Does a Shared Folder Policy override a Digital Signature Setting for macros?

Status
Not open for further replies.

noobie

Member
Outlook version
Outlook 2013 32 bit
Email Account
Exchange Server 2013
Hello to everyone,

I hope that someone can help me with my question. But let me describe the situation a bit better first.

I created an Outlook macro that does the following:

- I click on a button, an Outlook UserForm pops up, which has 2 text fields and 2 command buttons.
- I insert two dates (especially for vacation times) into the text boxes, and click on the command button "enter vacation".
- the macro now has Outlook looking for the dates into my calendar, and it writes a whole-day event "vacation" for any day of a workweek within the given range.
- additionally, it fills an Excel calendar sheet with a letter for "vacation" which via conditional formatting transforms into a colour scheme.
- the Excel sheet has the calendars of any of team members (roughly 10-15 people), hence you can see who is in vacation at a certain date (well, at least for the days).
- the macro the loops through any day of the given vacation range and checks the Excel sheet to see who got vacation.
- then, a string is generated with the names or aliases of the team members who are on vacation, and afterwards, this information is put into the Outlook Calendar of each member of the team (so the ones who are working on that day, too).
- the macro of course avoid duplicates, and it looks out for dynamic changes (if a second person got vacation, the string is updated, the old entry in the calendar is removed and the new string is inserted).

Of course, I also opt for the reverse (removing the holiday, and then updating the calendar entries of each member).

NOW: of course, I need some shared folder settings, so person A needs the permission of person B to be able to write an entry into B's Outlook Calendar. I found some setting regarding the calendar authorisations for other (Exchange) users which allows person A to insert a calendar appointment into B's calendar only via macro (it is similar to the "Author" setting, but with the visibility restricted to "Booked/Free").
Outlook2013_Calendar_Permissions.png

Now the problem is as follows:
Users may not be able to delete the appointments in someone else's calendar which they did not create themselves.

But they can insert basically any appointment into another user's calendar via a calendar opening macro like "display other user's shared calendar":

Dim _namespace As Outlook.NameSpace
Dim _recipient As Outlook.Recipient
Dim calendarFolder As Outlook.Folder

Set _namespace = Application.GetNamespace("MAPI")
Set _recipient = _namespace.CreateRecipient(name)
_recipient.Resolve

If _recipient.Resolved Then
Set calendarFolder = _namespace.GetSharedDefaultFolder(_recipient, olFolderCalendar)
'This would display the calendar on the screen:
'calendarFolder.Display

Of course, as a team, we trust each other, but for me personally, I would love to avoid people abusing the shared folders and inserting fake appointments like "meet your lover in the canteen at 12 o'clock" :-D

So I thought of using digital signatures and increased security settings for macros.

What I want to have is a situation in which all appointments in my (or just someone's) calendar that were set up by other users are deleted (or at least a warning is shown) if they do not have a well-known digital signature.

The problem is that this does not seem to work as I wish: if I have high security settings, I cannot use macros that have no digital signature (yeah, that's known probably to anyone). But if I lower the settings and say "allow any macro whether signed or not", I can use the uncertified macro, open another one's shared calendar and insert a fake appointment, regardless of the security settings for the test user.

Is there any way to solve this? E.g. like using the Rule Wizard to run a macro that checks whether an appointment was generated by a uncertified macro? Or that it checks for trusted publishers?

Or am I totally mistaken and there is already a possibility which I just have not seen?

Thank you guys in advance already :)
 
Is there any way to solve this? E.g. like using the Rule Wizard to run a macro that checks whether an appointment was generated by a uncertified macro? Or that it checks for trusted publishers?

I hope it is not a "using code to protect code" scenario :D
 
No one willing to answer?

Is the question understandable? Or is there another thread already which contains the answer? I tried to search within the forum, but with no success so far. Maybe you could redirect me to the certain thread.
 
Okay, let's try to type it in a shorter version:

Question as in the header.

I wrote a macro that uses the shared folder option for the Outlook calendar.

Appointments into other users' calendars still can only be placed via a macro (the authorisation (calendar permission) options are quite good in Outlook). But I could use basically any macro to open the calendar of another user and then add a new appointment. We may trust each other in our team, but I want to avoid fake appointments everywhere.

Now I thought of using a digital signature and allow only for macros by trusted publishers. But the problem is that this only holds for my settings:

If I set the permissions to "macros only by trusted publishers" and use an uncertified macro, I will not be able to place an appointment into someone else's calendar. But if I change the settings to "allow all macros", I can do this with any macro.

But I would prefer the other way round: if another user (team mate) has the settings at "only by trusted publishers", I can never enter their calendar with an uncertified macro. And only if they change their settings, I can do so.

Is there any way to solve this? Or did someone else already post a similar question and I am just too blind to find it?

Post scriptum: I am sorry for my poor English, it is not my first language.
 
Hi,
I think it's a bad way.

Digital Signature does not concern the rights to the mailboxes.
 
Hey,

thank you for your response! Obvious question: is there any way to solve the problem with the possibility of "fake appointments", though? And probably without having to start at beginning again?
 
So I wonder whether I should proceed like the following:

Run the macro in Outlook, insert the vacation into the Excel sheet calendar, filter the sheet for the people who got vacation on a certain date, write a string like "Vacation Team Today: Member A Alias, Member B Alias, Member C Alias, ..."

=> insert the string as an all-day-event into the shared folders of all the team mates, but:

apply the Rule Wizard such that every team member gets some kind of warning (Yes/No-MsgBox) which says which content should be inserted into the calendar (maybe like a header), and probably who wants to insert the appointment (alias of the team member). Then anyone can decide for himself whose content should be inserted, and it would probably be harder to insert fake appointments.

Most likely, I will need to have a lot of exceptions for regular auto-dates, though.

Any other/better suggestions?
 
Status
Not open for further replies.
Similar threads
Thread starter Title Forum Replies Date
Alex Hall When updating shared calendar, it does not automatically update personal calendar Using Outlook 3
D Send on behalf of does not store the base mailbox Using Outlook 0
e_a_g_l_e_p_i Why does MS do these things???? Using Outlook 4
M "Attachment Detacher for Outlook" add in, does it update the server copy of the email? Using Outlook 1
Witzker Outlook 2019 Edit contact from email does not open the user defined contactform Using Outlook 3
J Event/Meeting in Outlook Does Not Align with SharePoint Calendar Using Outlook 5
C Code to move mail with certain attachment name? Does Not work Outlook VBA and Custom Forms 3
J Does the .fdm contain my custom form? How to make ol use it? - ol2007 Outlook VBA and Custom Forms 4
C Why does Outlook (desktop) 365 for Windows keep making me input my passwords? Using Outlook 12
G Script does not exist Outlook VBA and Custom Forms 0
J WshShell.Popup does't timeout Outlook VBA and Custom Forms 3
N Save selected messages VBA does not save replies and/or messages that contain : in subject Outlook VBA and Custom Forms 1
T Junk Email does not get added to the Blocked Sender List Using Outlook 0
L Does this really work and get thru virus and malware blocks? Using Outlook 3
V Outlook 2016 Does Outlook-2016 (64 bit) work with iCloud for Windows ? Using Outlook 5
F Junk Email does not get added to the Blocked Sender List Using Outlook 4
N Free/busy publish at http location does not work Using Outlook 0
T Why does outlook 2010 convert only some forum notifications to plain text? Using Outlook 0
R Auto display of new email does not work on non-default account Outlook VBA and Custom Forms 0
M Deleting attachments does not reduce file size Using Outlook 0
M vCard does not have user-defined fields from my custom contact form (365) Using Outlook 1
M Outlook .com group does not show up in Outlook for office 365 home Using Outlook 3
W Outlook Calendar does not save view any longer! Using Outlook 3
B Outlook 2016 Does not Shutdown Correctly Using Outlook 3
P Desktop doesn't index Outlook IMAP files, laptop Outlook does index those same IMAP files Using Outlook 2
G Entered data in custom field goes in card and does not stay in list view Outlook VBA and Custom Forms 1
Witzker social connector 2010 does not show all emails to or from contact Using Outlook 3
Witzker social connector 2010 does not show all emails to or from contact Using Outlook 0
Rupert Dragwater Email flag does not show up in Outlook2013 Using Outlook 13
J Outlook 2016 message content does not display - outlook.com; exchange Using Outlook.com accounts in Outlook 9
D Outlook 2016 IMAP Connection Returns All Email but outlook.com does NOT Using Outlook.com accounts in Outlook 2
A BCM does not work anymore! BCM (Business Contact Manager) 1
D Outlook 2016: /altvba startup switch does not work Using Outlook 2
A BCM does not work with Windows 10 1703 any more BCM (Business Contact Manager) 3
S Outlook does not open the .pst file created by the Outlook Using Outlook 5
Q Undisclosed recipients does not include sender Using Outlook 1
E What does mean this icon at the picture attached? Using Outlook 2
O Windows 10 x64 Outlook 2013 - URL does not open (anymore) Using Outlook 3
M How does Outlook determine item numbers in a folder? Outlook VBA and Custom Forms 3
LarryS change day template as cpao does not see .catx files Outlook VBA and Custom Forms 4
C Discovery search does not show autoforwarded messages Exchange Server Administration 1
C Unchecking "Send immediately when connected" does not work on apps that call Outlook Using Outlook 1
J Outlook 2010 VBScript editor does not run code at all Outlook VBA and Custom Forms 0
Mark Foley Time span on WebDAV published Calendars does not appear to be working Using Outlook 7
snhnic Macro that does not overwrite but add a number Outlook VBA and Custom Forms 1
Rupert Dragwater Deleting email from Deleted Items does not work Using Outlook 0
G Outlook does not show new appointments in To-Do-Bar Using Outlook 0
G Calendar does not point to deafult data file Using Outlook 0
Diane Poremsky What does the "J" mean? Using Outlook 0
Christiaan Could not complete operation because the service provider does not support it Using Outlook 2

Similar threads

Back
Top