.app/Contents/Info.plist CFBundleShortVersionString | awk -F "." '{print $1}')" == "15" ]] && [[ -z "$(find /Users/$Current_User/Library/Group\ Containers/ -name *olk15MailAccount)" ]]; then
    return 0
else
    return 1
fi
}

Basically it checks for a user grabbed earlier, makes sure Outlook is running and that version 15 is installed (it might still fall over if 2011 was installed and open as well) then searches the profile directory to make sure there is no olk15MailAccount file.
You can then use it in the following context

if Get_Current_State; then
DO SOME STUFF ie CALL AN APPLESCRIPT
fi
UNLOAD THE AGENT

Basically the first time the Queue trigger activates it either skips everything and disables the agent or does the script then disables the agent.

Like
SOLVED Posted: by Look

It did also occur to me that you could also just have the disabling of the agent inside the agent itself as another program call, then the script just needs to check and configure or no configure as required and the agent would only ever run once per session either immediately if there were items in the directory or at the point in which the directory is populated.

Like
SOLVED Posted: by talkingmoose

Disabling the launch agent for the session is actually a brilliant idea! I like that.

Wouldn't be too difficult to detect an Exchange account without launching Outlook.

profile=$( defaults read "/Users/$USER/Library/Group Containers/UBF8T346G9.Office/OutlookProfile.plist" Default_Profile_Name )

if [ -d "/Users/$USER/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/$profile/Data/Exchange Accounts" ] ; then
    echo "Exchange account present"
else
    echo "Exchange account not present"
fi

This seems to work in my very limited testing.

Like
SOLVED Posted: by eholtam

@talkingmoose

The existence of the Exchange Accounts folder isn't enough as that folder structure remains even if all Exchange accounts are deleted from within Outlook. I used a hybrid of yours and @Look's code to come up with.

profile=$( defaults read "/Users/$USER/Library/Group Containers/UBF8T346G9.Office/OutlookProfile.plist" Default_Profile_Name )

#Check if an Exchange profile exists or not
if [ -z $(find "/Users/$USER/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/$profile/Data/" -name *olk15ExchangeAccount) ]
then
    #If no LaunchAgents directory exists in the user home, create it
    if [ ! -d $HOME/Library/LaunchAgents/ ]
    then
        mkdir -p $HOME/Library/LaunchAgents/
    fi

    #Copy the LaunchAgent to ~/Library/LaunchAgent and load it
    cp "/Library/Management/Outlook2016Setup/LaunchAgents/net.talkingmoose.OutlookExchangeSetup5.0.plist" "$HOME/Library/LaunchAgents/net.talkingmoose.OutlookExchangeSetup5.0.plist"
    launchctl load "$HOME/Library/LaunchAgents/net.talkingmoose.OutlookExchangeSetup5.0.plist"
else
    exit 0
fi

That worked for all scenarios that I tested. Once the *olk15ExchangeAccount file no longer exists the setup process is made available to the user again.
The launchagent that gets loaded in the ~ space is

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>net.talkingmoose.OutlookExchangeSetup5.0</string>
    <key>ProgramArguments</key>
    <array>
        <string>/usr/bin/osascript</string>
        <string>/Library/Management/Outlook2016Setup/Scripts/Outlook Exchange Setup 5.0.scpt</string>
    </array>
    <key>WatchPaths</key>
    <array>
        <string>~/Library/Group Containers/UBF8T346G9.Office/OutlookProfile.plist</string>
    </array>
</dict>
</plist>

And the applescript has two lines at the end to remove the ~ LaunchAgent and unload it.

do shell script "rm $HOME/Library/LaunchAgents/net.talkingmoose.OutlookExchangeSetup5.0.plist"
do shell script "launchctl remove net.talkingmoose.OutlookExchangeSetup5.0"

This may be my winner winner rubber chicken dinner. Thanks for both of your insights.

Like
SOLVED Posted: by AdamH

I love the idea of a launch agent- its self contained and doesn't rely on anything else.
But what I'v been doing with 2011 so far and could work with 2016 as well, is add this to the beginning of the script:

tell application "System Events" if exists (folder "~/Library/Containers/com.microsoft.Office365ServiceV2") then error number -128 end if
end tell

... and add the script as a login script. It will run every time the computer is logged in for every user and it will just quit if an account has been created already.

I'd have a version without this in self service in case someone wants to recreate their account for some reason.

Like
SOLVED Posted: by talkingmoose

@AdamH, this is purely administrative philosophy.

My reason for having the launch agent watch for specific items is to avoid confusing the user. When he or she launches Outlook, that's when I want setup to run. The user will understand the act of launching Outlook just triggered something. If all script prompts are suppressed, the user doesn't even realize setup just ran and simply logs in to email.

Otherwise, running the script at login automatically launches Outlook, whether the user wants that or not.

Self Service would be a good additional place to add the script if the launch agent fails or we haven't built enough smarts into the script to account all the potential scenarios when it may not trigger.

Like
SOLVED Posted: by AdamH

I think your philosophy is sound. Personally I think it would be the optimal way to go.
But in my environment, we have a deployment team that issues all new computers. So in this scenario having Outlook automatically launch and setup the account for the user is a bonus because it ensures that Outlook is configured and working before the tech leaves.

Oh, and millions of thanks for doing the legwork in developing this script with great documentation! Its saved the scripting-impared many hours of work and related headaches!

Like
SOLVED Posted: by talkingmoose

I've appreciated all the help with the first run stuff. It's time I haven't had to devote to testing, which is why I posted everything as-is on GitHub.

Next, I'll steal ideas and give credit where due. And I'll update everything and put a bow on it. :-)

Like
SOLVED Posted: by talkingmoose

More stuff ready for anyone who'd like to test...

I've devised a launchd setup that works well for me in my testing to automatically configure Outlook 2016 the first time it's launched. After a lot of research into launchd QueueDirectories and WatchPaths, the WatchPaths made the most sense because I can monitor for the existence of specific files. (Thanks, @eholtam, for your ideas. I adapted them for my own changes.)

The whole setup consists of one LaunchAgent file and two scripts. The only file you need to customize is the AppleScript. Everything else can just drop in place. The ROOT folder simply designates the "root" of the hard drive or "/". For now, be sure to keep the names and paths of the files and folders the same as I've created them unless you're comfortable changing the references in the three files.

I've also made minor changes to the AppleScript itself to better accommodate all potential settings not just Active Directory as well as accommodate this new setup.

You'll find everything here: https://github.com/talkingmoose/Outlook-Exchange-Setup-5.0

Click the Download ZIP button to the bottom right and locate these files in the ROOT folder:

  • /Library/LaunchAgents/net.talkingmoose.OutlookExchangeSetupLaunchAgent.plist
  • /Library/Talking Moose Industries/Scripts/Outlook Exchange Setup 5.0.scpt (customize this)
  • /Library/Talking Moose Industries/Scripts/OutlookExchangeLaunchAgent.sh

Feedback, as always, is greatly appreciated.

Like
SOLVED Posted: by eholtam

Thanks, @talkingmoose, for the continued development and followup posts. I'll take a look.

Like
SOLVED Posted: by AdamH

For this new setup- should the LaunchAgents and scripts be going into the regular Library folder or the User's library folder?
The script at the end of the AppleScript references $Home.

Like
SOLVED Posted: by talkingmoose

Posted scripts and the LaunchAgent all go in /Library in the locations I mentioned above.

As needed, one of the scripts will create a temporary LaunchAgent in the current user's home folder, but that's automatic.

Like
SOLVED Posted: by AdamH

OK, I thought so, but when it didn't work I thought I may have had it wrong. Turns out when I manually went through the steps I had the permissions wrong.

I did get it working like a champ yesterday- so I made a package with the files in their working configuration.
However when I put it on a new machine the initial Launch Agent doesn't seem to kick off the script to create the user's launch agent. I confirmed that the agent did load, but it just didn't trigger that script.
Going to do some more futzing around....

Like
SOLVED Posted: by eholtam

The script name the LaunchAgent is calling isn't the same as the actual script in the current repo. Check the /L/LA and verify the script it is calling matches the name of script in /L/TMI/scripts/.

I have a PR on the repo to address that.

-Eric

Like
SOLVED Posted: by shoegazer

i cant get this to work either, the only changes i made were to the applescript left the rest the same except for the launchagent which had the sh script named incorrectly as mentioned by @eholtam above. No launchagent is created.

Like
SOLVED Posted: by talkingmoose

Thanks again, @eholtam!

I've corrected the script name to match the launch agent.

Like
SOLVED Posted: by plawrence

@talkingmoose Just a quick post to thank you again for all your work on this. I've been deploying your the files as-is and they've been working great!

Like
SOLVED Posted: by talkingmoose

Thanks for the feedback, @plawrence! Time to finish the documentation and take care of a few housekeeping issues.

Like
SOLVED Posted: by hkabik

@talkingmoose

Really can't thank you enough for your efforts on this.

Like
SOLVED Posted: by shoegazer

@talkingmoose @eholtam forgot to mention i got this working, thanks guys :)

Like
SOLVED Posted: by TimC

@talkingmoose Another big thank you for the work here! Brilliant stuff, very slick.

I am seeing one curiosity that has me baffled. Deploying Outlook 2016 v15.15 on 10.11.1 and using kerberos launches Outlook and creates user account perfectly first time. After allowing the account to sync with exchange and upon subsequent launches it spawns new accounts called "Untitled Exchange Account". A new account is added everytime Outlook is launched.

I have trawled through the script in an attempt to work out why this would be happening but nothing has stood out. Also happens when kerberos is set to false and username and password are used as @Abdiaziz mentioned earlier. Any clues here?

Cheers
Tim

Like
SOLVED Posted: by eholtam

@TimC

It sounds like the LaunchAgent from the user space isn't being removed properly after the AppleScript is running.

On a machine that is showing this behavior can you manually run the AppleScript from Script Editor.app and view the Events of the script?

-Eric

Like
SOLVED Posted: by talkingmoose

@TimC, just now seeing this. Mr. @eholtam has provided the same response I'd have.

Toward the latter part of the script is a section called "Begin account setup". You'll see several "try" and "end try" lines. In AppleScript, "try" means "execute the following lines of code, but if something fails don't stop the script".

It's possible to comment these lines using two dashes "--" at the beginning of each one. If you see a line that says "on error" then add the dashes to it and the rest of the section until you come to "-- end try". Run the script manually on the machine in Script Editor. It should stop at the part of the script where it fails.

This should help you troubleshoot.

Like
SOLVED Posted: by benbass

I ran into this same issue. I was able to unload the created LaunchAgent, but was unable to delete it. I altered the checking script to remove the spawned LaunchAgent if the account was already setup. Since the spawned LaunchAgent is unloaded it won't run a second time, and when a restart/login happens, the script deletes the LaunchAgent. I tried deleting the LaunchAgent from within the AppleScript, but the AppleScript just would not delete or move the LaunchAgent when called via a LaunchAgent.

And the end of the check-if-setup.sh I have this:

    if [ -e "$profile_loc" ]; then
        launchctl unload "$HOME/Library/LaunchAgents/net.talkingmoose.OutlookExchangeSetup5.0.plist"
        rm "$HOME/Library/LaunchAgents/net.talkingmoose.OutlookExchangeSetup5.0.plist"
    fi
Like
SOLVED Posted: by eholtam

@benbass

Interesting. I assume since the script is called "check-if-setup.sh" you're using my fork as @talkingmoose's script is "OutlookExchangeSetupLaunchAgent.sh." Did this issue happen on multiple machines or just one you were testing on?

What was the owner/group/permissions on the ~/Library/LaunchAgent when it wasn't able to be deleted?

The check-if-setup.sh runs as the logged in user and is supposed to abort if an account exists already. It shouldn't create the ~/Library/LaunchAgent if the Exchange account exists.

-Eric

Like
SOLVED Posted: by benbass

@eholtam Yep - I built it off your fork. I don't remember the permissions, but if I ran the script in the users context manually it worked just fine and unloaded, then deleted the script. It was only when it was automated that the LaunchAgent wasn't deleted.

I added my bit to clear the LaunchAgent after a successful creation, as the LaunchAgent was still there but unloaded. If you logged out and back in, the LaunchAgent was still there, so it went ahead and attempted to create the account - which was already created.

Like
SOLVED Posted: by chad.fox

@talkingmoose Thanks for sharing the Exchange setup!

So far everything works as expected except the password field. Once a user logs in the username populates and the login appears successful, but the password field is left blank. I've tested with and without the keychain checkbox selected with the same issue.

Once I open preferences and manually enter in the password mail begins to sync as expected.

I'm using the domain prefix username authentication method if that helps.

Like
SOLVED Posted: by talkingmoose

@chad.fox, I really appreciate the feedback.

Unfortunately, the password field is completely out of the script's control. When a user sees the prompt to enter his or her password, the script is already complete. That prompt comes from Outlook itself.

Can you verify the username field is actually populating correctly? If so but the password isn't sticking, then we may need to open an issue with Microsoft.

Like
SOLVED Posted: by benbass

@chad.fox @talkingmoose I had the same issue with my AppleScript as well. The account get setup, but when first prompted for the password, you enter the password, and can even select to save it to the keychain, but no password gets saved.

My solution was to add a dialogue to the account creation and have the user enter the password so the AppleScript catches the password and generates the account with the captured password. So far that has been working properly where the account is created and the exchange account starts synchronizing immediately.

Like
SOLVED Posted: by chad.fox

@talkingmoose Everything is populating correctly, super smooth setup. The only hitch was the password field saving the users credentials.

@benbass can you post an example of what you're implementing in the AppleScript? Sounds like that might be a fix for me.

Like
SOLVED Posted: by benbass

@chad.fox @talkingmoose Here is the entire --Begin account setup portion. My additions are fairly minor - the --Grabbing Users Password, and then password:userPassword in the --create the Exchange Account.

On a different note I also added a check for Office 2011. If 2011 is installed you can skip the process as you cannot import 2011 data into an identity that has an account already configured.

I can post that if people are interested.

--------------------------------------------

-- Begin account setup

tell application "Microsoft Outlook" activate try set group similar folders to unifiedInbox end try try set hide on my computer folders to hideOnMyComputerFolders end try if verifyEMailAddress is true then set verifyEmail to display dialog "Please verify your email address is correct." default answer emailAddress with icon 1 with title "Outlook Exchange Setup" buttons {"Cancel", "Verify"} default button {"Verify"} set emailAddress to text returned of verifyEmail end if -------------- --Grabbing Users Password set getUserPassword to display dialog "Please enter your password" with icon 1 with title "Outlook Exchange Setup" default answer "" buttons {"Cancel", "OK"} default button {"OK"} with hidden answer set userPassword to text returned of getUserPassword if verifyServerAddress is true then set verifyServer to display dialog "Please verify your Exchange Server name is correct." default answer ExchangeServer with icon 1 with title "Outlook Exchange Setup" buttons {"Cancel", "Verify"} default button {"Verify"} set ExchangeServer to text returned of verifyServer end if -- create the Exchange account try set newExchangeAccount to make new exchange account with properties ¬ {name:"Mailbox - " & userFullName, user name:domainPrefix & userShortName, full name:userFullName, email address:emailAddress, server:ExchangeServer, use ssl:ExchangeServerRequiresSSL, port:ExchangeServerSSLPort, ldap server:DirectoryServer, ldap needs authentication:DirectoryServerRequiresAuthentication, ldap use ssl:DirectoryServerRequiresSSL, ldap max entries:DirectoryServerMaximumResults, ldap search base:DirectoryServerSearchBase, receive partial messages:downloadHeadersOnly, background autodiscover:disableAutodiscover, password:userPassword} on error -- something went wrong display dialog errorMessage & return & return & "Unable to create Exchange account." with icon stop buttons {"OK"} default button {"OK"} with title "Outlook Exchange Setup" error number -128 end try -- The following lines enable Kerberos support if the userKerberos property above is set to true. if useKerberos is true then try set use kerberos authentication of newExchangeAccount to useKerberos set principal of newExchangeAccount to userKerberosRealm on error -- something went wrong display dialog errorMessage & return & return & "Unable to set Exchange account to use Kerberos." with icon stop buttons {"OK"} default button {"OK"} with title "Outlook Exchange Setup" error number -128 end try end if -- The Me Contact record is automatically created with the first account. -- Set the first name, last name, email address and other information using Active Directory. set first name of me contact to userFirstName set last name of me contact to userLastName set email addresses of me contact to {address:emailAddress, type:work} set department of me contact to userDepartment set office of me contact to userOffice set company of me contact to userCompany set business phone number of me contact to userWorkPhone set mobile number of me contact to userMobile set business fax number of me contact to userFax set job title of me contact to userTitle set business street address of me contact to userStreet set business city of me contact to userCity set business state of me contact to userState set business zip of me contact to userPostalCode set business country of me contact to userCountry set business web page of me contact to userWebPage -- Set Outlook to be the default application -- for mail, calendars and contacts. set system default mail application to true set system default calendar application to true set system default address book application to true -- We're done. end tell
Like
SOLVED Posted: by chad.fox

@benbass Thank you! That worked perfectly, I've tested it multiple times without issue.

I was able to add the additions in your script to the Outlook Exchange Setup 5.1.0 script. Each time exchange was able to sync automatically.

Like
SOLVED Posted: by tim.rees

Hey All,

I was having major issues with this script, and then on closer inspection found that users did not have LaunchAgent Folders... Is this normal for a freshly installed 10.11.2 machine? ie has anyone else seen this issue?

I thought I was going mad originally, as I knew a @talkingmoose solution would never have this level of trouble.

Thanks.

Like
SOLVED Posted: by benbass

@tim.rees That is correct - a fresh 10.11.2 and even 10.10.5 user does NOT have a LaunchAgents folder. I have my variant of the script make the ~/LaunchAgents folder if it needs to write the setup launch agent.

Like
SOLVED Posted: by tim.rees

Thanks @benbass

Good to know if the folder is created that it will work! I will go and find your variant of the script and have a look.

Like
SOLVED Posted: by benbass

@tim.rees I guess I should post my variant then shouldn't I. :) I also just thought of something to add as a check if the setup has already been done, as I just had the launch agent load again for the setup while outlook was already open.

I'm thinking of having a file or plist created at the end of the Apple Script, and then have the script check for that file.

I'll work on that and see about posting a sanitized version of my scripts this week.

Like
SOLVED Posted: by tim.rees

@benbass I assumed it was forked on GIT :-)

Chances are I will need this LaunchAgent folder for more projects, so I would be tempted to make a LaunchAgent that creates the user launchagent folder with the right permissions if it is not found!

Speaking of which, can you confirm what permissions you believe need to be on the LaunchAgent folder in the user library?

Thanks.

Like
SOLVED Posted: by benbass

@tim.rees Oh, I do have it in git - in a private repo. So I will fork again, and sanitize the scripts for general consumption.

Like
SOLVED Posted: by tim.rees

As a temporary fix i've add the following in at the start of the OutlookExchangeSetupLaunchAgent.sh file:

# Create $HOME/Library/LaunchAgents if it does not exist username=$(ls -l /dev/console | awk '{print $3}') if [ ! -d "$HOME/Library/LaunchAgents" ] then sudo -u $username /bin/mkdir -m 0700 "$HOME/Library/LaunchAgents" fi

Edit: I just found there is a line for creating the LaunchAgents folder in the .sh file... I don't know why it didn't work before.. but it seems to be working now...

Like
SOLVED Posted: by tim.rees

@benbass @talkingmoose Either of you encountered the LaunchAgents put into ~/Library/LaunchAgents appearing to be duplicated in /Library/LaunchAgents in a fresh install of 10.11.2? I thought I was going slightly insane.

Like
SOLVED Posted: by benbass

@tim.rees I haven't seen that particular thing happen. But I finally have my whole setup complete - so tomorrow I will anonymize it and post it up on github. It is based off of @talkingmoose setup but uses scripts instead of profiles for setting things and I have tweaked his AppleScript, but is is mainly his hard work.

I'll post here once I get that up.

Like
SOLVED Posted: by talkingmoose

@tim.rees, that wouldn't be something caused the scripts (latest version 5.1.0). Not sure what would be causing duplication. They are duplicated not just created in the wrong place?

Let's not let go of that insanity idea just yet. For my sake. ;-)

Like
SOLVED Posted: by tim.rees

Hey @talkingmoose

I was about to post with my further findings...

Ignore everything I ever said!!!!! :-)

I re-downloaded the scripts from scratch, removed the launchctl command from the postflight script, and it worked first time! I think the problem was between the keyboard and the chair!

Thanks for the scripts @talkingmoose and thanks for the help @benbass :-)

Like
SOLVED Posted: by Carlos

Hi All...This may not be the right spot for this question as it's a bit off topic but haven't been able to find a discussion out there that covers it...

So the scenario I am working with is this:

Corp environment running Office 2011, Outlook 2011 connected to Exchange accounts, Users have moved some emails into "On My Computer" folders in an attempt to archive emails off of the live Exchange boxes. Therefore users open Outlook and they are Connected to Exchange and also have local "On My Computer" folders with email.

We are now working with upgrading/migrating these users to Office 2016....I am looking for a automated/scripted method to either A. Install Office 2016 side by side with Office 2011 and then import the contents of the "Microsoft User Data" folder for Outlook 2011 to the new "Identities" location for Outlook 2016 to bring over all emails contained within "On My Computer" as well as the Exchange account. Or B. Backup the "Microsoft User Data" folder for Outlook 2011, uninstall Office 2011, Install Office 2016 and then restore the backup made of the "Microsoft User Data" folder into Outlook 2016 to bring over the "On My Computer" folders as well as the Exchange account.

Let me know what you guys think...thanks in advance :)

Like
SOLVED Posted: by talkingmoose

@Carlos, right now, Outlook 2016 has no scripted way of importing an Outlook 2011 identity. It's going to have to be a manual process run by someone using Outlook.

Outlook 2016 will import a 2011 identity if you choose File > Import > Outlook 2011 data on this computer.

FYI, Outlook 2016 when used with Office 365 or Exchange now supports Online Archive if your administrator has enabled it for your accounts. You'll still need to move those On My Computer messages manually back to your Exchange account, however, going forward the server will automatically move them to the Online Archive mailbox for that user. This mailbox is not synchronized to Outlook. It's a great way to access old messages without consuming your primary mailbox's quota.

So, short answer. You'll still feel some pain now, but getting your users upgraded will help you feel a lot less pain later.

Like
SOLVED Posted: by Platzhirsch89

Hi, first of all, i want to thank talkingmoose for this amazing script!! Thank you! Im new in this forum and the conversations here many time helped me out of problems so i have decided to join this forum. About this script i have a question: it work fine in my enviroment with el capitan, but the account in outlook dublicates himself every time i restart outlook and after several times opening, i got 5 identical accounts. Do you have any idea what could be the issue? I reinstalled the mac several times but still the same problem. thank you for your help!

Like
SOLVED Posted: by tnielsen

Good job talkingmoose.

Like
SOLVED Posted: by mapurcel

@talkingmoose we are also in the situation of having our users import the 2011 identity, including the account. As we are going to o365, we need to change the username from domain\username to UPN (or email address) on the account that is being imported. Can you point me in the right direction on if this is possible or if we will need to create a new account? And if we create a new account is there a way to make the username the UPN instead of the short name or domain\username? thanks in advance

Like
SOLVED Posted: by talkingmoose

@mapurcel, Outlook 2016's built-in import/upgrade feature won't migrate IMAP or Exchange mail/calendar/contact data. It will only migrate account settings and preferences such as rules, categories and signatures. Microsoft expects the mail to download from the server.

Because the import cannot be scripted, you or your user will need to launch Outlook 2016 and start that process manually (or it may kick in as part of the first launch of Outlook). But you'll then have to change account settings too.

My suggestion is to start new accounts and be sure to educate users they will need to recreate those preferences I mention above.

Like
SOLVED Posted: by talkingmoose

@eholtam has corrected me on Outlook 2016's behavior when importing Outlook 2011 mail data. It will import mail data directly instead of downloading data from the servers again.

Like
SOLVED Posted: by AdamH

This is a great script. When we rolled out version 15.17 it was working flawlessly.
But when we went to 15.18, we got a new odd behavior.
Everything works correctly, the agent sets up the account when Outlook is launched and prompts for the user's password as it always has.
The difference now is that the account doesn't actually log in.
The account is setup correctly but doesn't start downloading email.
If you quit outlook and relaunch it, the mail starts populating as you might expect.
Has anyone seen this behavior before?

Like
SOLVED Posted: by talkingmoose

@AdamH, not sure about the behavior you're seeing with the newer version of Outlook, but you may be able to kickstart the login by adding a couple of lines at the end of the script to set Outlook to work offline and then online again.

tell application "Microsoft Outlook" to set working offline to true
tell application "Microsoft Outlook" to set working offline to false
Like
SOLVED Posted: by kbach

@AdamH I am seeing the behavior you're describing on Outlook 15.19.1.

I also took the liberty of toggling from online to offline within the first time Outlook being launched after entering password, it has no affect. Only after closing Outlook and relaunching do I get a secondary prompt to enter password and then the mailbox begins to sync.

Like
SOLVED Posted: by aporlebeke

@AdamH @kbach seeing the same behavior for me as well on 15.21.1.

Immediately after entering the account password when I go into account settings there's no password entered. When I quit and reopen it prompts again and when I enter the password this time it immediately starts syncing mail. Put in this in an issue on Github.

Like
SOLVED Posted: by kstrick

have seen the same behavior intermittently with 15.21.1

Like
SOLVED Posted: by aporlebeke

Using the updated 5.3 AppleScript from Github and adding a delay 5 before the end tell for Microsoft Outlook resolved our issue. Script is now working like a thing of beauty.

Thanks for making my and my team's lives for our image next year that much easier! <3

Like
SOLVED Posted: by cskj

This is an awesome script! I have so much to learn from this!

I'm curious if anyone here has had any luck scripting the S/MIME certificates anywhere for Outlook 2016.

I see both options to enable smime encryption and signing in apple script and can set those, but without a cert selected it defeats the purpose.

Would you be able to point me in the right direction for that one?

Like
SOLVED Posted: by talkingmoose

@aporlebeke, so glad to hear the delay is working. You might try a shorter delay if you feel the timing is a little slow. I'll do some testing and consider adding this to the AppleScript.

@cskj, unfortunately, the only encryption/certificate settings that are scriptable don't include configuring the account to use them. While Microsoft will continue supporting the existing AppleScript code in Office for Mac, it has said it will no longer continue development. That means we're more than likely not going to see the necessary properties added to Outlook's dictionary to script enabling certificates.

Like
SOLVED Posted: by wmateo

@talkingmoose This is a great script! thank you for creating it. I am having trouble using it in my environment as the DOMAIN\username method does not work even when done manually. It accepts username@domain (which differs from the email domain). Any suggestions?

other than that, the script works very well.

Like
SOLVED Posted: by talkingmoose

@wmateo, you're more than likely looking for User Principal Name (UPN). Assuming you're connecting to Active Directory, you can read this from the directory and use it directly. Do this:

  1. Look for this section under "Begin collecting user information":
    set userFirstName to ""
    set userLastName to ""
    set userDepartment to ""
    set userOffice to ""
    set userCompany to ""
    set userWorkPhone to ""
    set userMobile to ""
    set userFax to ""
    set userTitle to ""
    set userStreet to ""
    set userCity to ""
    set userState to ""
    set userPostalCode to ""
    set userCountry to ""
    set userWebPage to ""
    set userPrincipalName to "" < -- Add this line
  2. Look for this section too. Add "userPrinicpalName" to the end.
    set userInformation to do shell script "/usr/bin/dscl \"/Active Directory/" & netbiosDomain & "/All Domains/\" -read /Users/$USER AuthenticationAuthority City co company department physicalDeliveryOfficeName sAMAccountName wWWHomePage EMailAddress FAXNumber FirstName JobTitle LastName MobileNumber PhoneNumber PostalCode RealName State Street userPrincipalName"
  3. Lower in the same section, find one of the several script blocks that looks like the following, duplicate it and modify it for userPrincipalName:
        set AppleScript's text item delimiters to {": "}
    if paragraph i of userInformation begins with "dsAttrTypeNative:userPrincipalName:" then
        try
            set userUPN to text item 2 of paragraph i of userInformation
        on error
            set AppleScript's text item delimiters to {""}
            set userUPN to characters 2 through end of paragraph (i + 1) of userInformation as string
        end try
    end if
  4. Look for the "Begin logging user information" section and modify it:
    writeLog("User information...")
    writeLog("First Name: " & userFirstName)
    writeLog("Last Name: " & userLastName)
    writeLog("User Principal Name: " & userUPN) < -- Add this line
    writeLog("Email Address: " & emailAddress)
    writeLog("Department: " & userDepartment)
    writeLog("Office: " & userOffice)
    writeLog("Company: " & userCompany)
    writeLog("Work Phone: " & userWorkPhone)
    writeLog("Mobile Phone: " & userMobile)
    writeLog("FAX: " & userFax)
    writeLog("Title: " & userTitle)
    writeLog("Street: " & userStreet)
    writeLog("City: " & userCity)
    writeLog("State: " & userState)
    writeLog("Postal Code: " & userPostalCode)
    writeLog("Country: " & userCountry)
    writeLog("Web Page: " & userWebPage)
    writeLog(return)
  5. Finally look for this section under "Begin account setup" and modify "user name" to use userUPN:
        try
        set newExchangeAccount to make new exchange account with properties ¬
            {name:"Mailbox - " & userFullName, user name:userUPN, full name:userFullName, email address:emailAddress, server:ExchangeServer, use ssl:ExchangeServerRequiresSSL, port:ExchangeServerSSLPort, ldap server:DirectoryServer, ldap needs authentication:DirectoryServerRequiresAuthentication, ldap use ssl:DirectoryServerRequiresSSL, ldap max entries:DirectoryServerMaximumResults, ldap search base:DirectoryServerSearchBase, receive partial messages:downloadHeadersOnly, background autodiscover:disableAutodiscover}
        my writeLog("Create Exchange account: Successful.")
    on error

I haven't tested these changes myself, but I think these should be all you need to do.

Like
SOLVED Posted: by wmateo

You are the man!! Thank You!! worked like a charm. @talkingmoose

Like
SOLVED Posted: by Jaxson75

On the OutlookExchangeSetupLaunchAgent.plist do I have to edit anything in there in order for the scripts to work. When I launch Outlook 2016 the scripts are not kicking in unless I run the Apple Script manually.

Like
SOLVED Posted: by talkingmoose

@Jaxson75, you'll find a log in the user's ~/Library/Logs folder. What does it say?

Like
SOLVED Posted: by dpratl

Thank you @talkingmoose this is awesome.

I just have one question, we are also deploying office templates and because of this the /Users/$USER/Library/Group Containers/UBF8T346G9.Office folder already exists. I tried to change some parts in your OutlookExchangeSetupLaunchAgent.sh to check the /Users/$USER/Library/Group Containers/UBF8T346G9.Office/Outlook folder but it didn't work.

Honestly I'm no programer i just tried ;)

Hope you or anyone else has a hint for me.

Thank you
BR
Daniel

Like
SOLVED Posted: by talkingmoose

@dpratl, thanks for the kudos!

First, no need to deploy templates to each user's home folder. You can place them in /Library/Application Support/Microsoft/ for all users. See this document: http://macadmins.software/docs/UserContentIn2016.pdf.

The OutlookExchangeSetupLaunchAgent.sh script is looking for the existence of this folder in the current user's home folder: "$HOME/Library/Group Containers/UBF8T346G9.Office" You've identified that part perfectly. If it's already there then the script assumes the user already has Office preferences and setup doesn't happen.

You can correct this one of two ways:

  1. You can move your template files to the /Library/Application Support/Microsoft folder that I mentioned above and then remove the "$HOME/Library/Group Containers/UBF8T346G9.Office" from each user folder.
  2. You can try modifying this part of the script and see if that works.
    Change:

    if [[ -f "$HOME/Library/Group Containers/UBF8T346G9.Office/OutlookProfile.plist" ]] ; then
        logresult "$HOME/Library/Group Containers/UBF8T346G9.Office/OutlookProfile.plist already exists. Doing nothing." "$HOME/Library/Group Containers/UBF8T346G9.Office/OutlookProfile.plist does not exist but it should exist already. Something may be wrong."
    fi

    to:

    if [[ -f "$HOME/Library/Group Containers/UBF8T346G9.Office/OutlookProfile.plist" ]] ; then
        logresult "$HOME/Library/Group Containers/UBF8T346G9.Office/OutlookProfile.plist already exists. Doing nothing."
    else
        /usr/bin/touch "$HOME/Library/Group Containers/UBF8T346G9.Office/OutlookProfile.plist"
        logresult "$HOME/Library/Group Containers/UBF8T346G9.Office/OutlookProfile.plist does not exist but it should exist already. Creating the file."
    fi
Like
SOLVED Posted: by dpratl

Thank you @talkingmoose - awesome scripts and super fast response time :D

I have to put the templates into that folder because if i don't Word and Outlook doesn't use them as default template. (Excel and PowerPoint are not working till now but at least Outlook and Word ;)

I did the changes you suggest but it looks like the script is not starting at all (also no entry into your log file)
If i run it per hand it is writing that it creates the plist file and launch agent.

I'm sorry to bother you because of my damn templates.

Like
SOLVED Posted: by talkingmoose

@dpratl, be sure to test this setup for a user under a different OS X user account.

If your user logs in, the launch agent in /Library/LaunchAgents should trigger the shell script. Even if Outlook is already configured, that shell script should say something in the log. Having an empty log tells me the launch agent isn't running at login.

Launch agents require very specific ownership and permissions, which the installer should set. If you view these settings in Terminal, you should see something like:

ls -l /Library/LaunchAgents/
total 40
-rw-r--r--  1 root  wheel  595 Jul 26 07:58 net.talkingmoose.OutlookExchangeSetupLaunchAgent.plist
Like
SOLVED Posted: by ocla&&09

Hi @talkingmoose Do you have any insight as to whether there is a way to suppress the following autodiscover prompt? There is apparently a reg key hack for Windows, but I have not seen anything for macOS at this point.

Like
SOLVED Posted: by talkingmoose

@ocla&&09, that's a user setting and I'm pretty sure it's stored in Outlook's SQLite database within its identity. I wouldn't attempt modifying the database or you may cause Outlook to rebuild it.

Other than the user clicking the Allow button and enabling the option to always use that response, you can run an AppleScript command. However, it requires Outlook be running under the user's account. The command is:

tell application "Microsoft Outlook" to set background autodiscover of exchange account 1 to false

You can replace the 1 with the actual name of the account if you have more than one.

Careful with doing this, though. If the user travels, you could disable Outlook from connecting when it attempts to connect from external networks.

I completely get this feature is confusing to users and suggest you voice your concern to Microsoft here: https://outlook.uservoice.com/forums/293343-outlook-for-mac/suggestions/12255774-autodiscover

Like
SOLVED Posted: by ocla&&09

Thank You @talkingmoose, does this also disable autodiscover from the perspective of setting up a new account on a machine in the account prefs window (ie all or nothing), or is this just the background checks after the fact that the command verbage implies?

Like
SOLVED Posted: by talkingmoose

@ocla&&09, you won't be able to disable Autodiscover until you have an Exchange account created. To work around that, you can use AppleScript to set Outlook to work offline, create the account, disable Autodiscover and then set Outlook to work online again.

tell application "Microsoft Outlook"
    set working offline to true
    set background autodiscover of exchange account 1 to false
    set working offline to false
end tell

Haven't tested this, but I think it's the right syntax.

Like
SOLVED Posted: by AdamH

First off... I love my Talking Moose script....
I love it even more because its called Talking Moose.... I remember that app.....

But apparently we are doing a slow phased migration to Office 365. So Hard-coding the exchange server in the script doesn't work for everyone and I have no way of discerning who has been migrated already. AutoDiscovery should work but that doesn't seem to be an option in the current script. Is there a way to use auto-configure with this script- or is that a whole new project?

Like
SOLVED Posted: by talkingmoose

@AdamH, I love hearing someone remembers the app! It was the first computer program that showed me computers could be fun.

I wrote the script for environments where Autodiscover wasn't available. At the time I was using it, I was educating my Exchange folks about Autodiscover, but they were pretty slow to enable it.

Outlook's AppleScript dictionary does support calling Autodiscover:

tell application "Microsoft Outlook"
    autodiscover email address "bill@talkingmoose.net" user name "bill@talkingmoose.net"
end tell

It returns something like:

{use ssl:true, server:"https://outlook.office365.com/EWS/Exchange.asmx",
primary smtp address:"bill@talkingmoose.net",
oab manifest url:"https://outlook.office365.com/OAB/2d1f6b5f-c74d-0000-b7f4-fbbda4ee8c30/",
port:443, full name:"William M. Smith", ldap server:""}

I've just never considered modifying the script to support Autodiscover if it already works. It would take a bit of work to redo the script to support Autodiscover (maybe version 6.0?), but if you're familiar with how to take the output above and slip it into the properties at the top of the script, then that should be all you need.

Like
SOLVED Posted: by AdamH

Completely understand. If it were up to me, I'd have people just input their name and email and be done with it. But the script has spoiled the user base so much now that the expectation is that they will only need to input a password to start using Outlook.

I'm not a great scripture, but I do ok modifying other people's scripts, so the pointers you gave here should give me a good start. Thanks a bunch!

Like
SOLVED Posted: by AdamH

OK, this is going to be trickier than I thought.

Without dealing with variables, I thought it may look something like:

tell application "Microsoft Outlook"
    try
        set exchnageInfo to autodiscover email address "mac.user@domain.com" user name "macuser1"


        set newExchangeAccount to make new exchange account with properties {exchangeInfo}


    end try

end tell

It calls up the right information and prompts for credentials like it may be expected to, but it doesn't actually create the account with that info.

Like
SOLVED Posted: by rickwhois

@talkingmoose this is awesome! I only have one issue. When I configure using this script, I can't seem to show shared calendars when I choose Open Shared Calendar. However, if I were to remove the account, and add it manually, I can Open Shared Calendars just fine. Is this happening to anyone else?

Like
SOLVED Posted: by talkingmoose

Thanks for the kudos, @rickwhois!

No idea why configuring using a script vs. manual would affect opening shared calendars. Are you sure you're using the exact same settings?

Also, have you disabled Autodiscover in the script? That might cause this behavior, but I haven't tested.

Like
SOLVED Posted: by wmateo

@talkingmoose how do you handle signatures? we want our users to have and image, and text similar how Windows handles. Signature templates

Like
SOLVED Posted: by Look

@wmateo Not sure how others have doen this...
We did it by having an HTML template signature and associated images with unique tags that we replaced with data pulled from AD (name, email, phone number, title, etc..), we then used an Applescript call to Outlook to create a new signature using this template.
Unfortunately I am now off work until after the new year so can't easily check the scripting for you.

Like
SOLVED Posted: by wmateo

@Look Since our AD enviroment is not really cleaned up yet. I was looking for a way to "prefill" the Signature area with a few default images, and dummy fields so user can enter name themselves.

Like
SOLVED Posted: by Look

Well you can definately make an Applescript call to Outlook 2016 and tell it to create a new signature using an HTML file as the source, if you have any linked image files in the same directory and in the right format (png I think is what I used) then it will embed these in the signature as wel, this is new behaviour as of a fairly recent version upgrade, previously it just linked images, which sucked.
Not quite sure how the best way to go about creating the HTML signature, ours was originally supplied to me by branding, it was massively over complicated so I pulled it apart and rebuilt it with half the code, but it did mean it had all the correct stuff specified at the top, maybe you can export it in HTML from Windows or something, not sure.

Like
SOLVED Posted: by kbach

@talkingmoose Thoughts on updating an existing Outlook 2016 account with a new directory service server name? Something like this?

tell application "Microsoft Outlook"
try set ldap server:xxxxxxxxxxx
end try
end tell

Like
SOLVED Posted: by talkingmoose

@kbach, the syntax is close. You also need to specify the account. You may also want to set the other properties of the LDAP server (just to be thorough). I think the "try" statement is a good idea. Give this a shot:

tell application "Microsoft Outlook"
    try
        set ldap server of exchange account 1 to "ldap.company.com"
        set ldap needs authentication of exchange account 1 to true
        set ldap use ssl of exchange account 1 to true
        set ldap port of exchange account 1 to 3269
        set ldap max entries of exchange account 1 to 1000

        -- rarely need to set this, but would be something like "CN=Users,DC=talkingmoose,DC=net"
        set ldap search base of exchange account 1 to ""
    end try
end tell

Optionally, you can replace the "1" in exchange account 1 with the Account Description if you want to call it by name:

set ldap server of exchange account "My Exchange Account" to "ldap.company.com"

AppleScript is pretty much the only way to set these attributes. It will require Outlook be running or it will launch Outlook automatically if it's not running. This probably isn't something you want to just spring on your users.

Like
SOLVED Posted: by kbach

@talkingmoose This worked perfectly, thanks!

!/usr/bin/osascript

tell application "Microsoft Outlook" try set ldap server of exchange account 1 to "xxxxx.xxxxx.com" end try
end tell

Created the script, attached to policy with a trigger of a login hook..update successful.

Like
SOLVED Posted: by jonlju

@talkingmoose I've never gotten this to work...whenever I run the "Package for deployment" it says "Package build failed. Verify ROOT and Scripts folders are in the same folder as this Package for Deployment app." Any idea what I'm doing wrong? I didn't change the folder structure of the download, running on 10.12.3.

Like
SOLVED Posted: by dpratl

@jonlju

Try to download it again, I once had that too and redownloading solved it for me.

BR
Daniel

Like
SOLVED Posted: by jonlju

@dpratl Thank you, I tried that too but no dice unfortunately. Also tried a different Mac (but it also runs 10.12.3) and I get the same issue.

Like
SOLVED Posted: by talkingmoose

@jonlju, I'm seeing similar behavior and will look into it. I suspect this is sandboxing getting more and more strict.

In the meantime, it seems to work just fine if you open the Package for Deployment.app file in Script Editor (located in /Applications/Utilities) and run it from there. Just click the third button (Play button).

Like
SOLVED Posted: by OneSeventeen

I'm very new to this, so I'm sorry if this is obvious:

How do I prevent the package from suppressing the first run windows? Our staff are licensed through O365 and I'd like them to see the first run windows so they have an opportunity to activate Office when launching Outlook (which is usually the first Office app they launch).

Based on what I've seen in the scripts, it feels as though removing the .mobileconfig file from the package should be enough, but I wanted to make sure there wasn't a better method.

Thanks again to everyone on the hard work for this! As I learn more about packages and AppleScript I hope to contribute more myself.

Like
SOLVED Posted: by talkingmoose

@OneSeventeen, the default Microsoft_Outlook_2016_First_Run.mobileconfig profile included with the package includes three keys. The combination of all three keys suppresses every first run dialog.

For Office 365 users, locate the com.microsoft.Outlook.plist file in the Extras folder. Open this plist file with a text editor such as TextWrangler, Xcode or TextEdit. Delete the kSubUIAppCompletedFirstRunSetup1507 key and the value below it. Save the file.

In your JSS, create a new Configuration Profile and choose the Custom Setting payload. Upload your edited plist file and save.

You can either download this Configuration Profile to make a new .mobileconfig profile that replaces the original in the ROOT > tmp folder or remove the original altogether and use Jamf to deploy the configuration profile.

Removing this one key will allow Office 365 users to activate Office but will suppress the Outlook setup dialog and let the script run.

Like
SOLVED Posted: by OneSeventeen

Awesome, thanks! I realize much of that was mentioned in the wiki, but I appreciate you spelling it out for me.

Like
SOLVED Posted: by wmateo

@Look if you could forward me your script, that would be great. I would love to implement this in our org. Any way to also mass delete existing signatures?

Like
SOLVED Posted: by chad.fox

@wmateo This works via Apple Script, I tested it now:

tell application "Microsoft Outlook"
    delete signature 1
end tell

Just replace the 1 with whatever signature you're trying to remove.

Like
SOLVED Posted: by perweilerg

Thanks for the script! My question is a bit off topic, but you sound like a very knowledgable group.

What ideas does anyone have for migrating On My Computer archives to Online Archives? We used an Entourage script and then OEAO to archive from Exchange to On My Computer.

Now that we are moving to 2016 with Online Archives we are trying to get the archives moved to the new Online Archives, but it appears you can only move (copy) one message at a time directly there, or move the messages back to the main account. The problem is we have users with huge archives that won't fit into their small exchange account and users with hundreds of folders that would each have to be manually moved.

I am hoping someone has done this before without too much pain. Thanks!

Like
SOLVED Posted: by kstrick

@perweilerg RE: Online Archiving

The Mac Outlook options are not good, due to limitations with MS's EWS API.

There is a mac version of Quadrotech's Flightdeck being developed for mac, but it's still only beta quality (we are having issues getting it to work right).

Every other option i've found so far is pretty painful.

Like
SOLVED Posted: by BrentSlater

Hi Guys,

We have this script in place for our Office 365 Instance an for the most part it works great, with the exception that it is running everytime that Outlook gets opened rather than just the first time.

I was not the person that initiated the script setup but it is just downright annoying for users now because they click on the Verify button all the time and create multiple exchange accounts taking up a huge amount of space.

any ideas?

Like
SOLVED Posted: by talkingmoose

@BrentSlater, the script triggers using a launch agent in the current user's ~/Library/LaunchAgents folder. After successful setup, that launch agent is supposed to get deleted and not run again. Sounds like that's not happening.

Run this on a clean machine if you can and reproduce the problem. The script creates a log in the user's ~/Library/Logs folder. Does it indicate anything is failing?

Like
SOLVED Posted: by BrentSlater

Hey @talkingmoose I can't see any log file for it...

Definitely something is up there.

I will do some more digging

Like
SOLVED Posted: by Aaron

I'm getting this too actually, the error that comes back is:

Delete OutlookExchangeSetup5.plist file from user LaunchAgents folder: Failed.
Unload OutlookExchangeServer5.plist launch agent: Failed.

Will also do some digging.

Edit: Worked it out almost as soon as I posted this.

Some of my usernames have spaces in it - we're moving away from this, but there are still some users (me included) that have spaces.

I had to edit one of the lines to quote around the $HOME variable. Right down the bottom:

do shell script "/bin/rm \"$HOME/Library/LaunchAgents/net.talkingmoose.OutlookExchangeSetup5.plist\""

Note the escaped quotes.

Like
SOLVED Posted: by rqomsiya

Hi all,

Having issues getting Outlook 15.38 to autoconfigure with @talkingmoose's configuration script. I get the following error in AppleScript when i manually run the .scpt:

error "The variable emailAddress is not defined." number -2753 from "emailAddress"

Any input would be greatly appreciated! Thanks!

Like
SOLVED Posted: by gbunner

Hello All,
I'm happy that I seem to have everything working as expected. The last piece to the puzzle for me would be to figure out how to deal with the verify certificate popup to make this truly a seamless process for the end user. I'm currently using a configuration profile to deliver the .cer certificate payload. it's currently set to install automatically at the computer level. It does show up in the Keychain after selecting "Always Trust". When Outlook 2016 is launched for the first time, I'm getting the following verify certificate popup. Is there a way to make this box happy so that it doesn't appear on first run? Last piece to the puzzle, so close :)

Thanks in advance!
Gene

Like
SOLVED Posted: by talkingmoose

@gbunner, it appears the .cer file you uploaded is not a copy of the root certificate used to sign your mail server's certificate. Deploy the .cer that signed your server's certificate in a configuration profile. It will be trusted on the Macs automatically. Any certificates you encounter as part of connecting to a server will be trusted because you'll have already trusted the root.

Like
SOLVED Posted: by gbunner

That worked perfectly, Thanks for your assistance!

Like
SOLVED Posted: by MatG

Is there an easy way to set everything back to default as my first attempt at this after activating O365 I just got the first run screens.

Like
SOLVED Posted: by rqomsiya

easiest way I’ve found is to just delete the user profile you tested on. This way it will delete the group containers.

Like
SOLVED Posted: by talkingmoose

I'll agree with @rqomsiya. For something like this, a test macOS user account is ideal. No chance of cruft from earlier testing getting in the way and Fast User Switching or a virtual machine makes this easy to do.

I've worked with few folks directly to try and delete all the necessary folders and files for a reset. It's easy to forget something.

Like
SOLVED Posted: by MusRM

@talkingmoose Thank you for all your hard work so far! I have used some of the scripts that you put together to get rid of Outlook's first run and welcome windows. I am trying to set the Outlook authentication method to Kerberos instead of the regular User Name and Password. I just want the option to be pre-defined/pre-selected Kerberos, so that the users just input their email address. Note that we have Autodiscover feature in Exchange.
Can we acheieve that with a .sh or .scpt file? Appreciate your help.

Like
SOLVED Posted: by talkingmoose

@MusRM, if you're using my Outlook Exchange Setup script, one of the properties you can set at the top of the AppleScript is to use Kerberos. The syntax looks something like:

tell application "Microsoft Outlook"
    set use kerberos authentication of exchange account 1 to true
    set principal of exchange account 1 to "mmoose@talkingmoose.pvt"
end tell
Like
SOLVED Posted: by gbunner

Hello,
When a new user logs in and opens Outlook for the first time, the first window they see is the "Set Up Your Email" popup window and then a few seconds later they get the username and password box for the auto connect to happen (which is good!) The problem that I'm seeing is when a user is presented with the first "Set up Your Email" window, they go down that rabbit hole and Outlook doesn't auto configure and in a lot of cases, they hit cancel on the username/password box that pops up a few seconds later. My Question: Is there a way to disable the first "Set Up Your Email" window? this way they will only be presented with username/password dialog. Once we get that accomplished, then it's down to user training to go ahead and enter the password and not hit cancel.

Thanks!

Like
SOLVED Posted: by talkingmoose

@gbunner, see line 51 of this spreadsheet:

https://docs.google.com/spreadsheets/d/1ESX5td0y0OP3jdzZ-C2SItm-TUi-iA_bcHCBvaoCumw/edit#gid=0

Mac admins requested the ability to block the automatic setup and Microsoft responded by providing us this key/value pair.

To create a Configuration Profile in your Jamf Pro server:

  1. Create the plist with the setting (copy these two lines and paste into Terminal): /usr/bin/defaults write ~/Desktop/com.microsoft.Outlook.plist \
    OverrideAccountConfigurationWindow -bool TRUE

  2. Convert the new plist on your Desktop from binary to a plain text XML file: /usr/bin/plutil -convert xml1 ~/Desktop/com.microsoft.Outlook.plist

  3. In your JSS, create a new Configuration Profile with a Custom payload. Upload the com.microsoft.Outlook.plist file and save.

You can download the Configuration Profile for testing on a local machine before deploying to your Macs.

Like
SOLVED Posted: by boonkeatgan

@talkingmoose Do you have deployment guide on how to use the script at https://github.com/talkingmoose/Oulook-Exchange-Setup-5.0?

I am quite new to Mac and Jamf.

Thank you!

Like
SOLVED Posted: by talkingmoose

@boonkeatgan, I do! Check out the wiki just a few tabs to the right of the download page:

https://github.com/talkingmoose/Outlook-Exchange-Setup-5/wiki

Like
SOLVED Posted: by boonkeatgan

@talkingmoose Thank you so much!

Like