"Microsoft Exchange Add-In" (UmOutlookAddin.dll) + Outlook Security Form ...

Not open for further replies.


Outlook version
Outlook 2010 32 bit
Email Account
Exchange Server

For many years, we've been using the Outlook Security Form with Outlook 2003 clients without any problems.

However, in Outlook 2010, using the form causes the "Microsoft Exchange Add-In" (Mso.dll + UmOutlookAddin.dll) to be caught by the object model guard on start-up and composing messages ("a program is trying to access...").

If we disable that add-in in the Trust Center in Outlook 2010, no warnings appear.

Any idea how to avoid that please?

Also, does anyone know what exactly that add-in is needed for? It seems to be involved in calendar availability info as well as unified messaging so disabling it would be risky.

The Outlook Security form is still in an Exchange 2003 public folder.

I know we can migrate its individual settings to a GPO but that will take time.

We have installed Exchange 2010 servers and started to move mailboxes.

Win7 64-bit with Office 2010 32-bit SP1.

I noticed that when the security form is used, all the options in the programmatic access section are grayed out and no options are checked; editing the registry makes no difference.

If we don't use the form, the options are still all grayed out but the first option is checked ("warn me... when my antivirus is out of date"). The antivirus status is valid in both cases.


- Alan.
Re: "Microsoft Exchange Add-In" (UmOutlookAddin.dll) + Outlook Security Form .

UM = unified messaging. AKA voice mail in Outlook. This allows you to read and reply to voice mail over the phone AFAIK.

The official description for that dll is "Exchange support for Unified Messaging, e-mail permission rules, and calendar availability. "

MSO is a general office dll and is needed for sure.

Do you get a dialog about trusting certificates? Look at File, Options, Trust Center - trusted publishers to see if any are trusted.

Are you applying macro security to addins? (Trust Center > Macro settings) That will kick up the trust certificate warning - if the form doesn't disable that setting, test it and see if trusting it helps.

Programmatic Access: this is always grayed out unless running Outlook as administrator. Default is Warn me... the form handles all these settings and overrides these settings.

These policy keys control the warning - the form probably overrides these policy settings too.


DWORD: PromptOOMSend

Value: 2

DWORD: AdminSecurityMode

Value: 3
Re: "Microsoft Exchange Add-In" (UmOutlookAddin.dll) + Outlook Security Form .

Dang, that was posted before I was finished. :(

Have you seen this -

From Choose security and protection settings for Outlook 2010

To trust a COM add-in, include the file name for the add-in in a Group Policy setting with a calculated hash value for the file. Before you can specify an add-in as trusted by Outlook, you must install a program to calculate the hash value. For information about how to do this, see Manage trusted add-ins for Outlook 2010.

If you enforce customized Outlook security settings with the Microsoft Exchange Server security form that is published in an Exchange Server public folder, you can learn how to trust COM add-ins. Scroll down to the Trusted Code tab section in the Microsoft Office 2003 Resource Kit article, Outlook Security Template Settings.

If the user continues to see security prompts after the add-in is included in the list of trusted add-ins, you must work with the COM add-in developer to resolve the problem. For more information about coding trusted add-ins, see Important Security Notes for Microsoft Outlook COM Add-in Developers.

Manage trusted add-ins for Outlook 2010

Important Security Notes for Microsoft Outlook COM Add-In Developers
Re: "Microsoft Exchange Add-In" (UmOutlookAddin.dll) + Outlook Security Form .

Thanks I've checked all those before posting.

No certificate warnings.

AdminSecurityMode controls whether the form is used or not. We wanted to use it, it's supposed to be perfectly possible (though not ideal).

What I can't understand is that this is Microsoft's own COM add-in that's causing the problem and it's installed as part of Office 2010.

Also, I have other 3rd party COM add-ins (including ones I've written myself) and they give no security warning.

No-where did I have to mention COM add-in names or hashes in the Outlook Security form.
Re: "Microsoft Exchange Add-In" (UmOutlookAddin.dll) + Outlook Security Form .

I believe the warning is due to the fact that the addin is hooking into the address book. Your other addins probably don't.

We use GPO to set security so I've never used the hash method, but it sounds like you install a program, run a file to create the hash then run a bat file to install the hash.

from Manage trusted add-ins for Outlook 2010

To get the hash value for a trusted add-in

1.From the Microsoft Download Center, download the Outlook 2007 Tool: Security Hash Generator (Download Outlook 2007 Tool: Security Hash Generator from Official Microsoft Download Center).

2.Extract the contents to a local folder (such as C:\Hashtool).

3.Run the command prompt for your computer: Click Start, All Programs, Accessories, Command Prompt.

Windows Vista requires an additional step: Right-click Command Prompt, and then select Run as administrator.

4.Change directories to the folder where you extracted the hash tool files.

5.Type the following command, and then press ENTER:

createhash.bat /register

(This step needs to be completed only once.)

6.Type the following command, and then press ENTER:

createhash.bat <filename
Where <filename> is the full path and file name of the add-in file that you are creating the hash number for. There should be no spaces in the file path or file name. If there is, make a copy of the add-in DLL and put it in a folder that has no spaces in the file path or use the short file name and path (8.3 path). The hash is based on the registered DLL and not the location of the DLL.
Not open for further replies.
Similar threads
Thread starter Title Forum Replies Date
Commodore Microsoft Exchange Add-in Using Outlook 2
S Email was migrated from GoDaddy to Microsoft exchange. We lost IMAP ability Exchange Server Administration 1
Z New minimum Outlook for Windows version requirements for Microsoft 365/Exchange Online Using Outlook.com accounts in Outlook 27
I Exchange 2019 - MICROSOFT-CORP-MSN-AS-BLOCK Exchange Server Administration 0
D Microsoft Exchange account - Remote management Using Outlook.com accounts in Outlook 1
S Adding new Exchange (2016) rule very slow down Microsoft Outlook Exchange Server Administration 0
J Microsoft Exchange Emails - Shared Accounts Exchange Server Administration 3
TotallyConfused Godaddy Microsoft exchange 2007 stopped updating Exchange Server Administration 1
R The action cannot be completed. The connection to Microsoft Exchange is unavailable. outlook must be Using Outlook 1
M connection to the microsoft exchange server has been lost. outlook 2007 Exchange Server Administration 0
J archiving deleted e-mails on Microsoft Exchange Exchange Server Administration 7
J Error: 0X8004010F - Microsoft Exchange offline address book Exchange Server Administration 9
N microsoft 365 IMAP Using Outlook 0
T Outlook 365 2 Microsoft Accounts? Using Outlook.com accounts in Outlook 2
S Sync Outlook (2021) tasks with Microsoft To Do Using Outlook 1
Abraham Microsoft limitation !!!! Using Outlook 8
C Outlook 365 Microsoft Support - Please Advise Using Outlook 3
Y Disable Microsoft Outlook Test Message Using Outlook 4
V Outlook 2021 Microsoft Office Pro Plus 2021 - Inexpensive Lifetime License Using Outlook 6
D Change Microsoft Account password - what to do to update on all devices Using Outlook 4
F Microsoft Outlook Connector 14.0.6123.5001 - Help! Using Outlook 6
R Microsoft Outlook 2016 - Gmail not sending, asks for password for SMTP, tried different ports Using Outlook 23
A Backup Email Accounts On OutLook For Mac 2016 (Microsoft 365 subscription version) Using Outlook 0
M Microsoft 365 Outlook keeps requesting password on Local Account Using Outlook 1
A calendar invites sent from Microsoft Outlook to Mac Outlook is not working Using Outlook 2
N .pst archive from work will not open/import on Microsoft 365 Exchange Server Administration 0
A Microsoft Personal vs Work Accounts in Outlook Using Outlook.com accounts in Outlook 7
DariTrevino MIcrosoft Outlook PST file cannot repair Using Outlook 1
P Microsoft Outlook is requesting data from the server Using Outlook 2
C Copy Task to Non-Microsoft PIM "Rainlendar" Using Outlook 0
J Unable to link email messages in BCM using a single microsoft office 365 account in outlook 2013 BCM (Business Contact Manager) 1
Diane Poremsky Cannot start Microsoft Office Outlook Error Message Using Outlook 0
R Microsoft Outlook can't translate this document. Using Outlook 1
tswatek Microsoft Outlook has stopped working Using Outlook 13
I Microsoft Security Update KB3097877 Using Outlook 14
R Microsoft Outlook 2010 - Non Cached Mode Using Outlook 0
padubajacket Microsoft Outlook has stopped working Using Outlook 2
E Microsoft Office Outlook 2007 Send Error Using Outlook 11
S Outlook 2013 not fixed correctly by Microsoft!! Using Outlook 3
THOMAS BRAXTON Microsoft Office 2010 problems Using Outlook 1
Angger Microsoft Outlook 2010 Automatically Restarting Using Outlook 2
S Microsoft office Cannot complete operation error Outlook VBA and Custom Forms 1
Glyn Outlook Microsoft on a Sony Android Using Outlook 4
K Outlook keeps prompting for Microsoft username and password for share calendar Using Outlook 0
D Microsoft Outlook Not Responding Using Outlook 0
G Microsoft Outlook 2010 Add-On Using Outlook 2
J Microsoft Outlook 2007 Font Size Too Small Using Outlook 1
G Cannot start Microsoft Outlook Using Outlook 1
P BCM 2013, Microsoft SQL Server 2008 R2 (SP2), attachment issue n database size BCM (Business Contact Manager) 2
M I cannot start Microsoft Outlook 2013 directly opening a .eml message Using Outlook 1

Similar threads