So far we have learnt how to Install Microsoft PST Capture Tool in a four part series. In this blog we will learn how to disable PST Creation feature so that end users will start using Microsoft Exchange Server 2010 Online Archive feature.
- Before we begin
Working knowledge on Active Directory is a must. Modifying Group Policy might cause Replication issue in a large Active Directory Enterprise.
We recommend that you perform this option only if it is required.
- Permission Required to perform this action
Member of Domain Admins Group is enough.
- Who will be benefitted
Companies who want to be 100% complaint by keeping the emails on Server and not anywhere else can definitely implement the solution listed here.
- Step By Step Guide to Implement the above scenario
For testing purpose I have used the below scenario
Domain Name : MSEXCHANGETEAM.IN
DC Name : DC1
Exchange Server Name : MBX
Client Workstation : Microsoft Windows 7
Outlook Version : Microsoft Outlook 2010
Lets look at Normal Outlook without the Group Policy Enabled.
Figure 1.1 : Microsoft Outlook Date Files option enabled by default.
In figure 1.1 user can add and remove Outlook Data Files. Provided if the user has proper admin rights.
The option to disable this feature is available on Outlook 2003 and 2007, however I have used Outlook 2010 for testing purpose.
By default this option is not available in Active Directory Group Policy Administrative Templates. We have to download the files based on our Outlook Version.
To open Group Policy Log on to a Domain Controller and
Go to Run > Administrative Tools > Group Policy Management
Figure 1.2 : Location to edit the Default Domain Policy.
Default view of Group Policy Administrative Templates without any Microsoft Office Template.
Figure 1.3 : Group Policy without Office Template.
In figure 1.3 as you can see there is no Template for Office Products.
To enable we have to download Office 2010 Administrative Template files. Please click here for download.
Post downloading the files. Extract them and keep them in any folder.
Figure 1.4 : Folders and templates which gets downloaded.
In figure 1.4 you will see exact folders and files. An excel file for reading the settings.
To have this templates added to Group Policy we have to Keep them in Sysvol folder. To do that create a folder in this location as shown below.
Figure : 1.6 : Folder Name and Path.
Ensure that you just create a folder by the name “PolicyDefinitions”
Once the folder is created. Then from ADMX folder as shown in figure 1.4 copy all files if required. Else you can copy only outlk14.admx. to PolicyDefinitions folder.
Figure 1.7 : File name and Extensions.
Since ours is a test environment I have copied the entire files.
You will also have to copy the language files based on your choice which is also available inside ADMX folder.
Create a folder by the name “EN-US” inside PolicyDefinitions folder and copy the content of “en-us” from ADMX folder to “EN-US”.
Figure 1.8 : File name and extensions.
Figure 1.9 : Location to store the language packs.
Figure : 1.10 : Microsoft Office Templates.
In figure 1.10 we will expand Microsoft Outlook 2010 since we will be disabling PST feature. For that under User Configuration Expand Microsoft Outlook 2010.
Figure 1.11 : Location to select.
In figure 1.11 we have to edit both Auto Archive Settings and Disable File | Archive.
Figure 1:12 : Enable Auto Archive Settings.
Now none of Domain Joined users will be able to configure Auto Archive settings.
Figure 1.13 : Enabled Disable File | Archive
Both Auto Archive and Data File creation is now disabled for Microsoft Outlook Clients.
This is not enough. We also have to disable these feature for new and existing Microsoft Outlook Profiles.
Figure 1.14 : PST Settings to be disabled permanently.
In figure 1.14 when you look at the right pane. There are various options to enable and disable, since we are working for PST feature we will select “Prevent Users from adding PST’s to Outlook profiles and/or prevent using Sharing-Exclusive PST’s.”
Figure 1.15 : Prevent Users from adding PST’s to Outlook profiles and/or prevent using Sharing-Exclusive PST’s
In figure 1.15 we will select No PST’s can be added.
Now go to client machine and open command prompt and type below command to enforce the policy.
Figure 1.16 : Command prompt to force group policy.
Now lets login to Outlook and check how it works.
Figure 1.17 : New Outlook Data file.
In figure 1.17 we are not able to add any PST and the “OK” option is greyed out.
Since we have enabled the Group Policy at root level this will be applicable for all domain joined workstations. if you want to restrict this feature for group of people then create an OU and then move them to that OU. Create a GPO object and then link the GPO with that OU.
Educate end users to optimize Microsoft Exchange Server 2010 Online Archive feature.
MSEXCHANGETEAM | Ideas That Clicks