Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
release
Microsoft Corporation
Published: July 2008
Author: Office IT and Servers User Assistance (o12ITdx@microsoft.com)
Abstract
This book provides a detailed description of how Setup for the 2007 Microsoft Office system
works and helps you manage a smooth transition to the new version. Planning for a Microsoft
Office Outlook 2007 is also included in this book. The audiences for this book are IT professionals
who plan, implement, and maintain Office installations in their organizations.
The content in this book is a copy of selected content in the 2007 Office release technical library
(http://go.microsoft.com/fwlink/?LinkId=84741) as of the date above. For the most current content,
see the technical library on the Web.
2
The information contained in this document represents the current view of Microsoft Corporation
on the issues discussed as of the date of publication. Because Microsoft must respond to
changing market conditions, it should not be interpreted to be a commitment on the part of
Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the
date of publication.
This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES,
EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the
rights under copyright, no part of this document may be reproduced, stored in or introduced into a
retrieval system, or transmitted in any form or by any means (electronic, mechanical,
photocopying, recording, or otherwise), or for any purpose, without the express written
permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
Unless otherwise noted, the example companies, organizations, products, domain names, e-mail
addresses, logos, people, places and events depicted herein are fictitious, and no association
with any real company, organization, product, domain name, e-mail address, logo, person, place
or event is intended or should be inferred.
© 2008 Microsoft Corporation. All rights reserved.
Microsoft, Access, Active Directory, Excel, Groove, InfoPath, Internet Explorer, OneNote, Outlook,
PowerPoint, SharePoint, SQL Server, Visio, Windows, Windows Server, and Windows Vista are
either registered trademarks or trademarks of Microsoft Corporation in the United States and/or
other countries.
The names of actual companies and products mentioned herein may be the trademarks of their
respective owners.
ii
Contents
Planning and architecture for the 2007 Office release....................................................................1
Abstract....................................................................................................................................1
Contents.........................................................................................................................................iii
iii
Language packs for Office......................................................................................................18
Installing multiple languages of Office.......................................................................................19
Installing a default language on each user's computer...........................................................20
Specifying one or more languages to install on users' computers..........................................20
Installing language packs separately......................................................................................21
Installing Proofing Tools..........................................................................................................21
Adding languages after Office is installed...............................................................................21
Introduction to OMPM...................................................................................................................38
iv
OMPM contents.........................................................................................................................38
Installing OMPM........................................................................................................................39
OMPM requirements..................................................................................................................39
Client system requirements....................................................................................................39
Administrator system requirements........................................................................................40
How the OMPM File Scanner works..........................................................................................41
Log and CAB files generated by the OMPM File Scanner.........................................................42
Files scanned by the OMPM File Scanner.................................................................................43
v
Migration considerations for Excel 2007.......................................................................................71
Changes in Office Excel 2007....................................................................................................71
New file formats..................................................................................................................71
Larger grid size...................................................................................................................72
New user interface..............................................................................................................72
Opening Excel 97–2003 workbooks in Office Excel 2007..........................................................72
Compatibility Tools.................................................................................................................73
Compatibility Mode.............................................................................................................73
Compatibility Checker.........................................................................................................73
Format changes.....................................................................................................................74
New and renamed file names and file name extensions.....................................................74
Support is removed for some file formats............................................................................74
HTML file format for publishing only....................................................................................75
Microsoft Script Editor.........................................................................................................75
Visualization and design.........................................................................................................75
AutoFormat.........................................................................................................................75
Charting..............................................................................................................................76
Shapes................................................................................................................................77
Lists and PivotTables..............................................................................................................77
AutoFilter.............................................................................................................................78
AutoFilterMode property.....................................................................................................78
Lists are now called tables..................................................................................................78
Adding new records to a table.............................................................................................78
Table name.........................................................................................................................78
Office SharePoint Server 2007 lists and write-back............................................................79
PivotTables..........................................................................................................................79
Tracking customizations......................................................................................................81
References and names..............................................................................................................81
Full row or column references.............................................................................................81
Names and column header labels.......................................................................................82
Opening Office Excel 2007 workbooks in earlier versions of Office Excel.................................82
Conditional formatting............................................................................................................82
Formatting is retained.............................................................................................................83
Designing formats for use in multiple versions.......................................................................83
Incompatible grid size.............................................................................................................84
Incompatible tables and lists..................................................................................................84
External data queries.............................................................................................................85
New security features................................................................................................................85
Trust Center and the Message Bar.........................................................................................85
Trusted Locations...................................................................................................................86
Empty macros........................................................................................................................86
Change in security levels.......................................................................................................86
Programmability issues..........................................................................................................86
Interaction between Office Excel 2007 and Internet Explorer.................................................87
vi
Migration considerations for Word 2007........................................................................................88
Migrating files to the new file format..........................................................................................88
Migrating AutoText entries.........................................................................................................88
Migrating customizations...........................................................................................................89
Migrating Add-ins.......................................................................................................................90
Migrating AutoCorrect entries....................................................................................................90
Migrating the data key...............................................................................................................90
Planning for installing and upgrading Outlook 2007 (Office Resource Kit)....................................92
vii
Specifying Outlook user settings.............................................................................................102
Customizing Outlook profiles...................................................................................................103
Configure Outlook Send/Receive settings...............................................................................103
viii
Planning for security and protection in Outlook 2007 (Office Resource Kit)................................128
ix
IV Planning for Group Policy for the 2007 Office system...........................................................146
x
I Evaluating the new Setup architecture
In this section:
Setup sequence of events in the 2007 Office system
Language-neutral architecture in the 2007 Office system
Streamlined customization model for the 2007 Office system
Required local installation source for the 2007 Office system
Consolidated update process for the 2007 Office system
Simplified design for multiple languages in the 2007 Office system
1
Setup sequence of events in the 2007 Office
system
Unlike previous versions, the 2007 Microsoft Office system is not installed as a single Windows
Installer package (MSI file). Instead, a language-neutral core package is combined with one or
more language-specific packages to make a complete product. Setup assembles the individual
packages and orchestrates a seamless installation. Setup also handles customization and
maintenance tasks during and after Office is installed on users' computers.
Typically, the first step in a corporate installation of Office is to create a network installation point
—a task as simple as copying all the files and folders from the Office product CD to a shared
network location. At a minimum, the network installation point contains the language-neutral core
package plus language-specific folders for one language. This installation point serves as the
initial source for all users who install Office.
In the simplest scenario, you deploy an Office product from the network installation point with one
language version and a single set of customizations for all users. Setup handles this scenario
automatically. If you deploy multiple products or languages, you can add them to the same
network installation point and specify exactly which products and languages to include in the
installation. In all of these scenarios, Setup performs the same tasks to assemble the correct set
of MSI files and to complete the installation.
Note
Unlike previous versions of Microsoft Office products, the 2007 Office system does not
allow you to create an administrative installation point by running Setup with the /a
command-line option to extract compressed source files. Instead, all installations occur
from the compressed source.
2
Run Setup
Setup.exe is the program that initiates all the mechanisms of the installation process; it is located
at the root of the network installation point. You run Setup once for each Office product you install.
When it runs, Setup searches the network installation point for an Office product to install. If the
installation point contains more than one Office product, Setup presents the user with a choice of
products to install.
You can circumvent the selection process and determine which Office product is installed by
pointing Setup.exe to the Config.xml file in a core product folder. For example, if you want to
install Microsoft Office Standard 2007, you can use the following command line:
\\server\share\Office12\setup.exe /config \\server\share\Office12\Standard.WW\Config.xml
where Office12 is the root of the network installation point.
In previous versions of Office, Setup.exe called Windows Installer (Msiexec.exe) to perform the
installation of Office. Although Setup still uses Windows Installer, Setup bypasses the Windows
Installer executable program. The Msiexec.exe command line cannot be used to install the 2007
Office system.
Note
This version of Setup.exe recognizes only a few command-line options. For more
information, see Setup command-line options for the 2007 Office system.
Check prerequisites
When Setup starts, it checks for a number of installation prerequisites, including minimum
operating system requirements and administrative rights. A user must be an administrator of the
client computer in order to install Office, or you must use a tool such as Microsoft Systems
Management Server to run the installation with elevated privileges.
For more information about giving users administrative rights for an Office installation, see Deploy
the 2007 Office system to users who are not administrators.
3
• Identify a product and the available languages for that product.
• Match language-neutral and language-specific elements to create complete features.
• Build a consolidated feature tree.
• Collect the set of MSI files required for the installation.
Note
The Setup.xml and Package.xml files are signed and cannot be modified. Altering these
files causes Setup to fail.
Config.xml
Each core product folder contains a Config.xml file that directs Setup to install that product. You
can edit Config.xml to customize the installation process. For example, you can use elements in
Config.xml to specify which products or languages to include in the installation. Settings in
Config.xml take precedence over settings in a customization file and default settings contained in
the Setup.xml and Package.xml files.
For more information about how and when to edit Config.xml, see Config.xml file in the 2007
Office system.
4
Create a local installation source
Setup calls a program named Office Source Engine (Ose.exe) to create a required local
installation source on the user's computer. To create the local installation source, Setup copies
files from the installation point to a hidden location on the user's computer. The default location
is \MSOCache\All Users at the root of the drive on which Office is installed. Later, Setup uses
Windows Installer to install Office from this local installation source.
The local installation source provides several important benefits:
• After Office is installed, Setup can repair, reinstall, or add Office features by using the
local source.
• Users who are applying software updates are less likely to be prompted for a network or
CD source because an installation source is available locally.
• You can deploy the local installation source in advance and trigger the installation of
Office on users' computers later to reduce the load on the network. In this scenario, you can
even run Setup from the local installation source, allowing users to complete the Office
installation with no network connection.
For more information about the local installation source, see Required local installation source for
the 2007 Office system.
Install Office
When the installation begins, Setup checks for required disk space and feature dependencies,
and then calls Windows Installer to install the correct set of packages (MSI files) on the user's
computer from the local installation source. Setup uses the XML data described previously to
determine which set of MSI files to include. The progress bar that Setup displays to users during
the installation takes the entire installation process into account, including applying
customizations and software updates from the Updates folder.
Note
Although Setup uses Windows Installer to install Office, Windows Installer alone cannot
install the individual MSI files independent of Setup.
5
If you create different configurations for different groups of users, Microsoft recommends that you
store the customization files in another location and then use the /adminfile option on the Setup
command line to specify the file you want. For example:
\\server\share\Office12\setup.exe /adminfile
\\server\share\Office12\MyUpdates\Engineering.msp
where Office12 is the root of the network installation point.
Note
When you precache the local installation source, Setup copies the Updates folder from
the network installation point to the local installation source. In this way, your
customizations can be included in offline installation scenarios. This is the only
circumstance in which Setup caches the customization file on the local computer before
the installation. For more information, see Precache the local installation source for the
2007 Office system.
Note
You cannot use the Updates folder to deploy product updates after the initial installation
of Office.
For more information about the software update process, see Consolidated update process for
the 2007 Office system.
Note
When you copy multiple Office products to the same installation point, you might be
prompted to overwrite shared Setup files. Because these files are duplicated among all
6
2007 Office system products, you do not need to recopy any of the duplicate folders. This
efficient design saves space and ensures consistency when you create and replicate
network installation points.
For more information, see Sequentially install multiple products of the 2007 Office system.
See Also
• Language-neutral architecture in the 2007 Office system
7
The Setup architecture in the 2007 Office system has been designed to streamline all of these
aspects of the process of installing and maintaining Office. The new Setup program unifies and
manages the entire installation process, including customizing users’ Office configuration,
deploying multiple languages at once, and applying software updates to new installations.
8
• Config.xml—XML data read by Setup.exe
• Word.en-us folder
• WordMUI.msi—Windows Installer package
• WordLR.cab—Compressed cabinet file
• WordMUI.xml—XML data read by Setup.exe
• Setup.xml—XML data read by Setup.exe
• Word.fr-fr folder
• WordMUI.msi—Windows Installer package
• WordLR.cab—Compressed cabinet file
• WordMUI.xml—XML data read by Setup.exe
• Setup.xml—XML data read by Setup.exe
The Office Standard 2007 product is spread out among the files in these folders. For example,
elements that are not specific to any language, such as Winword.exe (the executable file for
Microsoft Office Word 2007), reside in the core Standard.WW package. Other elements, such as
Help and the user interface for Office Word 2007, reside in the appropriate language-specific
package for Word or for shared Office features.
Both language-neutral and language-specific elements are needed to make a functionally
complete feature. Winword.exe by itself does not represent a Word application that anyone can
use. Similarly, the core Office Standard 2007 MSI file in the Standard.WW folder does not
represent a complete Office product.
Setup assembles all these parts into a whole product. The Package.xml and Setup.xml files in
each folder contain information that Setup uses to assemble complete features, build a
consolidated feature tree, and collect the correct set of MSI files for the installation. After
collecting the XML data and assembling the required MSI files, Setup uses Windows Installer to
install Office on the user’s computer. From a user’s perspective, this process happens
automatically and seamlessly.
You cannot deploy an individual application in the 2007 Office system by detaching the language-
specific folder that contains the individual MSI file, such as the Word.en-us or Word.fr-fr folder.
You can, however, determine which applications and features are installed on users’ computers
by customizing the installation.
Note
None of the MSI files on an Office installation point can be installed independently by
using Windows Installer or any other method. Nor can the digitally-signed XML files
(Setup.xml and Package.xml) be edited or altered. In the 2007 Office system, Setup is
required to collect the files and installation information and to orchestrate the installation
process.
See Also
• Setup sequence of events in the 2007 Office system
• Streamlined customization model for the 2007 Office system
9
Streamlined customization model for the
2007 Office system
In previous versions of Microsoft Office, several tools were required to customize Setup and to
manage Office after installation. However, the 2007 Microsoft Office system provides a
consistent, streamlined model. Using just Setup, you can install, customize, and manage
Office — no additional tools are needed.
10
• Specify the default values for a large number of user options, including Microsoft Outlook
settings.
For information about how to customize Setup in this way, see Customize Setup before installing
the Office 2007 system.
Note
There are some customizations that Setup applies only when you are installing Office for
the first time. These include specifying where to install Office on the user's computer,
defining the product key, and removing previous versions of Office applications. The OCT
identifies which customizations apply only to a new installation.
For more information about updating an existing Office installation, see Change users'
configurations after installing the 2007 Office system.
Note
If you specify both a Setup customization file and the Config.xml file, the customizations
you define in Config.xml take precedence over the same customizations in the
customization file.
11
For a complete description of the contents and format of the Config.xml file, see Config.xml file in
the 2007 Office system.
See Also
• Office Customization Tool in the 2007 Office system
• Config.xml file in the 2007 Office system
12
Required local installation source for the
2007 Office system
In the 2007 Microsoft Office system, Setup creates a local installation source on the user's
computer as part of the default installation process. Setup installs all 2007 Office system products
in a two-step process: first, Setup copies compressed installation source files to the user's
computer; second, Setup calls Windows Installer to perform the actual installation from the local
installation source. After the installation is complete, the local installation source remains
available for any Setup operations that require access to an original source. Minimum disk space
requirements include the local installation source.
Note
In Microsoft Office 2003, large organizations typically installed the product from an
administrative installation point; installing from a local installation source was optional. In
the 2007 Office system, however, the administrative installation option no longer exists,
and the local installation source is a required part of the design.
The local installation source makes the process of distributing software updates more efficient
and reliable. Neither the network installation point nor the user's local installation source is ever
updated directly. Users' installations remain synchronized when they apply the client version of
software updates.
Additional benefits of having a complete installation source always available on the local
computer include the following:
• You can deploy the local installation source to users before they install Office. This
minimizes the impact on the network and ensures that all users install the product and begin
using 2007 Office system applications at exactly the same time.
• Users can perform maintenance tasks, such as applying software updates, without being
prompted for their Office CD or a network source.
• Traveling users, or users with slow or intermittent network connections, can run Setup
without access to the network if they have a local installation source installed in advance.
These benefits come at minimal cost. Although the local installation source does use some hard
disk space, creating the local installation source and installing Office takes approximately the
same amount of time as installing Office by itself.
13
Each package that comprises an Office product—both the language-neutral core package and
one or more language-specific packages—has a separate download code and is cached in the
subfolder under MSOCache\All Users. Setup always caches a complete local installation source,
which includes all the files associated with the product that is being installed. If the installation
point includes multiple languages, Setup caches only the packages for the languages that are
installed on the user's computer.
When additional Office products are installed on the user's computer, those products are cached
in the same local installation source.
Note
If a user installs a second Office product on a different drive, Setup creates a second
local installation source at the root of that drive. In this scenario, shared files may be
duplicated between the two local installation sources; however, this design ensures that
each local installation source is complete and functions correctly.
Users cannot inadvertently delete the local installation source or remove it by using the Setup
user interface or the Windows Disk Cleanup Wizard. If the MSOCache folder is deleted or
corrupted, Setup automatically re-creates or repairs the folder the next time a source is required.
If users do not have sufficient disk space, they are prompted to free some space. You can rely on
the fact that every user has access to a source when you distribute new updates or
customizations.
Note
Once the local installation source is created, its location on the user's computer is fixed.
Unless the user specifies a different drive, additional Office products installed later are
always added to the existing MSOCache\All Users folder.
14
Consolidated update process for the 2007
Office system
In previous versions of Microsoft Office, you made a number of choices to ensure that client
computers received the latest Office software updates and that client computers did not become
out of sync with the administrative installation point. You might have configured Setup to chain
software updates with new installations of Office, or you might have applied updates to the
administrative installation point and reinstalled Office on all your client computers.
The new architecture of the 2007 Microsoft Office system makes this process much simpler. In
the 2007 Office system, you create a network installation point that you never have to update.
Instead, a simple copy operation makes software updates available for new installations. You
update existing installations independent of the network installation point so you do not have to
worry about keeping client computers synchronized with the installation source.
Note
You can use the Updates folder to incorporate the installation of updates with an initial
installation of the 2007 Office system products. Only Windows Installer update files
contained in this folder are installed with the initial installation, so you must extract the
updates from Microsoft Self-Extractor packages. You can also install customization
updates by using this method. For detailed information, see Deploying software updates
with an initial 2007 Office system installation.
When you run Setup to install Office on a client computer, Setup looks in the Updates folder for
software updates and incorporates the updates automatically as it installs Office. If there are
multiple updates in the folder, Setup applies only those updates that are targeted at the Office
product being installed. Setup also applies the updates in the correct sequential order. The result
is that the user receives the latest updates with the new installation of Office.
Tip
To direct Setup to look for software updates in a folder other than Updates, use the
SetupUpdates element in the Config.xml file. For more information, see SetupUpdates in
Config.xml file in the 2007 Office system.
15
information about deploying software updates after an initial installation of the 2007 Office release
by using Microsoft Self-Extractor files, see Deploying all Microsoft Self-Extractor packages in a
folder. For details on keeping existing Office installations up to date, see Distribute product
updates for the 2007 Office system.
Note
After Office is installed on a client computer, reinstalling Office reapplies only those
software updates that were applied with the original installation. If you copied new
software updates in the Updates folder, they are not applied during the reinstallation.
See Also
• Language-neutral architecture in the 2007 Office system
• Distribute product updates for the 2007 Office system
16
Simplified design for multiple languages in
the 2007 Office system
In an international environment, corporate language requirements are often complex. For
example, offices around the world might need to use Office in multiple languages, or one user
might need to work with more than one language. The 2007 Microsoft Office system
accommodates these multilanguage scenarios efficiently and consistently.
17
• Excel.fr-fr folder—French Excel features
• Outlook.fr-fr folder—French Outlook features
• PowerPoint.fr-fr folder—French PowerPoint features
• Word.fr-fr folder—French Word features
In both cases, the core package (StandardWW.msi in the Standard.WW folder) is identical, and it
accommodates both English and French language packages in the same way.
Note
These examples show only a portion of the network installation point. You may see
additional folders, all of which follow the same naming conventions show here.
18
Language-specific features for Microsoft Office Visio 2007 are handled in a similar way. For
example, the Japanese SLP includes the following folders for Office Visio 2007:
Office 2007 network installation point
• Visio.ja-jp folder—Japanese Visio features
• VMUI.ja-jp folder—Defines the Visio language pack as a separate product
All three language packs on a specific SLP share some common folders—the Office.ll-cc folder
(for shared Office features) and the XMUI.ll-cc folder (for culture definition). In the preceding
example, the Office.ja-jp and the XMUI.ja-jp folders are shared by Office, Visio, and Project
language packs.
Language packs can be deployed as separate products, or they can be used to deploy an Office
product in multiple languages. You are not required to enter a unique product key for language
packs, whether you are deploying them separately or as part of the installation of another
product.
Note
In previous versions of Office, enterprise customers added languages by deploying
Multilanguage User Interface (MUI) packs after a U.S. English version of Office was
installed. Localized versions, such as the Japanese version of Office Standard Edition,
were not identical to the core version with a Japanese MUI pack. This design has been
simplified and improved in the 2007 Office system.
19
Note
Before it installs a language version of an Office product, Setup determines whether the
user has the required operating system support for that language. Setup stops the
installation if there is no support. For example, if a user has not enabled support for East
Asian languages, Setup does not install the Japanese version of Office.
Note
Language packs cannot be deployed as products independent of an 2007 Office system
product. If the user has already installed at least one 2007 Office system product,
however, then Setup treats the language packs as products and includes them in the list
of products that the user can choose to install.
Important
When you edit the Config.xml file to install more than language, you must also specify
which of those languages Setup uses for the shell user interface (Shell UI). The Shell UI
20
includes core elements of Office that register with the operating system, such file
extensions, Tool Tips, and right-click menu items. Failure to specify a Shell UI language in
this scenario causes the installation to fail. For more information about managing the
deployment of multiple languages, see Customize a multilanguage deployment of the
2007 Office system.
Note
To install a language pack, users must first have an Office product installed. Although
Setup can install the language pack as a separate product, a language pack by itself
does not function as a complete 2007 Office system product. A core product is always
required.
21
For more information, see Add languages after deploying the 2007 Office system.
See Also
• Customize language settings for the 2007 Office system
22
II Planning for migration
In this section:
Preparing for Migration to the 2007 Office system
Assessing your environment with the Office Migration Planning Manager
Migration considerations by application
23
Preparing for migration to the 2007 Office
system
In this chapter:
Plan and prepare for migration to the 2007 Office system
Review migration issues for the 2007 Office system
Determining the best migration strategy
Collaborating with previous versions of Office and other programs
FAQ: File format
See Also
• Assessing your environment with the Office Migration Planning Manager
• Migration considerations by application
• Migration reference
• Migrating to the 2007 Office system
24
Plan and prepare for migration to the 2007
Office system
The 2007 Microsoft Office system is a major release that offers many improvements and new
features in response to customer needs. Changes such as the new file format and new Setup
architecture require careful planning and preparation before upgrading. Your migration planning
will include evaluating the files in your environment, identifying potential conversion issues, and
reviewing migration considerations for each program within 2007 Office system.
The Office Migration Planning Manager (OMPM) enables you to examine the files in your
environment and decide whether to archive them, convert them in bulk with the Office File
Converter available in OMPM, or convert them manually. You will also determine the approach to
upgrade and migration within your organization.
Planning a migration to the 2007 Office system includes the following:
1. Review top migration issues. For more information, see Review migration issues for the
2007 Office system.
2. Review differences between the 2007 Office system and Office 2003. For more
information, see Differences in the 2007 Office system. Many of these issues are detected by
the OMPM Office File Scanner. Others might require a difference in user behavior, or might
require changes in custom solutions.
3. Review file format changes. For quick information about file format changes, see FAQ:
File format. For more in-depth information about the new file formats, see File format
reference.
4. Review collaboration issues for the 2007 Office system. For more information, see
Collaborating with previous versions of Office and other programs.
5. Assess your environment with OMPM. This involves the following steps:
a. Install and configure OMPM File Scanner.
b. Distribute OMPM File Scanner.
c. Prepare a SQL database for OMPM.
d. Import OMPM log files into the database.
e. Analyze reports from OMPM.
6. Plan an approach to migration. For more information, see Determining the best migration
strategy.
25
Collaborating with previous versions of
Office and other programs
While the best way to minimize compatibility issues is to standardize your environment on a
single file format, many organizations will need to deploy the 2007 Microsoft Office system in a
phased rollout, or will need to collaborate with other companies. For this reason, Microsoft Office
Excel 2007, Microsoft Office Word 2007, and Microsoft Office PowerPoint 2007 contain features
to ensure compatibility with previous versions of Office. You can use the Microsoft Office
Compatibility Pack to allow backward compatibility, so that previous versions of Office can open
and save files in the new file format. In addition, the openness of the new file format makes it
more compatible with non-Office programs.
Viewers
The 2007 Office system viewers enable sharing 2007 Office release files with users who do not
have the 2007 Office system or the Microsoft Office Compatibility Pack installed on their
computers. The viewers allow users to view and print, but do not allow edit operations. You can
find these downloadable files on the Office Resource Kit Web site.
Each viewer (one each for Office Word 2007, Office Excel 2007, and Office PowerPoint 2007) is a
separate MSI package and must be installed separately.
26
The viewers coexist with previous versions of Office applications.
Note
By default, compatibility mode is on when a file from a previous version of Office is in use.
For more information about compatibility mode, see Compatibility mode in the 2007 Office
system.
Compatibility checker
Compatibility checker is a dialog box that appears when there are features in a document that
would be lost or degraded, either when a document is saved in an previous format or switched
into compatibility mode. The dialog box lists all the features that are affected, and enables the
user to cancel the operation, continue with the save, or switch into compatibility mode.
Compatibility checker does not appear when:
• There are no identifiable issues in the document.
• The user has disabled compatibility checking in the document.
If a user has chosen not to run the compatibility checker tool when a file is saved, it can be turned
back on by running the compatibility checker manually from the File menu.
The list of compatibility issues in the compatibility checker dialog box are grouped by:
• Minor issues. Changes in the visual appearance of content are small or there is a minor
change in how a legacy Office application edits the content.
27
• Major issues. Feature data is lost or severely degraded when it is saved to the binary
format. Users of the 2007 Office system can run the compatibility checker on a file at any time
to see what issues might exist.
Backward compatibility
When a user creates a file in the 2007 Office system and opens it in a previous version of Office,
some of the graphic content is converted to images instead of autoshapes (ready-made shapes
that are included in Office applications). This happens because a previous version of Office
cannot render the new graphic effects in the 2007 Office system. When opened, the file is
converted to the binary file format supported by the application. The print quality of a new file in a
previous version of Office is affected by the limitations of that version.
In addition, backward compatibility can affect the view of a Office PowerPoint 2007 presentation.
Some animations are changed or removed during the conversion if they are not supported in the
previous version of PowerPoint. For example, a shape can have a color effect in the 2007 Office
system that is removed during the conversion, because this effect is not supported in previous
versions. Presentations with few or subtle animations are most likely not affected.
28
Compatibility with other programs
You can perform the following actions with files in the new file formats without using an Office
application:
• View content.
• Delete content.
• Edit content.
• Replace content.
• Copy content from one file to another.
• Identify the degree of security a file will have by examining the file name extension.
• Use search tools to examine the contents of a file.
• Programmatically find and manipulate content in a file without using Visual Basic for
Applications (VBA) or the object model.
The new file formats are not proprietary; they are available on a royalty-free basis to any user.
Third-party developers can create programs that manipulate the XML files without using Office
applications or the related Office object models. You can get free downloads of XML schema
definitions on the Internet.
See Also
• Assessing your environment with the Office Migration Planning Manager
• File format reference
• Migration reference
29
FAQ: File format
The 2007 Microsoft Office system introduces a new file format based on open extensible markup
language (XML) standards. The new file format enhances functionality, security, and
programmability. This FAQ addresses questions you might have about the new file format.
30
How can users collaborate on files when they use
different versions of Office?
There are several ways that people using different versions of Office can collaborate. Users need
to share files without encountering any issues with formatting, styles, printing, or feature
incompatibility. Users should be able open files received from others, make changes, and send
the updated file back regardless of the version of Office they are using.
A set of tools is available for Office 2000, Office XP, and Office 2003 to allow these versions to
recognize, open, modify, and save files that are in the new XML format. For more information
about the updates and converters available for previous versions of Office, see Collaborating with
previous versions of Office and other programs.
In addition, the 2007 Office system minimizes file compatibility issues by including the following
features:
• The ability to save files in 2007 Office system to the previous file formats.
• The ability for features that are only available in the 2007 Office system to successfully
roundtrip, or go from the 2007 Office system to a previous version of Office, and then back
again.
• Group Policy settings that allow you to control the default file formats for each Office
application.
• Compatibility mode, which disables features that are not compatible with previous
versions.
• A compatibility checker, which informs the user about any features in the document that
might not be compatible with previous versions of Office.
31
File sizes have increased with each new version
of Office. Will this happen again with the 2007
Office system?
Files created in the new XML formats are up to 75 percent smaller than those in previous
versions of Office. For example, a 100-KB file with no graphics that is created by using Office
2003 is reduced to about 25 KB in size when saved in the 2007 Office system. These files take up
less server space and consume less network bandwidth.
See Also
• Preparing for migration to the 2007 Office system
• Assessing your environment with the Office Migration Planning Manager
• Migrating to the 2007 Office system
• File format reference
32
Review migration issues for the 2007 Office
system
As part of your migration planning, review the following topics for migration issues that are
relevant to your environment:
• Top migration issues in Office 2007
• Differences in the 2007 Office system
• Collaborating with previous versions of Office and other programs
• Migration considerations for Access 2007
• Migration considerations for Excel 2007
• Migration considerations for Word 2007
• Migration considerations for Outlook 2007
33
Determining the best migration strategy
The timing and method of your migration to the new XML file formats in the 2007 Microsoft Office
system depends on the following factors:
• When do you expect to deploy the 2007 Office system, and how long will it take to deploy
the 2007 Office system to all users and all departments? If you need a rapid deployment,
consider a single rollout. For more information, see Single rollout in this topic. If you plan to
deploy the 2007 Office system over a long period of time, consider a phased rollout, so that
you can plan your hardware, software, support, and training resources evenly over the time
that the deployment takes. For more information, see Phased rollout in this topic.
• Do you plan to have long-term coexistence between the 2007 Office system and previous
versions of Office, and how much collaboration do you expect to occur between different
departments that continue to use previous versions of Office? If your organization requires
long-term coexistence, or if you expect long-term collaboration on Office documents for users
of the 2007 Office system and previous versions of Office, see Phased rollout in this topic.
• How many active Office documents are in use in your organization? If you have many
files that require conversion or modification before they can be used with the 2007 Office
system (for example, a custom Excel solution might require some changes before users can
use it reliably with Microsoft Office Excel 2007), it might be a good idea to plan your
deployment in stages. For more information, see Phased rollout in this topic.
If you have many files and need to assess the impact of migrating them, you can use the Office
Migration Planning Manager (OMPM). You can also use OMPM to convert files in bulk, if you
determine that this method is best for your environment. For more information, see Assessing
your environment with the Office Migration Planning Manager.
If you expect long-term coexistence, where users need to collaborate on documents by using
different versions of Office, plan on using Group Policy settings and educating your users about
compatibility mode and compatibility checker. For more information, see Compatibility mode in
the 2007 Office system.
There are two recommended methods for preparing your organization to use the new file format:
• Single rollout
• Phased rollout
In addition, some organizations might prefer to roll out the 2007 Office system on an as-needed
basis, as new computers are added to the environment.
Single rollout
A single rollout is recommended, if possible. If you distribute the 2007 Office system to all users
at the same time, there are no special considerations for when users can start creating and using
files with the new XML file formats. If your organization shares files with external users who are
using previous versions of Office, you can either continue using the older file formats in the 2007
Office system or recommend that external customers apply the Microsoft Office Compatibility
34
Pack for Word, Excel, and PowerPoint 2007 File Formats, available at Microsoft Office
Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
(http://go.microsoft.com/fwlink?LinkID=77512).
If you perform a single rollout, documents generated after installation of the 2007 Office system
will be in the new file format unless you use a Group Policy setting to specify using earlier file
formats.
If you plan a rapid deployment, and not all of your users are ready to migrate their files or
applications to the new file formats, you might want to set default File Save options to the file
formats in Office 2003 until all users are ready to use the new file formats. If you want your users
to begin using the new file formats right away, you might consider converting their Word, Excel,
and PowerPoint files with the Office File Converter that is available with the Office Migration
Planning Manager. For more information, see Migrate Word, Excel, and PowerPoint files to the
2007 Office system.
Phased rollout
A phased rollout is the next best option. If the 2007 Office system will be installed on a significant
number of clients or will be phased into various departments, the key date that determines when
you should install the 2007 Office system is linked to when you want to adopt the new file
formats. To avoid this installation limitation, you can use Group Policy to decouple the deployment
of the 2007 Office system from the enabling of the new file formats.
If you are using a phased rollout, you need to determine:
• When your organization wants to begin using the new file formats.
• Whether users are willing to work in a mixed environment, with more than one version of
Office in use.
If users are willing to work in a mixed environment of old and new file formats, you need to make
sure that everyone who is using previous versions of Office has the appropriate updates and
converters, available at Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007
File Formats (http://go.microsoft.com/fwlink?LinkID=77512).
If users are unwilling to work in a mixed environment, and your organization is targeting a specific
date when all users must convert to the new file formats, use Group Policy to set the default file
format as the binary format used in previous versions of Office. This allows you to set default file
types created by users but does not block users from creating 2007 files with the new file formats.
After the 2007 Office system is installed, and when you are ready to enable the new file format
across the entire company, change the Group Policy setting to enable the new file formats as the
default file types. This allows you to avoid updating and applying converters to computers running
previous versions of Office. This can lower costs and allow continued collaboration throughout the
deployment cycle. It is recommended, however, that you notify all users that they should not use
the new file formats until instructed to do so.
You can use the Office Migration Planning Manager to identify users' files and to determine issues
that might arise during conversion. For more information, see Assessing your environment with
the Office Migration Planning Manager. You can also convert Word, Excel, and PowerPoint files in
35
bulk with the Office File Converter that is available with the Office Migration Planning Manager.
For more information, see Migrate Word, Excel, and PowerPoint files to the 2007 Office system.
As-needed rollout
An as-needed rollout is not recommended but might be necessary in some environments. For
example, an organization might deploy the 2007 Office system on an as-needed basis when it
cannot plan for a major upgrade but is willing to purchase replacement computers that are pre-
installed with the 2007 Office system. This approach is difficult to control, especially in an
environment that does not have Active Directory directory service, which is required in order to
set default options for saving files via Group Policy.
See Also
• Collaborating with previous versions of Office and other programs
• Assessing your environment with the Office Migration Planning Manager
• Migration considerations by application
• Migration reference
36
Assessing your environment with the Office
Migration Planning Manager
In this chapter:
Introduction to OMPM
Install and configure OMPM File Scanner
Distribute OMPM File Scanner
Prepare a SQL database for OMPM
Import OMPM log files into the database
Analyze reports from OMPM
See Also
• Preparing for migration to the 2007 Office system
• Migration considerations by application
• Migration reference
• Migrating to the 2007 Office system
37
Introduction to OMPM
The Office Migration Planning Manager (OMPM) is a collection of tools that enables you to
prepare for migration to the Microsoft 2007 Office system. OMPM checks for, and reports on, file
properties to help you analyze your environment. You can download OMPM from 2007 Microsoft
Office System Migration Guidance: Microsoft Office Migration Planning Manager
(http://go.microsoft.com/fwlink?linkid=75727).
For the most part, documents created in Office 2003 and earlier open and behave the same way
in the 2007 Office release. However, there might be instances where files require manual
intervention or analysis to ensure consistent behavior. For example, a custom solution built in
Microsoft Excel 2003 might require modification because it relies on legacy Office features that
are no longer supported in Excel 2007.
OMPM includes the following features:
• The OMPM File Scanner (offscan.exe), a command-line tool that scans files for
conversion issues. You can easily deploy this tool using an automated software deployment
technology, such as SMS, or a login script. The OMPM File Scanner stores the scan results
in XML log files on each computer that it scans. The OMPM File Scanner performs two types
of scans:
• A light scan that quickly identifies the Office documents on a user’s computer or
network file system.
• A deep scan that you can perform on Office documents to gather document
properties that provide indicators of potential conversion issues.
• A set of utilities that automate the creation of a new database (either SQL Server 2000,
SQL Server 2005, or SQL Express) and import the XML log files generated by the OMPM File
Scanner.
• A Microsoft Access 2007–based reporting solution that provides different reports for your
analysis and enables you to define file sets for automated processing.
• The Office File Converter (OFC) that allows you to convert specific files to the new 2007
Office release file formats in bulk.
• The Version Extraction Tool (VET) that allows you to extract saved versions of a file in
Word 2003 (or earlier) to different files.
OMPM contents
OMPM is contained in a self-extracting executable file, MigrationPlanningManager.exe. OMPM
Components are contained in redistributable subfolders:
• Scan: The folder containing the OMPM File Scanner.
• Report: The folder containing OMPM Reports. To export file lists from OMPM Reports,
the database folder and related components must also be available.
• Database: The folder containing scripts to provision and populate the OMPM database.
38
• Tools: The folder containing tools such as the Office File Converter and Version
Extraction Tool.
Installing OMPM
To install OMPM, type the following at a command prompt:
MigrationPlanningManager /extract:c:\ompm
For help with OMPM, type the following at a command prompt:
MigrationPlanningManager /?
OMPM requirements
The following lists the requirements for running OMPM, both for the client systems that it scans
and the administrator system from which it runs.
39
The Version Extraction Tool (VET) requires installation of Microsoft .NET Framework Version 2.0
Redistributable Package (x86) (http://go.microsoft.com/fwlink/?LinkId=81886) and Microsoft
Word 2003.
Note
Use IExpress 2.0 to create a self-extracting package. Do not use a self-installing
package.
Database software
• SQL Server 2000 or SQL Server 2005 (recommended). SQL Server 2005 is
recommended for enterprises working with large amounts of data. SQL Server 2005 provides
enhanced database management and reports. The database should have a minimum of 4 GB
available free disk space.
• Microsoft SQL Server 2005 Express Edition. This free, redistributable version of
SQL Server 2005 is ideal for client applications that require an embedded database. You can
use SQL Server 2005 Express Edition, instead of SQL Server 2005, for smaller-scale data
collection. The database should have a minimum of 2 GB available free disk space. SQL
Server 2005 Express Edition is available as a free download at SQL Server 2005 Express
Edition (http://go.microsoft.com/fwlink/?LinkId=95582&clcid=0x409).
Database tools and utilities
• Both SQL Server 2005 and SQL Server 2005 Express Edition include several command
line utilities, such as Osql.exe and Bcp.exe. These must be available on the client computer
from which the provisioning and import tools are run.
• SQLXML 3.0 SP3. SQLXML enables XML support for your SQL Server 2005 database.
This module allows XML files that are collected by the OMPM File Scanner to be imported
efficiently into a database server. SQLXML is a free download available at SQLXML 3.0
Service Pack 3 (SP3) (http://go.microsoft.com/fwlink?linkid=52919).
Note
We recommend using the English editions of SQL Server 2005 or SQL Server 2005
Express Edition to use OMPM. While there are no known issues involving international
editions, only the English edition is supported for these tools at this time.
File share
A file share is required to stage the XML log files collected by the OMPM File Scanner before the
log files are imported into the database. The file share should have a minimum of 1 GB available
40
space. Any account that is operating the import scripts requires read/write/create access to the
file share.
Note
For performance reasons, it is optimal to have the import tools, log file share, and
database on the same server. If this is not possible, the log file share and the database
server should be on the same subnet to reduce network traffic.
Other
• OMPM Reports requires the installation of Microsoft Access 2007 on the client computer
from which the data will be examined. To export file lists from OMPM Reports, SQL Server
Express or SQL Server and SQLXML 3.0 SP3 must be installed on the computer that runs
OMPM Reports.
• To perform a deep scan with the OMPM File Scanner, Access 2002 or later must also be
installed on the computer that runs the OMPM File Scanner.
Note
Other than the requirement listed above, the OMPM File Scanner does not require
the installation of any version of Office on any computer it scans.
• For scanning document storage systems such as Microsoft SharePoint Services, the
OMPM File Scanner requires the Web-based Distributed Authoring and Versioning (WebDAV)
interface. For more information about WebDAV, see About WebDAV (IIS 6.0)
(http://go.microsoft.com/fwlink/?LinkID=81698). This is the only version of WebDAV that is
supported for OMPM.
Note
Use either the Windows Vista WebDAV client or a third-party WebDAV client for
document libraries that are SSL-enabled. If you use the WebDAV client from previous
versions of Windows, the scan of the document library fails.
41
• Adds the XML log files to a series of CAB files for later transfer to a SQL Server.
• Logs failures to the XML log files.
Note
The OMPM File Scanner does not change file properties, except possibly Last Accessed
Date.
Note
The OMPM File Scanner does not transmit data to Microsoft Corporation.
The individual log files are compressed into CAB files to make transport to the SQL Server
database more efficient. To maximize disk space on the computer that is scanned, after OMPM
File Scanner writes 10,000 log files, adds the log files to a CAB file, and then deletes the log files.
Each CAB file contains up to 10,000 log files. When a CAB file reaches 10,000 log files, OMPM
File Scanner creates a new CAB file for the next 10,000 files.
CAB files use the file name from the ScanID GUID, with an index number appended. Three CAB
files generated on the same computer might generate names such as the following:
• Computer1 {2FA87EDF-4393-4BCF-8829-8776F82DEDD5}00001.cab
• Computer1 {2FA87EDF-4393-4BCF-8829-8776F82DEDD5}00002.cab
• Computer1 {2FA87EDF-4393-4BCF-8829-8776F82DEDD5}00003.cab
42
Creating CAB files can be detrimental to performance if log files are saved across a network. Use
the setting CABlogs=1 in the Offscan.ini file to disable the creation of CAB files.
Microsoft Office program Light and deep scan file types Light scan only
Access • .mdb
• .mde
• .mdz
• .adp
• .ade
• .mdt
• .mda
• .accda
• .accdb
• .accdr
• .accdu
• .accde
• .accdt
• .accdc
PowerPoint • .ppt
43
Microsoft Office program Light and deep scan file types Light scan only
• .pot
• .pps
• .ppa
Project • .mpp
• .mpt
Publisher .pub
Visio • .vsd,
• .vss
• .vst
• .vdx
• .vtx
• .vsx
Word • .doc
• .dot
• .wiz
Files from Microsoft Office Outlook, Microsoft Office FrontPage, Microsoft Office OneNote, and
Microsoft Office InfoPath are not included in either the light or deep scan.
Note
The OMPM File Scanner does not scan documents that are password-protected or IRM-
protected. In addition, the OMPM File Scanner does not scan embedded objects within
documents, but does report that the document contains embedded objects.
44
Install and configure OMPM File Scanner
You have two options for distributing and running the OMPM File Scanner:
• Place all of the necessary OMPM File Scanner files on a central share and run the
OMPM File Scanner from that share, scanning local computer hard drives or servers. This
method allows you to change the OMPM File Scanner configuration files in the central
location without having to redistribute them to every computer on the network.
• Create a distribution package that contains all necessary OMPM File Scanner files and
distribute the package to every computer to be scanned.
Before running the OMPM File Scanner, you must first edit the offscan.ini file with the
appropriate parameters. For a list of file types that are scanned by the OMPM File Scanner, see
Introduction to OMPM.
The command to run the OMPM File Scanner is:
offscan.exe
The parameter for this command is as follows:
Parameter Description
Offscan.ini settings
The following table shows the settings and values in offscan.ini.
45
Setting Description Possible values If value is If value is not valid
missing
46
Setting Description Possible values If value is If value is not valid
missing
CABLogs= Disable creation of 0 – do not allow Will not Will not create
CAB files. creation of CAB create CAB CAB files.
Optional. files files.
1 – allow
creation of CAB
files.
Verbose= Specify whether to 0 - do not print Does not Does not print
print output to the output to the print output to output to the
screen. Optional. screen the screen. screen.
1- print output
to the screen
LogOutput= Specify whether to 0 - do not write Does not Does not write
write output to a output to a file write output output to a file.
file. Optional. 1 - write output to a file.
to a file
47
Setting Description Possible values If value is If value is not valid
missing
48
Setting Description Possible values If value is If value is not valid
missing
49
Setting Description Possible values If value is If value is not valid
missing
50
Setting Description Possible values If value is If value is not valid
missing
TempPath= Specify the folder Drive letter or Use the Use the folder
path where the UNC path. folder path path that is
OMPM File that is specified for the
Scanner copies specified for TEMP variable in
Access databases the TEMP the Microsoft
before scanning variable in Windows
them. Optional. the Microsoft operating system
Windows that is running on
operating your computer.
system that is
running on
your
computer.
Note
The following properties support environment variables: [FoldersToScan],
[FoldersToExclude], and [DestinationPath]. For example, you can specify %temp%,
which resolves as the location to store temporary files. If the environment variable cannot
be resolved due to a misspelling or other reason (for example, if you specified %temps%
51
instead of %temp%), the OMPM File Scanner treats the entry like a folder name and not
an environment variable.
See Also
• Introduction to OMPM
• Distribute OMPM File Scanner
• Analyze reports from OMPM
• Migrate Word, Excel, and PowerPoint files to the 2007 Office system
52
Distribute OMPM File Scanner
You can use Systems Management Software (SMS), another software distribution program, or
script to distribute the OMPM File Scanner.
If you have SMS or other software distribution software currently deployed in your environment,
use SMS to distribute and run the OMPM File Scanner. SMS encrypts the data that it transmits. Iif
you are using another software distribution package, refer to your product documentation for
information regarding whether it encrypts the data. If you are not using SMS, be aware that
scanning files across a network can lead to potential security issues, in the same way that
reading or editing any document across a network can create security issues.
Files to Distribute
Whether you are using SMS or another software distribution system or script, include the
following files that ship with OMPM in the distribution package for the computers that you want to
scan:
• OFFSCAN.EXE – OMPM File Scanner program
• ACCSCAN.DLL – Application library modules
• OFFSCAN.INI – Configuration file
• MSVBVM50.DLL – Visual Basic 5.0 runtime version
• SYSTEM.MDW – Access system database
Your distribution mechanism should copy these files to a folder on the computer to be scanned
(for example C:\OFFSCAN).
53
• Distribute the OMPM File Scanner by using a login script. To accomplish this, use
IExpress 2.0 to create a distribution package. For more information, see Use IExpress 2.0 to
create a distribution package for OMPM.
• Run the OMPM File Scanner from a central share by using a login script. The OMPM File
Scanner scans a set of files once per RunID. To scan the same set of files again, provide a
different RunID in the offscan.ini file.
54
Prepare a SQL database for OMPM
You can use SQL Server to create a database for use with OMPM. You can also use SQL Server
2005 Express Edition as your database server. SQL Server 2005 Express Edition is available as
a download from SQL Server 2005 Express Edition (http://go.microsoft.com/fwlink/?
LinkId=95582).
Parameter Description
ComputerName The name of the computer that is hosting the SQL Server.
SQLServerName The name of the SQL Server where the new database is
created. Required.
For example, if your computer name is COMPUTER1, the database server is SQLEXPRESS,
and your new database name will be OMPM001, type the following at the command prompt:
CreateDB.bat COMPUTER1\SQLEXPRESS OMPM001
Notes:
• You must have Database Operator permissions to run this script.
• To obtain help for this command, at a command prompt, type createdb.bat /?.
• Multiple databases can exist on the same server.
• DeleteDB.bat is an additional command-line utility included with OMPM that allows a
user to delete a database.
55
Import OMPM log files into the database
The import tool automates the process of importing the XML log file data or CAB files directly into
a database server. You can begin importing as soon as you have XML or CAB files generated by
the OMPM File Scanner. You do not have to wait until all the data is collected. However, we
recommend that you wait until all of the data from a specific computer is collected. You can run
the import tool multiple times to add new information to the database when the data is collected.
Note
You must install SQLXML 3.0 Service Pack 3 (SP3) on your computer before you import
XML into your database. You can download SQLXML 3.0 SP3 from SQLXML 3.0 Service
Pack 3 (SP3) (http://go.microsoft.com/fwlink?linkid=52919).
Use the following procedure to import log files that contain scan data obtained by the OMPM File
Scanner.
Use the following procedure to import log files that contain action data obtained by the OMPM
File Scanner, Office File Converter, or Version Extraction Tool.
Parameter Description
ComputerName The name of the computer that is hosting the SQL Server.
SQLServerName The name of the SQL Server where the new database is
created. Required.
PathToLogFiles The local (or UNC) path to the folder where the log files are
56
Parameter Description
For example, if your computer name is COMPUTER1, the database server is SQLEXPRESS, the
database name is OMPM001, and your log files are stored in c:\OMPM\SCANDATA, type the
following at the command prompt:
ImportScans.bat COMPUTER1\SQLEXPRESS OMPM001 c:\OMPM\SCANDATA
When the log files are successfully imported, the contents move to the imported subfolder in the
original <PathToLogFiles> folder.
Important
Do not run more than one import at the same time. Always allow one import to complete
before you start the next import. Running more than one import at the same time could
result in data corruption.
Notes:
• You must have Database Operator permissions to run these scripts.
• Because a subfolder is created, you must have read/write privileges to the storage
location.
• To obtain help for this command, type the following at a command prompt:
ImportScans.bat /? or ImportActions.bat /?.
Files that were previously stored in <PathToLogFiles> are moved to the sub-folder
OMPMImported. To run the import with the same set of files to a different database, copy the
files back to <PathToLogFiles>.
57
Delete and restore the OMPM database
1. At a command prompt, navigate to the OMPM\Database folder and type:
DeleteDB.bat <ComputerName>\<SQLServerName> <DatabaseName>
For example, if your computer name is COMPUTER1, the database server is
SQLEXPRESS, and the database name is OMPM001, type the following at the
command prompt:
DeleteDB.bat COMPUTER1\SQLEXPRESS OMPM001
2. At a command prompt, navigate to the OMPM\Database folder and type:
CreateDB.bat <ComputerName>\<SQLServerName> <DatabaseName>
For example, if your computer name is COMPUTER1, the database server is
SQLEXPRESS, and your new database name will be OMPM001, type the following at
the command prompt:
CreateDB.bat COMPUTER1\SQLEXPRESS OMPM001
3. Move all of the CAB files that are in the OMPM\SCANDATA\OMPMImported folder
up one level to the OMPM\SCANDATA folder, or to another folder if you prefer. Move all
of the folders that are in the OMPM\ACTIONLOGS\OMPMImported folder up one level
to the OMPM\ACTIONLOGS folder, or to another folder if you prefer.
4. At a command prompt, navigate to the OMPM\Database folder and type:
ImportScans.bat <ComputerName>\<SQLServerName> <DatabaseName>
<PathToLogFiles>
For example, if your computer name is COMPUTER1, the database server is
SQLEXPRESS, the database name is OMPM001, and your log files are stored in
c:\OMPM\SCANDATA, type the following at the command prompt:
ImportScans.bat COMPUTER1\SQLEXPRESS OMPM001 c:\OMPM\SCANDATA
5. At a command prompt, navigate to the OMPM\Database folder and type:
ImportActions.bat <ComputerName>\<SQLServerName> <DatabaseName>
<PathToLogFiles>
For example, if your computer name is COMPUTER1, the database server is
SQLEXPRESS, the database name is OMPM001, and your log files are stored in
c:\OMPM\ACTIONLOGS, type the following at the command prompt:
ImportActions.bat COMPUTER1\SQLEXPRESS OMPM001 c:\OMPM\ACTIONLOGS
58
Analyze reports from OMPM
You can use OMPM Reports to perform the following actions:
• Review OMPM File Scanner results to identify errors or to view coverage by computer.
• Manage issues.
• Create a list of files to convert and export the list to a file for use by the Office File
Converter (OFC) or the Version Extraction Tool (VET).
• Review data compatibility issues between Access version 1997 or earlier and Access
version 2000 or later.
Note
Only scanner coverage and errors are reported here. Use the Office 2007 Compatibility
report for upgrade issues identified by the scanner.
59
Review Office 2007 Compatibility
1. On the OMPM Welcome page, select Office 2007 Compatibility. This brings up the
Office 2007 Compatibility page.
2. You can load a filter that you previously saved by clicking the Load Filter… button at the
bottom of the page. Otherwise, specify your file filter settings in Select a File Filter, along the
left side of the page.
Note
Filters apply to which files are shown, not which issues or created files are shown.
For example, if you set Select Issues of Specified Type: to select all issues of level
Red, all files with red issues appear. However, if those files also have yellow and
green issues, reports of those issues also appear.
3. To invert the filter for a specific setting, check the box to the right of the setting. For
example, if you select a scanner run, you see all files discovered during that scanner run. If
you invert the filter for that setting, you see all files discovered during other runs, but not
during the selected run.
4. To apply the filter, click the Apply Filter button at the top of the 2007 Office release
Compatibility page. Use the tabs on the right side of the page to perform the following steps.
5. Select the Issue Summary tab to view a summary of the issues identified by the OMPM
File Scanner by severity, type, and frequency. You can bring up the summary in a new
window by clicking New Window at the bottom of the page.
6. To view issues and edit their severity level, click Manage Issues at the bottom of the
Issue Summary page, and review or edit issues on the resulting Manage Issues dialog. If
you review the impact of an issue and the issue is not important for your document set, you
can also change the issue level in this dialog. You can use this to organize your files into
processing groups of red, yellow, and green status.
7. Select the Computer Summary tab to view a summary of the issues for each computer
that was scanned. You can bring up the summary in a new window by clicking New Window
at the bottom of the page. To obtain a printable report, click Report View at the bottom of the
page.
8. Select the Scanned Files tab to view files that match the criteria set by the filter you
applied. You can bring up the summary for all files in a new window by clicking New Window
at the bottom of the page. To obtain a printable report, click Report View at the bottom of the
page.
9. Select the Created Files tab to view files that were created using the Office File
Converter or Version Extraction Tool. You can bring up the summary for all files in a new
window by clicking New Window at the bottom of the page. To obtain a printable report, click
Report View at the bottom of the page.
10. To save the filter, click the Save Filter… button at the bottom of the page.
11. Export the files to an XML file for use by the Office File Converter or Version Extraction
Tool by clicking the Export… button at the bottom of the page.
60
For more information about the filter criteria you can select, see OMPM Reports Filtering
Reference.
Note
Clicking Analyze prompts you with the message "Analysis can take quite a long time
and should not be canceled mid-run. Are you sure you want to continue?" If your
scan data covers fewer than 100,000 databases, the analysis usually takes only a
few minutes. If there are more than 100,000 databases, the analysis can take a long
time, and you might prefer to run the analysis overnight.
3. To search the Access scan data by field, select QuickSearch on the Access Reporting
page. This lists files that OMPM has analyzed. Use QuickSearch to find a specific database
file by name, or a list of databases in a specific path or on a specific computer.
4. To view or print interactive reports for Access data, select Reports on the Access
Reporting page. This brings up the View Reports tab. On the left navigation pane, you can
choose from the following reports:
• Database and Issue Details. Use this report to get the list of issues for each
database file.
• Database Issues Grouped by Issue. Use this report to find all the databases that
are identified as having a specific issue.
• Executive Summary. This report provides an overview of issues for all analyzed
databases, without the file-level details.
• Active versus Old Databases. This report lists analyzed databases and shows
whether they are active or inactive, based on their LastModified property.
• Conversion Issue–Database is an MDE file. This report lists .mde files and .mdb
files that have identical names.
• Conversion issue–Replicated database. This report lists databases that use
replication.
• Conversion issue–Reserved name in Form/Report/Macro. This report lists
databases that contain a reserved name in a form, report, or macro.
5. To view interactive charts that facilitate finding databases with certain attributes, select
Charts on the Access Reporting page. This brings up the Database Charts screen, where
you can choose from the following charts:
• Date Last Opened. Database count per year opened.
61
• Database Rating. Database count by level of user intervention required.
• Access Version. Database count by version of Access.
• File Size. Database count by file size.
• Conversion Issues. Database count by conversion issue.
• Warning Level. Database count by warning level.
6. To view databases and database objects on a per-file basis, data, select File Details on
the Access Reporting page.
7. To view database issues on a per-file basis, data, select Conversion Issues on the
Access Reporting page.
62
Migration considerations by application
In this chapter:
• Migration considerations for Access 2007
• Migration considerations for Excel 2007
• Migration considerations for Word 2007
See Also
• Preparing for migration to the 2007 Office system
• Assessing your environment with the Office Migration Planning Manager
• Migration reference
• Migrating to the 2007 Office system
63
Migration considerations for Access 2007
With Microsoft Office Access 2007, you can open and use databases created in Access 2000,
Access 2002, and Access 2003. Using the changes and improvements in Office Access 2007,
you can also convert databases created with previous versions of Access into the new Office
Access 2007 file format. Databases created with Access 97 or earlier must be enabled or
converted for use with Office Access 2007. This topic discusses database migration
considerations, including:
• Migration considerations for Access 2000, Access 2002, and Access 2003
• Migration considerations for Access 97 and earlier
• Office Access 2007 in mixed environments
• Office Access 2007 and SQL Server
• Tools to help with your conversion project
64
• Encrypt with database password
65
Migration considerations for Access 97 and earlier
When you upgrade from Access 97 and earlier, you must either enable or convert your database
files (in MDB format) to open in Office Access 2007. When you open an Access 97 format MDB
file for the first time, you can enable or convert the database.
Enabling a database
By enabling a database, you make it compatible with Office Access 2007. You can open objects
and edit data, but all object definitions are read-only. You can open enabled databases in Access
97 or Office Access 2007, but you can only make design changes in Access 97. You can make
data changes in either Access 97 or Office Access 2007. This option is useful in mixed
environments where a database must open in both Access 97 and Office Access 2007.
Converting a database
Access 97 or earlier format databases are converted into Access 2002-2003 format by default. If
a database is converted to Access 2002 or Access 2003, the database can only be opened by
Access 2002 or Access 2003. To convert an Access 97 or earlier database to Office Access 2007
ACCDB file format, you must first convert it to Access 2002, Access 2003, or Access 2000. You
can then convert the database to Office Access 2007.
New Feature in Office Access 2007 Behavior in Access 2000 and Access 2003
66
New Feature in Office Access 2007 Behavior in Access 2000 and Access 2003
Offline support for linked tables to Windows Only available in ACCDB file format.
SharePoint Services
Linked Tables to Windows SharePoint Services Not all data types are fully supported. Some
V3 columns may be read-only or might not appear.
Alternating row color (alternate back color All rows appear the same color as the first row.
property) The Alternate Back Color property is ignored.
Filtering and sorting improvements Previous filtering and sorting user interface.
Design in browse mode for forms and reports Only design via the property sheet.
67
New Feature in Office Access 2007 Behavior in Access 2000 and Access 2003
Access security and the Trust Center Prompts with security warnings and does not
have the ability to trust a file based on its
location.
New Sorting and Grouping task pane Sorting and grouping dialog box.
Office Center for Options Separate dialog boxes for Options, Startup, and
AutoCorrect.
Editable value lists Value Lists do not have a user interface for
editing and are not automatically inherited from
the table.
Edit list items command for combo boxes and Does not appear.
list boxes
68
not guaranteed to work with future versions of a type library. To fix these databases, you must
manually fix VBA references to point to the version of the Office applications installed on that
computer.
In general, when you are working with multiple versions of Office, the best practice is to test the
database on the oldest version of Office and the oldest version of Microsoft Windows that you
plan to support. Make sure all of the references are fixed. When the database is opened using a
newer version of Office or Windows, the references still work.
69
configurable, but you typically must build enough filtering into your application so that you do not
reach the limit.
Access uses OLEDB to communicate with SQL Server. To provide the Jet-like cursor behavior
desired for desktop applications, Access implements the Client Data Manager (CDM) as an
additional layer between Access and OLEDB.
Because of the layers required to get from Access to SQL Server in the ADP architecture, it is
often easier to optimize MDB/ACCDB file solutions. However, there are some scenarios where a
report might be generated significantly faster in an ADP file. To add these performance
improvements and retain the flexibility of SQL Server, you can build the majority of the application
in an MDB or ACCDB file and have the file load reports from a referenced ADP file.
One advantage that ADP files have over files in MDB or ACCDB format is the ability to make
design changes to SQL Server objects. ADP files include graphical designers for tables, views,
stored procedures, functions, and database diagrams.
Note
This tool does not convert your databases. It only helps you with scoping and identifying
known issues that have an impact on the conversion process.
70
Migration considerations for Excel 2007
Microsoft Office Excel 2007 provides users with many more robust, advanced features. Before a
migration to Office Excel 2007, users should learn more about these differences to determine how
the differences might affect the scope and pace of migration. The most significant functional
differences and corresponding behaviors are summarized below.
The Microsoft Office Migration Planning Manager (OMPM) helps with migration and migration
planning. OMPM contains file scanning and conversion tools to help organizations take inventory
of their documents, analyze the documents for readiness with the 2007 Microsoft Office system,
and provide notification regarding compatibility issues that may affect migration. For more
information about OMPM, see Assessing your environment with the Office Migration Planning
Manager.
Caution
Users should consider existing links between workbooks before your organization
converts existing workbooks to the Open XML Formats. Because earlier versions of
71
Office Excel cannot update links to workbooks that are saved in the Open XML Formats,
all linked workbooks should be simultaneously converted.
72
Compatibility Tools
Office Excel 2007 contains compatibility support for the most common features that were used in
previous versions of Office Excel. Some functions that were seldom used in previous versions of
Office Excel are deprecated or eliminated. Most of the features that users rely on regularly are
still available in Office Excel 2007. Office Excel 2007 also contains compatibility safeguards to
help prevent the loss of data when users move between different versions of Office Excel.
Compatibility Mode
Compatibility Mode is tied to the Office Excel 97-2003 file format, which disables new features in
Office Excel 2007 that are not compatible with earlier versions of Office Excel. For example, when
a workbook that is opened in Office Excel 2007 is running in Compatibility Mode, the larger grid
size is suppressed so that users cannot enter data, formulas, or references that are outside the
smaller grid boundary of earlier versions of Office Excel.
Users that open a workbook that is saved in the Office Excel 97-2003 file format (.xls) see that
the workbook automatically functions in Compatibility Mode. Similarly, when users work with a
new workbook that will be used in earlier versions of Office Excel, they can turn on Compatibility
Mode (by saving the file in the Office Excel 97-2003 file format, and then closing and re-opening
the file) to prevent the accidental use of functions and features that are incompatible with the
earlier versions of Office Excel. This option is critical for users who plan to share workbooks with
other users who have not yet migrated to Office Excel 2007.
When users work in Compatibility Mode, they are still able to work with the Office Fluent user
interface and to have access to most of the new features. Only features that are incompatible—
such as the larger grid size—are turned off for that workbook. Similarly, when a user saves a new
workbook to the Office Excel 97–2003 file format, that workbook is automatically placed into
Compatibility Mode the next time the workbook is opened. To exit Compatibility Mode, users
convert the workbook to one of the new file formats and then re-open the workbook. Users can
accomplish this action in one step by using the Convert command: users click the Microsoft
Office Button and click Convert.
Compatibility Checker
The Compatibility Checker functions automatically by default when users save a workbook to the
Office Excel 97-2003 file format. It scans for features and characteristics that are not supported
by earlier versions of Office Excel. Users also have the option to disable the Compatibility
Checker so that it does not run automatically when the workbook is saved to an earlier file format.
The Compatibility Checker identifies two types of compatibility issues: features that are retained
but that function differently in earlier versions of Office Excel, and functions that are disabled in
Compatibility Mode and that are not functional in earlier versions of Office Excel. These issues
display in a dialog box that enables the user to respond and take action before data or functions
are lost. The Compatibility Checker lists issues that are identified in the workbook, summarizes
the number of occurrences of each issue, identifies tools to help locate the issues, and provides
additional help for the types of issues that are identified.
73
Format changes
The Open XML Formats in Office Excel 2007 accurately mirror and represent the binary data
formats of earlier versions of Office Excel. This means that users can still read and modify most
workbooks that were created in earlier versions of Office Excel in Office Excel 2007.
The more robust Open XML Formats accommodate more file types. Some file types are no longer
in common use. Consequently, changes are made to the names and extensions as follows:
• Support is removed for some legacy file types.
• The names of Office Excel 97-2003 file formats are changed to help users avoid
confusion.
• The new Office Excel 2007 file types are assigned new names and new file name
extensions.
74
• WJ3, FJ3 (1-2-3 Japanese) (.wj3)
• DBF 2 (dBASE II)
• WQ1 (Quattro Pro/DOS)
• WK3, FM3 (1-2-3)
• Microsoft Excel Chart (.xlc)
• WK1, ALL(1-2-3)
• WJ1 (1-2-3 Japanese) (.wj1)
• WKS (Works Japanese) (.wks)
AutoFormat
Office Excel 2007 includes galleries and functions that are now called Table Style and PivotTable
Style. These are significant improvements over the AutoFormat feature that was available in
earlier versions of Office Excel. The AutoFormat feature is not included in the Office Fluent
Ribbon. It can be added to the Quick Access Toolbar, which is an icon-driven tool set that appears
above the Office Fluent Ribbon and that users can customize.
75
Charting
Charting is now part of a shared Microsoft Office drawing layer with the 2007 Office system. This
means that some of the charting features that are specific to earlier versions of Office Excel are
not available in Office Excel 2007. In most cases, these features are replaced with more robust
capabilities.
Although some charting features are removed or changed, Office Excel 2007 users still have the
ability to view charts the way they were created in earlier versions of Office Excel. Issues may
arise if users attempt to make changes to charting features that are no longer available in Office
Excel 2007. The specific charting features that are not available in Office Excel 2007 and ways to
work around these differences are listed below.
• Resize multiple charts. Users no longer change the chart type of multiple charts
simultaneously. Each chart is now changed individually.
• Press F11 to duplicate a populated chart sheet. Users no longer press F11 on a
populated chart sheet to create a chart sheet with the same data. This action produces a
blank chart sheet in Office Excel 2007.
• Direct rotation of 3-D charts. The mouse is used to directly manipulate the 3-D view of
the chart in earlier versions of Office Excel. This is accomplished by using the 3-D Rotation
dialog box in Office Excel 2007.
• Pattern fills. Pattern fills for shape objects are removed in favor of picture and texture
fills. Existing files appear the same when they are loaded. The ability to create new shapes
with the previous pattern fills is removed as part of the new drawing capabilities.
• Size with window. Earlier versions of Office Excel have a Size with Window command
that automatically resizes charts on chart sheets when the window size changes. This feature
is removed. The Zoom to Selection command is used to achieve similar results.
• Automatic text box creation when typing. A text box is no longer automatically created
when a user types on a selected chart. A user can still insert text boxes by using the Insert
Text Box command.
• Default paste behavior in Word and PowerPoint. The default choice for copying and
pasting a chart from Office Excel 2007 to either Office Word or the Office PowerPoint
presentation graphics program is changed to linked. This setting can change to picture or
entire workbook through the Paste Options menu, which immediately displays after the
user pastes the chart.
• Word table as a data source. Unlike in earlier versions of Office Word, a user does not
use a table as data for a new chart in Office Word 2007. The user sees sample data rather
than data in the selected Office Word table. The user copies and pastes the real data into the
new chart to replace the sample data.
• Printed chart size. The Printed Chart Size option is removed from the Chart tab in the
Page Setup dialog box. The behavior matches the Custom setting from Office Excel 2003 in
Office Excel 2007.
• Drag data onto a chart. Users add data to a chart by selecting the data and dragging it
onto the chart in earlier versions of Office Excel. This feature is no longer available in Office
76
Excel 2007. Office Excel 2007 still supports the other, more common methods of adding data
to a chart.
• Direct manipulation of data points on charts. The user can drag data points on a chart
in earlier versions of Office Excel, which changes the data source values on the worksheet.
This seldom-used feature is removed from Office Excel 2007.
Shapes
All programs in the 2007 Office system feature a new version of shapes, with new formatting
capabilities, an upgraded user interface, integration with new Microsoft Office 2007 styles and
themes, and compatibility with other features that do not exist in earlier versions of OfficeArt. With
the 2007 Office system, the name OfficeArt is changed to SmartArt.
Most of the shapes within that workbook automatically convert to the newer version of shapes
when an Excel 97-2003 workbook opens in Office Excel 2007. This enables users to take
advantage of features that are available in the SmartArt Shape galleries in Office Excel 2007.
There are a few exceptions to the automatic upgrade, and in these instances OfficeArt Shapes
remain whole and usable in their previous format. These features include: comments, forms
controls (including dialog sheet backgrounds), Microsoft ActiveX objects, shapes used internally
by Office Excel 2007 for various features (such as filter drop-down lists, auditing and circular
reference arrows, and data validation ovals), OLE objects, camera tool objects, ink annotations,
header pictures, organization charts, and legacy diagrams.
It is important to note that non-upgraded shapes that are drawn in earlier versions of Office Excel
cannot be grouped with shapes that are drawn in Office Excel 2007 or with shapes that are
upgraded. Similarly, users cannot select upgraded and non-upgraded charts at the same time. As
a result, object types are layered when users mix object types. The earlier versions of shapes are
drawn on top of all later versions of shapes. The new version of charts cannot be shown on top of
the previous version of dialog sheets.
Although the charts still exist, users cannot view charts that are layered underneath the dialog
sheets. Users must access the new shapes by using the Select Objects command. Users must
use the Select Multiple Objects command in the Customize window to select shapes from an
earlier version of Office Excel.
77
AutoFilter
Filtering is used to display a subset of the data or a portion of the workbook and to hide the rest of
the data or workbook from view. This feature is modified in Office Excel 2007 to enable easy
access to the most common filtering tasks: filtering by more than two conditions and filtering by
format.
AutoFilterMode property
In Office Excel 2003, users could create macros to check the AutoFilterMode property when the
selection was in a list (referred to as a table in Office Excel 2007) to determine if autofiltering was
turned on in that list. In Office Excel 2007, the AutoFilterMode property works with worksheet
autofilters and not with autofilters that are part of a table. This is due to properties of Office Excel
2007 that give each table its own AutoFilter object, which in turn enables multiple autofilters per
worksheet through the use of tables.
The AutoFilterMode property may not work correctly when users open an Office Excel 2003
workbook that contains macros that are used to check the AutoFilterMode property of a list
(table). This does not affect documents or macros that are created in versions of Office Excel
before Office Excel 2003.
To correct this issue, users enable the AutoFilter task from the List object, instead of at the macro
level.
Table name
When users create a table, they also create a defined name for the same range in Office Excel
2007. This name is used to reference the table in formulas that use the new structured
referencing feature.
78
Names used for PivotTables and tables in earlier versions of Office Excel may not meet the
requirements for range names in Office Excel 2007. Users must change the names of these
objects when the objects open in Office Excel 2007. This ensures that the objects are appropriate
for use in formulas and elsewhere.
The type of table names that are used for referencing are built on top of the existing Defined
Name feature in Office Excel. Consequently, the table names inherit the same restrictions that
defined names have, such as containing no spaces and having no support for certain characters.
The table name that was previously only available through the object model does not share these
same restrictions, so the two functions are separate.
PivotTables
Many changes are made to the formulas and architecture of PivotTable dynamic views in Office
Excel 2007. These changes enable users to do more with PivotTables, but the changes may also
cause some issues when users migrate from earlier versions of Office Excel.
79
To ensure that PivotTables remain whole and functional, the version property of PivotTables is
completely separate from the version property of Office Excel. PivotTables in Office Excel 2007
are version 12 (xlPivotTableVersion12). PivotTables that are created in earlier versions of Office
Excel have a different version number. For example, version 10 PivotTables
(xlPivotTableVersion10) are created in either Office Excel 2002 or Office Excel 2003.
When users work in Office Excel 2007, the version of the PivotTable is determined by whether the
user is working in Compatibility Mode. New PivotTables that are created in that workbook are
created in version 10 if the current workbook is in Compatibility Mode. New PivotTables are
created in version 12 when the current workbook is not in Compatibility Mode.
When the user saves a workbook from Compatibility Mode to one of the new file formats, the
PivotTables in that workbook are marked for upgrade. When each PivotTable is refreshed, it is
upgraded to version 12 and new functionality is enabled for that PivotTable.
It is important to note that version 12 PivotTables cannot be downgraded to version 10, even
when the workbook is saved by using a previous file format. This means that a version 12
PivotTable that is created in Office Excel 2007 cannot be modified or refreshed when it is opened
in an earlier version of Office Excel. However, the PivotTable maintains all functionality and can
be modified or refreshed when it is re-opened in Office Excel 2007.
If the user plans to share PivotTables with other users who are working in a previous version of
Office Excel and those users need to refresh the PivotTables, it is important to make sure that the
PivotTables are created as version 10 PivotTables. The simplest way to do this is by using
Compatibility Mode.
In addition to these versioning differences, other functional changes affect the behavior of
PivotTables. The following features are either removed or are significantly deprecated in Office
Excel 2007 due to a lack of interest from users. In some cases, these functions are replaced by
more robust PivotTable tools.
Calculated members
Calculated members that are defined in Microsoft Online Analytical Processing (OLAP) cubes do
not display by default in version 12 PivotTables. This does not apply to calculated measures
(calculated members in the Measures dimension). These always appear. Calculated members
appear by default in Office Excel 2003. However, this feature can be controlled in the object
model (PivotTable.ViewCalculatedMembers) in both Office Excel 2003 and Office Excel 2007.
This setting is also added to the Display tab in the PivotTable Options dialog box in Office Excel
2007 so that it is easy to make calculated members appear when they are needed.
80
OLAP Cube Wizard
The OLAP Cube Wizard enables the user to create OLAP cube files from relational data sources
and add hierarchical data organization to relational data in earlier versions of Office Excel. The
relational data can be viewed in PivotTables and the data can be stored in a separate file. The
OLAP Cube Wizard is removed from Office Excel 2007 because this feature was seldom used.
Users can still create PivotTables based on relational data by using the more common methods of
directly connecting to the relational data or by importing the data into an Office Excel workbook.
PivotTable Wizard
The PivotTable Wizard is no longer the primary user interface for creating PivotTables in Office
Excel 2007. Users can access a new, simpler one-step dialog box to create PivotTables for most
purposes. Users can add the PivotTable and PivotChart Wizard to the Quick Access Toolbar. The
following features are only available through the wizard:
• Server-defined page fields.
• Option to optimize memory.
• Ability to explicitly create a PivotTable based on another PivotTable.
• Multiple consolidation ranges.
Tracking customizations
Version 12 OLAP PivotTables track customizations of items, even when those items are
temporarily not visible in the PivotTable. This is true for formatting that is applied to items and to
customized item labels. This is an improvement over Office Excel 2003, where custom labels and
formatting were lost when the parent field collapsed. Office Excel 2007 stores and applies the
parent field information after the collapse-and-expand operations. Office Excel 2007 stores
customized labels when the field is removed from the PivotTable so that the customized labels
still appear when the field is added back to the PivotTable at a later time.
81
included in that reference further down the column or row. In addition, the results of functions that
reference full rows or columns can change when the functions are converted to Office Excel
2007. Examples include COUNTBLANK, ROWS, and COLUMN functions, which count the
number of cells, rows, or columns in the reference.
Conditional formatting
Office Excel 2007 users benefit from many improvements to conditional formatting, including new
and more robust visualization tools, the Office Fluent Ribbon user interface, and new conditional
formatting rules. An increase to the number of formatting parameters that can be used
simultaneously and some added PivotTable and table functionality also improve the conditional
82
formatting experience. When Office Excel 2007 workbooks are shared with other users who are
working with earlier versions of Office Excel, it is important that users know how conditional
formatting functions in the earlier versions.
Formatting is retained
In general, all of the conditional formatting that is created in an Office Excel 2007 workbook is
retained when the formatting is saved to the earlier file format. Because conditional formatting is
another property that is assigned to the cell, it is not affected when the user alters data, font,
borders, and so on. If the user does not alter the conditional formatting, the user can open and
save the file in earlier versions of Office Excel with no loss of the new conditional formatting.
Earlier versions of Office Excel cannot display the new data visualizations that are added, such
as data bars, icon sets, and color scales. This does not mean the visualizations are lost. The
visualizations remain available so that they can be viewed when the workbook is opened again in
Office Excel 2007. But when the workbook is opened in the earlier versions, some of the
visualizations are not visible and others may appear slightly different, because earlier versions of
Office Excel may substitute a compatible visual quality when the new feature is not available. For
example, more variations on the color blue are available in Office Excel 2007. When a file that
references an unavailable blue is opened in an earlier version of Office Excel, the user still sees
blue, but a different hue of blue.
Users can edit files that contain new conditional formatting with earlier versions of Office Excel.
Users can change cell values, sort ranges, add formatting, and perform a number of other tasks
without changing the conditional formatting. In general, if the user does not make changes
directly to the conditional formatting on a range, the formatting safely reappears as it was
designed when the workbook is opened again in Office Excel 2007.
83
• Stop if True. Office Excel 2007 has a new conditional formatting option to process
additional formatting rules, even when a previous condition is true. Earlier versions of Office
Excel do not recognize this option, and stop after the first true condition.
• Top 10 or Compare to Average. Office Excel 2007 can apply conditions to subsets of
values. Earlier versions of Office Excel do not have these conditional formatting options The
earlier versions calculate the condition across all values.
• Non-contiguous formatting. Office Excel 2007 supports additional conditional
formatting on ranges that are not adjacent to each other. This conditional formatting type is
not supported in earlier versions of Office Excel.
84
made to the workbook in versions of Office Excel that are earlier than Office Excel 2003, such as
inserting or deleting cells and columns, may cause the table—but not the data—to be lost when
the file is opened in Office Excel 2007.
85
Trusted Locations
Trusted Locations is a new feature that provides additional management capabilities for IT
administrators and enhanced security for users. Trusted Locations are defined folders from which
documents that contain active content (macros, ActiveX controls) run without being subjected to
further security review, such as the Message Bar. With the 2007 Office system, administrators
can better manage the types of active content that can run and the conditions under which the
active content is permitted to run. Group Policy can prohibit running macros from all other
locations.
It is important to note that these Trusted Locations must be properly managed. Only documents
that are known to be safe should be placed in Trusted Locations. Any document that is stored in
the folders is completely trusted and does not display security warnings before the document
performs potentially harmful actions, such as running macros or connecting to data.
Empty macros
Users could retain comments or declarations in Excel VBA—or macro—code in Office Excel
2003. Users can no longer save macro code that contains only comments and declaration
statements in Office Excel 2007. The user must add a subroutine or function to the Excel VBA
code to retain these features.
Programmability issues
All documents that are saved in Open XML Formats are considered to be macro-free files and
cannot contain code by default. This behavior ensures that malicious code that resides in a
default document can never run unexpectedly. While documents can still contain and use macros
in the 2007 Office system, users must save documents as a macro-enabled document type. This
safeguard does not affect a developer’s ability to build solutions, but it does enable organizations
to use documents with more confidence.
Macro-enabled files employ the same file format as macro-free files, but the files contain
additional parts that macro-free files do not. The additional parts depend on the type of
automation that exists in the document. A macro-enabled file that uses VBA contains a binary part
that stores the VBA project. Any Office Excel 2007 workbook that utilizes macros that are created
in previous versions of Office Excel or any Office PowerPoint presentation that contains action
buttons are also saved as macro-enabled files. If a code-specific part exists in a macro-free file,
whether it is placed there accidentally or maliciously, the programs in the 2007 Office system do
not allow the code to run—without exception.
Users can now determine if code exists within a Microsoft Office document before the document
opens. Previously, this could not be easily accomplished unless the file was opened in a Microsoft
86
Office program. Users can now inspect the package file for the existence of code-based parts and
relationships without running Microsoft Office programs and potentially risky code. If a file looks
suspicious, users can remove the parts of the file that are capable of running code. This ensures
that the code cannot cause harm.
87
Migration considerations for Word 2007
This topic discusses migration considerations for Microsoft Office Word 2007, including:
• Migrating files to the new file format
• Migrating AutoText entries
• Migrating customizations
• Migrating Add-ins
• Migrating AutoCorrect entries
• Migrating the data key
88
4. Open AutoText.dotx in Office Word 2007, and go to the Building Blocks
Organizer. To do this, click Insert, click Quick Parts, and click Building Blocks
Organizer….
5. In Building Blocks Organizer, you can move AutoText entries to the Quick Parts
gallery or a gallery you prefer. To do this, select an AutoText entry, click Edit
Properties…, select the appropriate gallery in the Gallery: dropdown box, and click OK.
Perform the following procedure to make AutoText entries available while you compose e-mails.
Migrating customizations
Customizations to previous versions of Word do not automatically migrate to Office Word 2007
during installation. These customizations include:
• Settings
• Styles
• Add-ins
• Macros
• Toolbars
• AutoText entries
• AutoCorrect entries
Many features relating to these customizations are significantly redesigned in Office Word 2007.
Settings from earlier versions of Word do not automatically migrate to Office Word 2007. Users
can take advantage of the new features more easily.
In previous versions of Word, customizations are stored in the Normal template (Normal.dot).
This template stores customizations such as custom toolbars, default font changes, style
customizations (including user-created styles), macros, AutoText, and AutoCorrect entries. The
installation process for Office Word 2007 renames Normal.dot to Normal11.dot. The default for
Office Word 2007 is the new Normal.dotm template. By default, Normal11.dot and
Normal.dotm are stored in C:\Documents and
Settings\<username>\AppData\Microsoft\Templates.
89
Use the following procedure to retrieve the customizations from a previous version of Word.
Note
Some customizations for previous versions of Word, such as some changes to the user
interface, might not apply to Office Word 2007 and will not have an effect in Office Word
2007.
Migrating Add-ins
If add-ins from a previous version of Word are no longer available after you upgrade to Office
Word 2007, see the Knowledge Base article Add-ins may not be available after you upgrade to
Word 2007 (http://go.microsoft.com/fwlink/?LinkId=80909).
See Also
• File format reference
• Planning for migration
• Migrating to the 2007 Office system
• Changes in the 2007 Office system
• Changes in Word 2007, Excel 2007, and PowerPoint 2007
90
• Changes in Word 2007
91
Planning for installing and upgrading
Outlook 2007 (Office Resource Kit)
In this chapter:
Outlook 2007 deployment overview
Determine when to install Outlook 2007
Install Outlook 2007 by using the Office Customization Tool
Plan an upgrade to Outlook 2007
How Outlook 2007 works with different Exchange Server versions
Plan a Cached Exchange Mode deployment in Outlook 2007
Plan Outlook 2007 Offline Address Book deployment
Considerations when installing Outlook 2007 in a Terminal Services Environment
92
Outlook 2007 deployment overview
A close review of your organization's messaging requirements will help you plan the optimal
Microsoft Office Outlook 2007 deployment. This topic provides an overview of issues to consider
when you deploy Office Outlook 2007. Most areas are covered in more detail in other Office
Resource Kit topics, which are listed in See Also.
Migrating data
If your organization uses a different mail client, you might need to migrate data from those clients
to Office Outlook 2007. Importers provided in Outlook (for example, for Eudora Light) might be
helpful. Importers cannot be configured to run automatically; you use them to migrate data
individually for each user.
93
enables users to have more reliable access to their Outlook data, whether they are connected to
a network or they are working offline.
Roaming users should have the same messaging environment on each computer to which they
roam. This includes the type and version of the operating system, Outlook version, and Outlook
installation location on the computer.
For multiple users sharing the same computer, use Microsoft Windows logon features on the
computer's operating system to manage user logon verification. Make sure that each user runs
the same version of Outlook so that conflicts do not arise among shared files. Conflicts can occur
when one version of Outlook attempts to write a file to a file folder location that is shared by other
versions of Outlook used on the same computer. To learn more about setting up multiple Outlook
users on the same computer, see the Outlook Help topic Using Outlook on a computer you share
with other people.
Multilingual requirements
The 2007 Microsoft Office system provides broad support for deploying in international or
multilingual environments. An 2007 Office system product consists of the language-neutral core
package plus one or more language-specific packages. In addition to the Proofing Tools included
in each language version, you can download and deploy Proofing Tools for other languages to
help multilingual groups work with and edit files in a variety of languages.
Office Outlook 2007 supports Unicode throughout the product to help multilingual organizations
seamlessly exchange messages and other information in a multilingual environment.
94
Each organization has a different environment and might make different choices about timing
Office Outlook 2007 upgrades. For example, you might have a messaging group that is
responsible for upgrading Outlook and a separate group that plans deployment for other Office
applications. In this case, it might be easier to upgrade Outlook separately from the rest of Office,
rather than attempting to coordinate deployment between the two groups.
Note
Office Outlook 2007 cannot coexist with previous versions of Outlook. If you need to use
previous versions, do not install Office Outlook 2007.
95
Collaboration Data Objects dependencies
Collaboration Data Objects (CDO) must be downloaded and then installed locally. You can
download CDO at Collaboration Data Objects version 1.2.1.
96
created using alphabet characters from different languages, not just English, with the intention of
deceiving users into thinking they are visiting a legitimate Web site.
Note
The Microsoft Office Outlook Connector for IBM Lotus Domino replaces the Microsoft
Outlook 2002 Connector. The current version of the Outlook Connector does not work
with Microsoft Office Outlook 2007 because of changes in the application programming
interfaces (APIs) in Outlook. Microsoft continually evaluates customer requests for the
Outlook Connector, but there is no planned release for an updated tool at this time.
97
Users can use Office Outlook 2007 without an e-mail server to use the Contacts, Tasks, and
Calendar features in a stand-alone configuration.
See Also
• Office Customization Tool in the 2007 Office system
• Install Outlook 2007 by using the Office Customization Tool
• Determine when to install Outlook 2007
• Plan an upgrade to Outlook 2007
• Configuring Really Simple Syndication (RSS) in Outlook 2007
• Plan for configuring security settings in Outlook 2007
• Plan for e-mail messaging cryptography
98
Determine when to install Outlook 2007
You can install Microsoft Office Outlook 2007 before, with, or after an installation of other
applications in the 2007 Microsoft Office system. You can also deploy Office Outlook 2007 to
different groups of users at different times. Each installation strategy has requirements,
advantages, and disadvantages.
Note
Installing Office Outlook 2007 without the 2007 Office system limits Office Outlook 2007
functionality in the following ways: 1) The Office Outlook 2007 e-mail editor has fewer
features, and 2) Internet Fax functionality is not available. For details about how
functionality is limited, see Impact of deploying Outlook 2007 without Word 2007.
Note
Office Outlook 2007 cannot coexist with previous versions of Outlook. If users or tools
require a previous version, do not install Office Outlook 2007.
To install Office Outlook 2007 before you install the 2007 Office system:
• Customize Office Setup to install only Office Outlook 2007 from a network installation
point.
• Later, create or update a Setup customization file with the Office Customization Tool
(OCT) that installs 2007 Office system from the same network installation point.
For details about installing 2007 Office system applications in stages, see Stage deployment of
applications in the 2007 Office system.
99
Advantages of installing Outlook before Office
If you deploy Office Outlook 2007 promptly, users can begin to use new features without waiting
for testing or technical support to become available for a complete upgrade.
100
Disadvantages of installing Outlook after Office
When you install Office without Office Outlook 2007, you must use the Office Customization Tool
to customize Setup. This ensures that previous versions of Outlook are not removed from users'
computers.
Regardless of when or how you install Office Outlook 2007 separately from the 2007 Office
system, you must perform extra steps to manage customizations to the installation process.
101
Install Outlook 2007 by using the Office
Customization Tool
The Office Customization Tool (OCT) helps you configure how Microsoft Office Outlook 2007 is
installed on users' computers. This tool enables you to include custom settings and Outlook
profile configurations in a Setup customization file that is applied when Office Outlook 2007 is
installed from a network installation point.
102
Customizing Outlook profiles
Using the OCT, you can create Outlook profiles and modify the settings in existing Outlook
profiles. For example, you can keep all existing Outlook user profiles and specify a default
configuration for new profiles.
Your options for configuring profiles include:
• Specifying Exchange server connections
• Defining account information, such as adding POP3 or LDAP accounts
• Saving the configuration in an Office Outlook 2007 profile file (PRF file)
For more information about how to customize Outlook profiles, see the Outlook profile section of
the Office Customization Tool reference.
See Also
• Office Customization Tool in the 2007 Office system
• Customize Outlook 2007 profiles with an Outlook Profile (PRF) file
103
Plan an upgrade to Outlook 2007
Microsoft Office Outlook 2007 is compatible with earlier versions of Outlook. Upgrading typically
involves no more than customizing settings and then deploying Outlook on users' computers.
Note
This topic is for Outlook administrators. If you are experiencing difficulty upgrading
Outlook on your computer, see Upgrade Your Installation in the Microsoft Office Outlook
2007Help and Support page on Office Online.
This topic discusses the following items:
Issues to consider when planning an upgrade, including planning for cryptographic and security
needs, Microsoft Exchange Server upgrades, and so on.
Upgrading from an earlier version of Outlook, including configuring Outlook user profiles,
upgrading with Cached Exchange Mode already configured, upgrading from an Outlook Internet-
only (IMO) installation, choosing fax support, and supporting forms.
Upgrading from other mail and scheduling programs, including a table listing migration paths
supported by Office Outlook 2007.
Note
You cannot import MS Mail files to Office Outlook 2007, and you cannot share information
between Office Outlook 2007 and Schedule+.
104
• Should you make changes to Outlook user profiles as part of your upgrade? For
example, you might define a new Exchange server or enable new features of Office Outlook
2007. For more information about customizing Outlook profiles, see Install Outlook 2007 by
using the Office Customization Tool and Apply an Outlook Profile (PRF) File to configure
Outlook 2007 profiles.
• Does your organization use fax features or Outlook forms from earlier version of Outlook?
For more information, see Upgrading from an earlier version of Outlook later in this topic.
• How should you create and store a backup of your existing installation? Before upgrading
to any new release, it is wise to back up your existing data. For more information about
backing up Outlook files, see Back up Outlook data with the Microsoft Outlook Personal
Folders Backup tool.
• How will your users learn about the new interface and features of 2007 Office system? To
help them get started, you might direct them to Office Online demos such as The new
Microsoft Office user interface demo which allows users to try the new interface interactively.
Another helpful resource for transitioning to the ribbon user interface is Interactive: Word
2003 to Word 2007 command reference guide. (Guides are also available for Microsoft Office
Excel 2007 and Microsoft Office PowerPoint 2007.)
• Will any discontinued features or changed functionality affect when and how you
upgrade? For a list of changes from earlier versions of Microsoft Outlook, see Discontinued
features and modified functionality in Outlook 2007. A more technical discussion of changed
functionality is included in Changes in Outlook 2007.
Note
Office Outlook 2007 cannot coexist with previous versions of Outlook on the same
computer. If you determine that users need a previous version, do not install Office
Outlook 2007.
When you upgrade users from an earlier version of Outlook, you must make choices about
configuring user profiles, consider Cached Exchange Mode issues, and be aware of fax and
forms changes.
105
When you create a customization file for Outlook, you have several choices for retaining,
creating, or modifying user profiles. For example, you can create new default profiles for new
Outlook users and keep existing profiles for current Outlook users.
You can modify Outlook user profiles during an upgrade to configure a number of user options
and other features for your users, including defining default categories and default calendar
subscriptions and Really Simple Syndication (RSS) feeds. You can modify the default profile on
the user’s computer or define changes to profiles with a name you specify.
For more information about configuring Outlook profiles, see Install Outlook 2007 by using the
Office Customization Tool.
106
To manually import Windows Address Book data
1. On the File menu in Office Outlook 2007, click Import and Export.
2. Click Import Internet Mail and Addresses, and then click Next.
3. Click Outlook Express 4.x, 5.x, 6.x, and then click Next.
4. Choose how you want to handle entries that would duplicate any current Outlook
contacts, and then click Finish.
107
WinFax — an earlier faxing program that was integrated with Outlook — is uninstalled by Office
Outlook 2007. If the viewer is currently on a user's computer, it is uninstalled as part of the
upgrade process.
Note
You cannot import MS Mail files to Office Outlook 2007, and you cannot share information
between Office Outlook 2007 and Schedule+.
See Also
• Determine when to install Outlook 2007
108
How Outlook 2007 works with different
Exchange Server versions
Microsoft Office Outlook 2007 works well with a variety of e-mail servers, and you can take
advantage of an even richer feature set by using Outlook with the latest version of Microsoft
Exchange Server. Features of Office Outlook 2007 that work better with Microsoft Exchange 2007
include scheduling meetings, Offline Address Book (OAB) downloads, automatic configuration of
Exchange server accounts, and enhanced Out of Office functionality. In addition, some features of
Office Outlook 2007 require or work better with Microsoft Exchange Server 2003 or later.
Note
Using Office Outlook 2007 with Microsoft Exchange Server 5.5 is not supported.
Instant Search X
Exchange Server on which the user's mailbox resides is automatically X X (see note
found. below)
Scheduling Assistant helps users choose the most convenient times for X
meetings, including easy checking for conference room availability.
109
Office Outlook 2007 feature Exchange Exchange
2007 Server 2003
110
Note
For Exchange Server 2003 and earlier versions of Exchange, the server can be found
automatically only if the client machine is joined to a domain and the Exchange server
topology is installed within the same Active Directory organization as the user object.
111
packed, so more compressed data is included in each buffer. With these features, more data can
be transferred with fewer server calls. This is especially beneficial when users are synchronizing
across networks that charge by the byte of data that is transmitted. When large information sets
are downloaded—for example, when users update their mailboxes after they have been on
vacation—cost can be significantly lowered and the transaction can be shortened with these
improvements.
Another feature that users will notice is better status information about Cached Exchange Mode
synchronization. With Exchange Server 2003 or later, the Outlook status bar shows detailed
information about synchronization, such as:
• How many bytes have not been downloaded for the current folder
• How many items have not been downloaded in the current folder
• Approximately how long it will be until the current folder is synchronized
• Folder status, such as Up to Date and Last updated at date and time.
When it is used with Exchange Server 2003 or later, the Headers Only mode in Outlook provides
a 256-byte plain text preview that includes part of the message body, rather than showing just the
message header information. This message preview can help remote users to make better
decisions about whether to download a whole message—which, for example, might include a
large attachment.
Using Outlook with Exchange Server 2003 or later also helps to provide a better experience for
users in filtering junk e-mail messages. The Junk E-mail Filter in Outlook provides some support
for Outlook users with Cached Exchange Mode on versions of Exchange Server earlier than
Exchange Server 2003. The experience is much improved with Exchange Server 2003 or later. To
learn more about how Outlook junk e-mail filtering is supported with different versions of
Exchange Server, see Configure junk e-mail settings in Outlook 2007.
Several features that are new in Office Outlook 2007 also work better with Exchange 2007.
Instant Search works better with Exchange 2007 when you use Outlook in Online mode with a
mailbox server, because Outlook can use the index on Exchange Server 2007 for searching. To
enable Instant Search when you use Outlook with earlier versions of Exchange, you must
configure Outlook to index user mailboxes for each Exchange client. This extra step is required
because indexing in Outlook on the user's computer cannot be fully optimized, unlike the server
indexing service that is implemented for Exchange Server 2007.
If users are configured to use Cached Exchange Mode, Office Outlook 2007 indexes the search
locally, regardless of the Exchange server version. In addition, Office Outlook 2007 automatically
detects the user's Exchange server with Exchange Server 2007. Automatic detection is also
enabled under the following circumstances for earlier versions of Exchange: when the user's
computer is joined to a domain and when Exchange is in the same domain as the user account.
Note
You can configure Microsoft Exchange Server settings for Outlook profiles as part of your
Office Outlook 2007 deployment. For more information about using the Office
Customization Tool to customize Outlook profiles, see Specify Exchange settings in
Office Customization Tool in the 2007 Office system.
112
Additional resources
Additional information regarding how Outlook and Exchange versions work together is listed
below.
• Office Outlook 2007 includes the ability to automatically configure user accounts. To learn
how the discovery mechanisms work and how to modify an XML file to configure
AutoDiscover for your organization, download the Outlook Automatic Account Configuration
whitepaper.
• For a description of how Office Outlook 2007 and Exchange 2007 features work together
to provide a better experience for users, see Better together: do more with Microsoft Office
Outlook 2007 and Exchange Server 2007.
• For a chart comparing features in Exchange Server 2007, Exchange Server 2003, and
Exchange Server 2000, see Exchange Server Version Comparison.
• To learn more about Offline Address Book (OAB) Version 4, see OAB Version 4 in
Exchange Server 2003 Service Pack 2.
113
Plan a Cached Exchange Mode deployment
in Outlook 2007
When Microsoft Office Outlook 2007 is configured for Cached Exchange Mode, the user can
enjoy a better online and offline experience because a copy of the user's mailbox is stored on the
local computer.
When an Office Outlook 2007 account is configured to use Cached Exchange Mode, Office
Outlook 2007 works from a local copy of a user's Exchange mailbox stored in an Offline Folder
file (OST file) on the user's computer, along with the Offline Address Book (OAB). The cached
mailbox and OAB are updated periodically from the Exchange server.
Consider the following when you plan an Office Outlook 2007 deployment:
• Benefits of configuring Cached Exchange Mode
• Features your organization uses that might impact the effectiveness of using Cached
Exchange Mode
• Synchronization, disk space, and performance issues
• Management of Cached Exchange Mode in slow connection scenarios
• Staging an initial Cached Exchange Mode deployment
• Upgrading current Cached Exchange Mode users to Office Outlook 2007
• Deploying Cached Exchange Mode to users who already have OST files
• Using Group Policy to enforce Cached Exchange Mode settings
• Additional resources
114
Note
Outlook checks the network adapter speed on the user's computer to determine a user's
connection speed, as supplied by the operating system. Reported network adapter
speeds of 128 KB or lower are defined as slow connections. There might be
circumstances when the network adapter speed does not accurately reflect data
throughput for users. For more information about adjusting the behavior of Outlook in
these scenarios, see the section Managing Outlook behavior for perceived slow
connections later in this topic.
Outlook can adapt to changing connection environments by offering different levels of
optimization, such as disconnecting from a corporate local area network (LAN), going offline, and
then reestablishing a connection to the server via a slower dial-up connection. As your Exchange
server connection type changes—for example, to LAN, wireless, cellular, or offline—transitions
are seamless and never require changing settings or restarting Outlook.
For example, users might have a laptop computer at work with a network cable connection to a
corporate LAN. In this scenario, users have access to headers and full items, including
attachments. Users also have quick access and updates to the computer running Exchange
Server. If users disconnect their laptops from the LAN, Outlook switches to Trying to connect
mode. Users can continue to work uninterrupted with their data in Outlook. If they have wireless
access, Outlook can reestablish a connection to the server and then switch back to Connected
mode.
If the users later connect to the Exchange server by using dial-up access, Outlook recognizes
that the connection is slow and automatically optimizes for that connection by downloading only
headers and by not updating the Offline Address Book. In addition, Office Outlook 2007 includes
optimizations to reduce the amount of data sent over the connection. Users do not need to
change settings or restart Outlook during this scenario.
In addition to the Outlook 2003 Trying to connect and Connected modes, a new mode, Need
Password, is introduced in Office Outlook 2007. The mode displays when Outlook is in a
disconnected state but is not offline. This can happen, for example, when a user clicks Cancel in
a credentials authentication dialog box. When Outlook is disconnected but is not offline, a user-
initiated action (such as clicking Send/Receive) causes Outlook to prompt again for the password
and to display Connected mode, even though Outlook is disconnected and is waiting for a
password.
115
connections to Exchange data. The delays can occur unpredictably, rather than only when the
feature is accessed by the user.
In addition, the following features might rely on network access and can cause delays in Outlook
unless users have fast connections to Exchange data:
• Delegate access, when folders are not cached locally (local cache is the default)
• Opening another user's calendar or folder that are not cached locally (local cache is the
default)
• Using a public folder that is not cached
See Managing Outlook folder sharing in Synchronization, disk space, and performance
considerations later in this topic.
In Office Outlook 2007, shared folders that users access in other mailboxes are downloaded and
cached in the user's local OST file when Cached Exchange Mode is enabled. Only shared Mail
folders are not cached. For example, if a co-worker shares a calendar with a user and the user
opens it, Office Outlook 2007 starts caching the folder locally so that the user has offline access
to the folder and is insulated from network issues. However, if a manager delegates access to his
or her Inbox to a team member, accessing the folder is an online task and can cause response
delays.
We recommend that you disable or do not implement the following features, or combination of
features, if you deploy Cached Exchange Mode:
• Instant Messaging integration If users right-click the Person Names Smart Tag in an
e-mail message header, Outlook checks for free/busy status for that person. You can use
Group Policy to disable Instant Messaging integration. For more information, see Configuring
Instant Messaging integration options in Outlook 2007.
• The toast alert feature with digital signatures on e-mail messages Outlook must
check a network server to verify a digital signature. By default, Outlook displays a toast
message that contains a portion of an e-mail message when new messages arrive in a user's
Inbox. If the user clicks the toast message to open a signed e-mail message, Outlook uses
network access to check for a valid signature on the message.
• Multiple Address Book containers The Address Book typically contains the Global
Address List (GAL) and user Contacts folders. Some organizations configure subsets of the
GAL, which display in the Address Book. These subset address books can also be included
in the list that defines the search order for address books. If subset address books are
included in the search order list, Outlook might need to access the network to check these
address books each time a name is resolved in an e-mail message that a user is composing.
• Custom properties on the General tab in Properties dialog box for users The
Properties dialog box appears when you double-click a user name (for example, on the To
line of an e-mail message). This dialog box can be configured to include custom properties
unique to an organization, such as a user's cost center. If you add properties to this dialog
box, however, we recommend that you not add them to the General tab. Outlook must make
a remote procedure call (RPC) to the server to retrieve custom properties. Because the
General tab shows by default when the Properties dialog box is accessed, an RPC would be
performed each time the user accessed the Properties dialog box. As a result, a user
running Outlook in Cached Exchange Mode might experience noticeable delays when he or
116
she accesses this dialog box. To help avoid such delays, you should create a new tab on the
Properties dialog box for custom properties, or include custom properties on the
Phone/Notes tab.
Installing certain Outlook add-ins can affect Cached Exchange Mode. Some add-ins can access
Outlook data by using the object model to bypass the expected functionality of Headers Mode
(Download Headers Only) in Cached Exchange Mode. For example, full Outlook items—not just
headers—download if you use Microsoft ActiveSync technology to synchronize a hand-held
computer, even over a slow connection. In addition, the update process is slower than if you
download the items in Outlook, because one-off applications use a less-efficient type of
synchronization.
117
After users have a current OAB installed on their computers, only incremental updates to the
OAB are needed to help protect against unnecessary server calls. Outlook in Cached Exchange
Mode synchronizes the user's OAB with updates from the Exchange Server copy of the OAB
every 24 hours. You can help control how often users download OAB updates by limiting how
often you update the Exchange Server copy of the OAB. If there is no new data to synchronize
when Outlook checks, the user's OAB is not updated.
Note
Although users with a No Details OAB can use Outlook with Cached Exchange Mode, we
recommend that you install a Full Details OAB on users' computers. We also recommend
that users use the Unicode OAB. The ANSI OAB files do not include some properties that
are in the Unicode OAB files. Outlook must make server calls to retrieve required user
properties that are not available in the local OAB, which can result in significant network
access time when users do not have a Full Details OAB in Unicode format.
118
might find that Cached Exchange Mode provides better performance, while users who formerly
accessed Exchange in online mode might perceive reduced Outlook performance.
One factor that can contribute to reduced performance is a large OST file. If the user's OST file
grows too large (for example, larger than 1 GB), Outlook with Cached Exchange Mode
performance degrades. To improve response time in Outlook, users should either reduce the size
of their mailbox (for example, by archiving older files) or disable Cached Exchange Mode. To help
prevent large OST files, you can set a limit on the mailbox size in Exchange Server. You might
also choose to disable synchronizing shared non-mail folders or disable synchronizing users'
Public Folder Favorites if you previously enabled the option in your deployment of Cached
Exchange Mode.
119
When a slow connection to a user's Exchange server is detected, Outlook helps users have a
better experience by reducing the amount of less-critical information that is synchronized with the
Exchange server. Outlook makes the following changes to synchronization behavior for slow
connections:
• Switches to downloading headers only
• Does not download the Offline Address Book or OAB updates
• Downloads the body of an item and associated attachments only when requested by the
user
Outlook continues to synchronize with personal digital assistants (PDAs), and some client-side
rules may run.
Note
Synchronizing PDAs while using Cached Exchange Header Only Mode is not
recommended. When you synchronize a hand-held computer—for example, by using
ActiveSync—full items are downloaded in Outlook, and the synchronization process is
less efficient than with regular Outlook synchronization to users' computers.
The Headers Only mode of synchronization is designed for Outlook users with dial-up
connections or cellular wireless connections to minimize network traffic when there is a slow or
expensive connection.
There might be circumstances when the network adapter speed does not accurately reflect data
throughput for users. For example, if a user's computer is on a local area network for fast access
to local file servers, the network adapter speed is reported as fast because the user is connected
to a local area network (LAN). However, the user's access to other locations on an organization's
network—including the Exchange server—might use a slow link, such as an ISDN connection.
For a scenario like this, where users' actual data throughput is slow although their network
adapters report a fast connection, you might want to configure an option to change or lock down
the behavior of Outlook—for example, by disabling automatic switching to downloading only
headers and configuring Outlook to download only headers. Similarly, there might be connections
that Outlook has determined are slow in which users actually have high data throughput. In this
scenario, you might also disable automatic switching to downloading only headers.
The setting you configure to change the behavior of Outlook for reported connection speed is the
On slow connections, download only headers check box. You can configure this option in the
OCT, or lock down the option by using Group Policy. For more information about customizing this
setting, see Configure Cached Exchange Mode Group Policy settings in Outlook 2007.
120
Caution
If most users are updated to use Cached Exchange Mode at once and then start Outlook
at the same time (for example, on a Monday morning after a weekend upgrade), the
Exchange servers will have significant performance issues.These performance issues
can sometimes be mitigated; for example, if most of the users in your organization have
current OST files. But in general, staging deployment of Cached Exchange Mode over a
period of time is recommended.
The following scenarios include examples of how you could deploy Cached Exchange Mode to
avoid a large initial performance impact on the Exchange servers and—in some cases—minimize
the time users spend waiting for the initial synchronization:
• Retain Outlook OST files while deploying Cached Exchange Mode. Since existing
OST files are merely updated with the latest mailbox information when Outlook with Cached
Exchange Mode starts for the first time, retaining these files when you deploy Cached
Exchange Mode can help reduce the load on your organization's Exchange servers. Users
who already have OST files will have less Outlook information to synchronize with the server.
This scenario works best when most users already have OST files that have recently been
synchronized with Exchange Server. To retain OST files while you deploy Outlook with
Cached Exchange Mode, do not specify a new Exchange server when you customize
Outlook profile information in the OCT. Alternatively, when you customize Outlook profiles,
clear the Overwrite existing Exchange settings if an Exchange connection exists (only
applies when modifying the profile) check box.(If you specify an Exchange server when
you configure and deploy Outlook with this option enabled, Outlook replaces the Exchange
service provider in the MAPI profile, which removes the profile's entry for existing OST files.)
• Provide seed OST files to remote users, and then deploy Cached Exchange Mode
after users have installed the OST files you provide. If most users in your organization
do not currently have OST files or are not using Cached Exchange Mode, you can deploy
Office Outlook 2007 with Cached Exchange Mode disabled. Then, before the date on which
you plan to deploy Cached Exchange Mode, you provide initial or "seed" OST files to each
user with a snapshot of the user's mailbox; for example, by providing or mailing to the user a
CD that contains the file with installation instructions. You might also want to provide a recent
version of your organization's Office Address Book (OAB) with Full Details. You configure and
deploy Cached Exchange Mode when users confirm that they have installed the files.
Note
For more information about creating initial OST files, see Providing an initial OST file for
an Outlook Cached Exchange Mode deployment. The article describes creating initial
OST files for Microsoft Office Outlook 2003; the process works similarly for Office Outlook
2007.
When you update your Outlook deployment to use Cached Exchange Mode later, the Exchange
server updates users' existing OST files and there is much less data to synchronize than there
would be if a new OST and OAB were created for each user. Creating individual CDs for each
user's OST file can be time consuming, so this procedure might be most useful for select groups
of remote users who would otherwise spend a lot of time waiting for the initial mailbox and OAB
synchronization, perhaps at a high cost, depending on their remote connection scenario.
121
• Deploy Outlook with Cached Exchange Mode to groups of users at a time. You can
balance the workload on your Exchange servers and the local area network by upgrading
groups of users to Cached Exchange Mode over a period of time. The network traffic and
server-intensive work of populating OST files with users' mailbox items and downloading the
OAB are mitigated by rolling out the new feature in stages. The way that you create and
deploy to groups of users depends on your organization's usual deployment methods. For
example, you might create groups of users in Microsoft Systems Management Server (SMS),
to which you would deploy an SMS package that updates Outlook to use Cached Exchange
Mode. You would deploy SMS to each group over a period of time. To balance the load as
much as possible, choose groups of users whose accounts are spread across groups of
Exchange servers.
122
Deploying Cached Exchange Mode to users who already have
OST files
Some Microsoft Outlook users who connect to Microsoft Exchange in online mode might have
OST files. There are several issues to consider when you configure Cached Exchange Mode for
these users:
• Users with large Exchange mailboxes If users with existing OST files have large
Exchange mailboxes, they might experience errors when Outlook attempts to synchronize
their mailboxes to their OST files. To help prevent this, you can first configure a Group Policy
setting that requires new Outlook files to be Unicode-formatted, since Outlook Unicode files
do not have the 2-GB size limit that Outlook ANSI files do.
Then, when Outlook is deployed with Cached Exchange Mode, Outlook creates a new
Unicode OST file for users that currently have ANSI OST files. Users' existing OST and OAB
files are not removed.
• Users without a Full Details Offline Address Book (OAB) For users who have not
downloaded a Full Details Offline Address Book (OAB), a Full Details OAB is downloaded
when Cached Exchange Mode synchronizes for the first time. Existing OAB files, including
files for a No Details OAB, are not removed. Depending on several factors—including the
version of Exchange Server you are using, your Exchange server Unicode settings, and the
Outlook client Unicode settings—the new OAB files might be Unicode.
If Unicode OAB files are created and users have ANSI OAB files (with Full Details or No
Details), the ANSI OAB files are not removed.
If the Exchange Server version and settings support Unicode, you can require that new Outlook
files are Unicode. For more information about configuring the default format for new Outlook files
to be Unicode, see "To specify Unicode for new Outlook files" in Configure Cached Exchange
Mode Group Policy settings in Outlook 2007.
Additional resources
Refer to the resources listed below for additional information relevant to planning a Cached
Exchange Mode deployment.
123
• When you use Microsoft Office Outlook 2003 or 2nd_Outlook12 with Microsoft Exchange
Server-based systems, you can use Cached Exchange Mode and other features to enhance
the user experience regarding issues such as high latency, loss of network connectivity, and
limited network bandwidth. Download the Client Network Traffic with Exchange 2003 white
paper to learn about these new enhancements.
• You can make changes to your configuration that improve the user experience in areas
such as high latency, loss of connectivity, and limited bandwidth. For more information,
download the Enabling a Superior Client Experience with Outlook 2003 whitepaper.
• Office Outlook 2007 includes the ability to automatically configure user accounts.
Download the Outlook Automatic Account Configuration whitepaper to learn how the
discovery mechanisms work and how to modify an XML file to configure AutoDiscover for
your organization.
124
Plan Outlook 2007 Offline Address Book
deployment
When you use Microsoft Outlook with Microsoft Exchange Server, Outlook uses the Offline
Address Book (OAB) to provide offline access to directory information from the global address list
(GAL) when users work offline or are configured to use Cached Exchange Mode. When a user
starts Outlook in Cached Exchange Mode for the first time, the user's Exchange mailbox is
synchronized to a local offline folder (OST) file, and the offline address list from the Exchange
server typically is synchronized to a collection of OAB files on the user's computer.
When you plan to configure users to use Cached Exchange Mode, you can take steps to help
avoid network delays when users start Outlook and Outlook begins caching information locally on
their computers. More information about staging a Cached Exchange Mode deployment is
included in Plan a Cached Exchange Mode deployment in Outlook 2007.
Detailed information about deploying and managing the OAB with Microsoft Exchange 2003 is
included in the Offline Address Book Best Practices Guide on TechNet's Exchange TechCenter.
The guide focuses on Microsoft Office Outlook 2003 and Microsoft Exchange Server 2003. Much
of the information is also helpful for understanding and working with the OAB when you deploy
Microsoft Office Outlook 2007.
The following chapters are particularly important for understanding how Outlook and Exchange
versions and service packs work together to provide the best experience with the OAB, and for
following best practices when you deploy the OAB. There is also a resources section with links to
helpful additional information.
• Deployment Scenarios for Outlook 2003. This topic discusses a variety of offline
address book best practices to use when you deploy Outlook 2003. This topic also discusses
offline address book best practices to use when you upgrade from Microsoft Exchange
Server 5.5, perform site consolidations and mergers, and stage Offline Address Book
deployments.
• Improvements for Offline Address Books. This topic describes recent improvements
that have been made to offline address books. Both Exchange Server 2003 and Outlook
2003 introduced Offline Address Book v3(a), which included improvements to the offline
address book. Service Pack 1 (SP1) for Exchange Server 2003 and Service Pack 1 (SP1) for
Outlook 2003 included additional enhancements to the offline address book. Exchange
Server 2003 SP2 and Outlook 2003 SP2 introduce Offline Address Book version 4 (OAB v4).
OAB v4 includes significant performance improvements and other improvements over
previous versions of the Offline Address Book.
• Offline Address Book Best Practices Guide Resources. This section includes links to
Knowledge Base articles and other technical articles, WebCasts, and related Web sites that
might help you understand how to work with the OAB.
See Also
• Administering the offline address book in Outlook 2003 and Outlook 2007
125
Considerations when installing Outlook 2007
in a Terminal Services environment
In this article:
• Outlook features that are disabled with Terminal Services
• Enabling remote sound
• Unlocking registry settings
By using Microsoft Windows Terminal Services, you can use Microsoft Office Outlook 2007
without upgrading every computer in your organization. Users can work in the latest 2007
Microsoft Office system environment even when their computers have limited hard disk space,
memory, or processing speed.
Windows Terminal Services allows you to run Microsoft Windows–based programs on a server
and display the programs remotely on client computers. For example, you can install a single
copy of Office Outlook 2007 on a Windows Terminal Services computer. Instead of running
Outlook locally, multiple users can connect to the server and run Outlook from the Windows
Terminal Services computer.
Note
Learn more about installing applications in the 2007 Office system in Deploy the 2007
Office system in a Windows Terminal Services environment.
There are some limitations when you use Terminal Services with Outlook. For example, you
cannot use Outlook with Cached Exchange Mode when you run Outlook on Windows Terminal
Services.
126
You cannot change the status; however, if the Exchange Client Extension is already on, the
extension should work correctly.
• Adding stationery that was not included with Outlook as part of the Terminal Services
installation.
• Outlook animations are disabled.
Examples of Outlook animations include Send/Receive animation and the Search Folder
creation icon.
Configure the settings for remote computer sound on the RDC client
1. Click Start, point to All Programs, point to Accessories, point to Communications,
and then click Remote Desktop Client.
2. In the Remote Desktop Connection dialog box, click Options.
3. Click the Local Resources tab.
4. In the Remote Computer Sound section, click Bring to this Computer in the drop-
down list.
5. Click Connect to use the new settings.
6. Click Start, point to Control Panel, click Sound, and then click the Sounds tab.
7. In the Program section, locate Windows\Default Beep and assign a *.WAV file; you
can reassign the Windows Notify.wav file from the New Mail Notification to the
Windows\Default Beep.
8. Click OK.
127
Planning for security and protection in
Outlook 2007 (Office Resource Kit)
In this chapter:
Use Outlook 2007 to help protect messages
Plan for e-mail messaging cryptography
How users manage cryptographic digital IDs in Outlook 2007
Plan for configuring security settings in Outlook 2007
How administrator and user security settings interact in Outlook 2007
Plan for Outlook 2007 security in special environments
Plan for limiting junk e-mail in Outlook 2007
128
Use Outlook 2007 to help protect messages
You have two main options for helping to protect messages in Microsoft Office Outlook 2007 from
unauthorized use, tampering, or change: 1) cryptographic messaging using the S/MIME standard,
and 2) Information Rights Management (IRM). While both of these options can help protect
messages your users send and receive, they work differently and are each best suited for
different scenarios.
S/MIME is a standard for sending digitally signed and encrypted e-mail messages. Using S/MIME
in Outlook is the preferred way to:
• Sign a message to prove the identity of the sender. S/MIME is the only option the 2007
Microsoft Office system supports for digital signatures. It is not possible to tamper with an
IRM message, and in this way it is similar to a signed message. But IRM protection is more
limited because there are no authorities that attest to the identities of the senders, and the
Outlook user interface does not show information about the identity of the sender.
• Help ensure that Internet e-mail messages are not vulnerable to attackers that use
software to monitor and intercept e-mail traffic over the Internet. The focus is on the Internet,
as that is where point-to-point encryption is most valuable and where interoperability
standards are most important.
The biggest value in using S/MIME is when users send and receive e-mail messages outside
corporate boundaries, where they are not protected by the corporate firewall.
Another feature that can help to protect messages in Outlook is IRM. IRM gives organizations
and information workers greater control over sensitive information. IRM is the preferred way to
help to:
• Protect e-mail conversations containing sensitive information by restricting the ability to
forward or copy the messages in an e-mail thread. The reasons to use IRM have little to do
with whether an unauthorized person outside the organization—for example, a hacker on the
Internet—will intercept the communication. Instead, IRM is used most efficiently when the
sender is concerned that the intended recipient will share the information inappropriately.
• Prevent people from using out-of-date information by enforcing message expiration. With
IRM, expiration dates on messages are enforced, unlike expiration dates set on messages
without IRM.
The biggest value for IRM is within the corporation, where employees need to share information
while maintaining some control over who has access to this information IRM is especially helpful
in ensuring that this information does not leak outside the corporate firewall.
See Also
• Plan for e-mail messaging cryptography
129
Plan for e-mail messaging cryptography
Microsoft Office Outlook 2007 supports security-related features to help users send and receive
cryptographic e-mail messages. These features include cryptographic e-mail messaging, security
labels, and signed receipts.
Note
To obtain full security functionality in Outlook, you must install Outlook with local
administrative rights.
130
You can customize these security settings for users in advance. You can use registry settings or
Group Policy settings to customize Outlook to meet your organization's cryptographic policies and
to configure (and enforce, with Group Policy) the settings you want in the security profiles. These
settings are described in the table in Set consistent Outlook 2007 cryptography options for an
organization.
131
Classes of encryption strengths
There are two classes of encryption key strengths available from Microsoft: high (128-bit) and low
(40-bit). Microsoft provides 128-bit encryption capabilities in Windows 2000 and Windows XP, the
operating systems required for the 2007 Microsoft Office system. Ensuring that users have
software versions that support high encryption helps to provide a high level of security-enhanced
e-mail messaging.
Additional resources
The Outlook Security Labels application programming interface (API) creates security label policy
modules that define the sensitivity of message content in your organization. For a detailed
description of creating policy modules and code samples, see the MSDN article Creating
Security Label Policy Modules.
Public key cryptography can help you maintain security-enhanced e-mail systems. For more
information about the use of public key cryptography in Outlook, search for the Outlook 98
Security whitepaper in the Knowledge Base search page of the Microsoft Product Support
Services Web site.
Microsoft Exchange Key Management Server version 5.5 issues keys for Microsoft Exchange
Server security only. Microsoft Exchange Key Management Server 5.5 Service Pack 1 supports
both Exchange security and S/MIME security. For more information, see the Microsoft Exchange
Server version 5.5 Resource Guide in the Microsoft BackOffice Resource Kit, Second Edition.
132
How users manage cryptographic digital IDs
in Outlook 2007
Microsoft Office Outlook 2007 provides ways for users to manage their digital IDs—the
combination of a user's certificate and public and private encryption key set. Digital IDs help to
keep users' e-mail messages secure by letting them exchange cryptographic messages.
Managing digital IDs includes:
• Obtaining a digital ID. For more information about how users can acquire a digital ID, see
the Outlook Help topic Get a Digital ID.
• Storing a digital ID, so you can move the ID to another computer or make it available to
others.
• Providing a digital ID to others.
• Exporting a digital ID to a file. This is useful when the user is creating a backup or moving
to a new computer.
• Importing a digital ID from a file into Outlook. A digital ID file might be a user's backup
copy or might contain a digital ID from another user.
• Renewing a digital ID that has expired.
A user who performs cryptographic messaging at more than one computer must copy his or her
digital ID to each computer.
133
Internet directory service (LDAP)
External directory services, certificate authorities, or other certificate providers can publish their
users' certificates through an LDAP directory service. Outlook allows access to these certificates
through LDAP directories.
Windows file
Digital IDs can be stored on users' computers. Users export their digital ID to a file by using the
Import/Export option in the Trust Center under the Tools menu option. They can encrypt the file
when they create it by providing a password.
134
Renewing keys and certificates
A time limit is associated with each certificate and private key. When the keys provided by the
Microsoft Exchange Key Management Server approach the end of the designated time period,
Outlook displays a warning message and offers to renew the keys. Outlook prompts the user,
offering to send the renewal message to the server on each user's behalf.
If users do not choose to renew a certificate before it expires, or if they use another certificate
authority rather than KMS, the user must contact the certificate authority to renew the certificate.
135
Plan for configuring security settings in
Outlook 2007
You can customize many of the security-related features in Microsoft Office Outlook 2007,
including limiting automated access to address books and managing users' access to
attachments.
Caution
Outlook is configured with high security-related settings by default. High security levels
can result in limitations to Outlook functionality, such as restrictions on e-mail message
attachment file types. Be aware that lowering any default security settings might increase
the risk of virus execution or propagation. Use caution and read the documentation
before you modify these settings.
136
Scenarios for using Group Policy security settings
• A Microsoft Exchange 2007 environment without public folders. All client computers use
Outlook.
• An Exchange 2007 environment without public folders. Client computers with Office
Outlook 2007 use Group Policy security settings, and client computers with other versions of
Outlook depend on default security or the security form.
• An environment without Exchange Server. All client computers use Outlook.
137
You can also customize how Outlook runs ActiveX controls in one-off forms. For more information
about customizing how ActiveX controls behave in one-off forms, see Customize Active X and
custom forms security settings in Outlook 2007.
138
How administrator and user security settings
interact in Outlook 2007
Security settings defined by the user through the Microsoft Office Outlook 2007 user interface
work as if they are included in the Group Policy settings you define as the administrator. When
there is a conflict between the two, settings with a higher security level override settings with a
lower security level.
The following list describes specific interactions between Group Policy security settings and
security settings that a user defines in Outlook.
• Display Level 1 attachments. When this Group Policy is set, all file types that were set
to Level 1 security are set to Level 2 security. If a user wants to block a file type, the user can
customize the list in Outlook to block access to specific types of attachments.
• Add file extensions to block as Level 1. If you use this Group Policy setting to create a
list of Level 1 file types, the list overrides the default list provided with Outlook and overrides
user's settings for Level 1 file types. Even if you allow users to remove file types from the
default Level 1 group of excluded file types, users cannot use Group Policy to remove file
types that were added to the list.
For example, if the user wants to remove the file types EXE, REG, and COM from the Level 1
group, but you use the Add Level 1 file extensions Group Policy setting to add EXE as a
Level 1 file type, the user can only remove REG and COM files from the Level 1 group in
Outlook.
• Remove file extensions blocked as Level 1. The user's list is combined with the list
you set in Group Policy to determine which Level 1 items are set to Level 2.
• Add file extensions to block as Level 2. If a user changes Level 1 files to Level 2 files,
and those file types are listed in Group Policy as Level 2 extensions, the files are treated as
Level 2 attachments.
• Remove file extensions blocked as Level 2. There is no interaction with this setting.
• Allow users to demote attachments to Level 2. This setting allows a user to change a
Level 1 attachment to Level 2. If you do not configure this Group Policy setting, the default
behavior in Outlook is to ignore the user's list.
See Also
• Attachment file types restricted by Outlook 2007
139
Plan for Outlook 2007 security in special
environments
When you use Group Policy to configure security settings for Microsoft Office Outlook 2007, there
are issues to consider when your environment includes one or more of the following:
• Users who access their mailboxes by using a hosted Exchange Server.
• Users with administrative rights on their computers.
• Users who access Exchange mailboxes by using Outlook Web Access.
140
Users with an Outlook Web Access environment
Outlook and Outlook Web Access (OWA) do not use the same security model. OWA has separate
security settings stored on the OWA server.
141
Plan for limiting junk e-mail in Outlook 2007
Microsoft Office Outlook 2007 includes features that can help users avoid receiving and reading
junk e-mail messages, including the Junk E-mail Filter and disabling automatic content download
from external servers.
Note
This topic is for Outlook administrators. To configure Outlook junk e-mail options on your
computer, see Junk E-mail Filter options.
The filtering manager helps users avoid reading junk e-mail messages. The filter is on by default
and the protection level is set to Low, which is designed to filter the most obvious junk e-mail
messages. The filter replaces the rules for processing junk e-mail messages in previous versions
of Outlook (prior to Microsoft Outlook 2003). The filter incorporates technology built into the
software to evaluate e-mail messages to determine if the messages are likely to be junk e-mail, in
addition to filtering lists that automatically block or accept messages to or from specific senders.
Automatic picture download settings help reduce the risk of Web beacons activating in e-mail
messages by automatically blocking the download of pictures, sounds, and other content from
external servers in e-mail messages. Automatic content download is disabled by default.
Configure junk e-mail settings in Outlook 2007 contains more information about configuring how
external content is downloaded.
This topic discusses how the Outlook Junk E-mail Filter works, and how you can configure the
Junk E-mail Filter to meet the needs of your organization. For example, you can configure the
filter to be more aggressive, though this might also cause it to filter more legitimate messages.
Rules that are not part of junk e-mail management are not affected.
142
Supported account types
Office Outlook 2007 supports junk e-mail filtering for the following account types:
• Microsoft Exchange Server e-mail accounts in Cached Exchange Mode
• Microsoft Exchange Server e-mail accounts when mail is delivered to a Personal Folders
file (PST file)
• HTTP accounts
• POP accounts
• MSN Hotmail accounts
• IMAP accounts
The following account types are not supported for Outlook junk e-mail filtering:
• Microsoft Exchange Server e-mail accounts in Online (MDB) mode
• Third-party MAPI providers
Information about what junk e-mail filtering options are available with Exchange Server is
included in the next section, Support in different versions of Exchange Server.
In scenarios in which POP e-mail messages are downloaded into an Exchange Online (MDB)
mailbox, Outlook blocks junk e-mail messages for the user's POP e-mail; however, Outlook does
not block Exchange Online junk e-mail messages.
143
Upgrading from a previous installation of Outlook
before Outlook 2003
When a user's previous version of Outlook (earlier than Outlook 2003) is upgraded to Office
Outlook 2007, the rules that previously handled junk e-mail messages are removed. The existing
rules and files used by the old filter are not migrated. The existing rules are handled as follows:
• Rules created by the old filter
With the previous rules filter for junk e-mail messages, users could create up to three client-
side rules for their mailbox: Adult Content Rule, Junk E-mail Rule, and Exception List.
Outlook removes these rules from the user's mailbox when Outlook 2003 starts for the first
time on the user's computer. This means that Outlook 2003 always disables the previous junk
e-mail filter.
• Files that contain the Adult Senders list and the Blocked Senders list
These text files are left on the user's computer, but Outlook no longer uses the files.
144
• Safe Senders list
E-mail messages received from the e-mail addresses in the list or from any e-mail address
that includes a domain name in the list are never treated as junk e-mail.
• Safe Recipients list
E-mail messages sent to the e-mail addresses in the list or to any e-mail address that
includes a domain name in the list are never treated as junk e-mail.
• Blocked Senders list
E-mail messages received from the e-mail addresses in the list or from any e-mail address
that includes a domain name in the list are always treated as junk e-mail.
If a domain name or e-mail address is on both the Blocked Senders list and the Safe Senders list,
the Safe Senders list takes precedence over the Blocked Senders list. This reduces the risk that
mail that users want might be treated as junk e-mail by mistake. The lists are stored on the server
and are available if users roam.
To deploy the Junk E-mail Filter lists, you create the lists on a test computer and distribute the
lists to your users. The lists you provide are default lists; they cannot be locked down by policy.
For more information about deploying default lists, see Create and deploy Junk E-mail Filter lists
in Outlook 2007.
See Also
• Configure junk e-mail settings in Outlook 2007
• Create and deploy Junk E-mail Filter lists in Outlook 2007
145
IV Planning for Group Policy for the 2007
Office system
In this section:
Group Policy overview (2007 Office)
146
Group Policy overview (2007 Office)
Group Policy is an infrastructure that administrators can use to implement specific computing
configurations for users and computers. Policy settings can also be applied to member servers
and domain controllers within the scope of an Active Directory forest. Administrators use Group
Policy to define configurations once and then rely on the operating system to enforce that state.
Group Policy settings are contained in Group Policy objects (GPOs), which are linked to selected
Active Directory directory service containers — sites, domains, or organizational units (OUs). The
settings within GPOs are evaluated by the affected targets using the hierarchical nature of Active
Directory.
The Group Policy infrastructure consists of a Group Policy engine and several individual
extensions. These extensions are used to configure Group Policy settings, either by modifying the
registry through the Administrative Templates extension, or setting Group Policy settings for
security settings, software installation, folder redirection, Internet Explorer Maintenance, wireless
network settings, and other areas.
Each Group Policy extension consists of two extensions:
• A server-side extension of the Group Policy Object Editor Microsoft Management
Console (MMC) snap-in, used to define and set the policy settings applied to client
computers.
• A client-side extension that the Group Policy engine calls to apply policy settings.
The 2007 Microsoft Office system system policy settings are contained in Administrative Template
(.adm) files. For more information, see the Administrative Templates section.
The following sections provide an overview of Group Policy concepts. For more detailed
information, see Group Policy Collection (http://go.microsoft.com/fwlink/?LinkId=80200) on the
Microsoft TechNet site.
In this topic
Local and Active Directory-based Group Policy
Group Policy processing
Group Policy application
Targeting the application of Group Policy Objects
Administrative Templates extension
User Preferences and True Policies
Group Policy Management Tools
Office Customization Tool and Group Policy
147
based GPOs. However, settings in domain GPOs always take precedence, since they are
processed after the local GPO.
Although you can configure local Group Policy objects on individual computers, maximum
benefits of Group Policy are realized in a Windows 2000 or Windows Server 2003-based network
with Active Directory installed.
Administrators can implement Group Policy settings for as broad or as narrow a part of their
organization as necessary. To do this, administrators link GPOs to sites, domains, and OUs. GPO
links affect users and computers as follows:
• GPOs linked to a site apply to all users and computers in the site.
• GPOs linked to a domain apply directly to all users and computers in the domain and by
inheritance to all users and computers in child OUs. Group Policy is not inherited across
domains.
• GPOs linked to an OU apply directly to all users and computers in the OU and, by
inheritance, to all users and computers in child OUs.
When a GPO is created, it is stored in the domain. When the GPO is linked to an Active Directory
container, such as an OU, the link is a component of that Active Directory container. The link is
not a component of the GPO.
Administrators must have GPO creation privileges to create a GPO. By default, only domain
administrators, enterprise administrators, and members of the Group Policy creator owners group
can create Group Policy objects. You must have edit permissions for the GPO that you want to
edit.
For more detailed information about Group Policy infrastructure, see Group Policy Collection
(http://go.microsoft.com/fwlink/?LinkId=80200) on the Microsoft TechNet site.
The Windows Vista and Windows Server® 2008 operating systems introduce new functionality for
managing local GPOs that gives stand-alone computer administrators the ability to apply multiple
Group Policy objects to users of stand-alone computers.
Multiple local GPOs: changes in Windows Vista and Windows Server 2008
Windows Vista and Windows Server 2008 provide support for managing multiple local GPOs on
stand-alone computers. This capability is useful for managing environments that involve shared
computing on a single computer, such as libraries or computer labs. You can assign multiple local
GPOs to local users or built-in groups.
In a workgroup environment, each computer maintains its own policy settings. This feature works
with domain-based Group Policy, or it can be disabled through a Group Policy setting.
Administrators can use multiple local GPOs to do the following:
• Apply different levels of local Group Policy to local users on a stand-alone computer. This
capability is ideal for shared computing environments where domain-based management is
not available.
• Manage Group Policy based on groups of administrators and non-administrators. For
example, if administrators want to set up computers in a computer lab to configure a secure
environment, they can create highly managed policy settings for User groups and lightly
managed policy settings for built-in Administrator accounts. This obviates the need for local
148
administrators to explicitly disable or remove Group Policy settings that interfere with their
ability to manage the workstation before they perform administrative tasks. Windows Vista
administrators can also turn off local Group Policy settings without explicitly enabling domain-
based Group Policy.
Domain administrators can disable the processing of local Group Policy objects on clients running
Windows Vista by enabling the Turn off Local Group Policy objects processing policy setting
in a domain Group Policy object. This setting is accessed under Computer
Configuration\Administrative Templates\System\Group Policy.
Windows Vista provides three layers of local Group Policy objects: local Group Policy,
Administrator and Non-Administrators Group Policy, and user-specific local Group Policy. These
layers of local Group Policy objects are processed according to the following order:
• Local Group Policy
• Administrators and Non-Administrators Group Policy
• User-specific local Group Policy
For detailed information about using the multiple local GPOs feature in Windows Vista, see the
Step-by-Step Guide to Managing Multiple Local Group Policy Objects on the Microsoft TechNet
Web site.
149
no other settings can write over the settings in that GPO. If more than one Enforced GPO
exists, the same setting in each GPO may be set to a different value. In this case, the link
order of the GPOs determines which GPO contains the final settings.
• At any domain or organizational unit, Group Policy inheritance can be selectively
designated as Block Inheritance. However, because Enforced GPOs are always applied and
cannot be blocked, blocking inheritance does not prevent the application of policy settings
from Enforced GPOs.
Policy inheritance
Policy settings in effect for a user and computer are the result of the combination of GPOs
applied at a site, domain, or OU. When multiple GPOs apply to users and computers in those
Active Directory containers, the settings in the GPOs are aggregated. By default, settings
deployed in GPOs linked to higher level containers (parent containers) in Active Directory are
inherited to child containers and combine with settings deployed in GPOs linked to the child
containers. If multiple GPOs attempt to set a policy setting with conflicting values, the GPO with
the highest precedence sets the setting. GPOs that are processed later have precedence over
GPOs that are processed earlier.
150
of time it takes for the logon dialog box to appear and the length of time it takes for the desktop to
become available to the user.
Notes:
• Logon Optimization is not enabled and policies are processed synchronously when
the user logs on for the first time, the user has a roaming profile, the user has a HomeDir,
and the user has a logon script specified in the User object. Folder Redirection and
Group Policy Software Installation require a synchronous application of policy. Under
these conditions, computer startup can still be asynchronous. However, since logon is
synchronous, logon does not exhibit optimization.
• Client computers running Windows XP Professional, Windows XP 64-bit Edition
(Itanium), and Windows Server 2003 operating systems support Fast Logon Optimization
in any domain environment.
• For servers, startup and logon processing always behaves as if this policy setting is
enabled.
Administrators can disable the Fast Logon Optimization feature with the Always wait for the
network at computer startup and logon policy setting, which is accessed in the Computer
Configuration\Administrative Templates\System\Logon node of Group Policy Object Editor.
When this policy setting is enabled, logons are performed in the same way as they are for
Windows 2000 clients. This means that Windows XP waits for the network to be fully initialized
before users are logged on. Group Policy is applied synchronously in the foreground.
Setting Default
IP Security ON
EFS ON
Wireless ON
Scripts OFF
IE maintenance ON
151
Administrators can use a policy setting to override the default setting. To specify settings for
Group Policy slow link detection for computers, use the Group Policy slow link detection policy
setting in the Computer Configuration\Administrative Templates\System\Group Policy node
of Group Policy Object Editor.
To set this option for users, use the Group Policy slow link detection policy setting in User
Configuration\Administrative Templates\System\Group Policy.
For more information about managing Group Policy over slow links, see Specifying Group Policy
for Slow Link Detection (http://go.microsoft.com/fwlink/?LinkId=80435) on the Microsoft TechNet
site.
152
Administrators can use security filtering and WMI filtering to modify the set of users and
computers to which to apply a GPO.
Administrators can also use the Loopback processing feature to ensure that the same set of
policy settings is applied to any user that logs on to a specific computer.
Security filtering
This method is used to specify that only specific security principals within a container where the
GPO is linked apply the GPO. Administrators can use security filtering to narrow the scope of a
GPO so that the GPO applies only to a single group, user, or computer. Security filtering cannot
be used selectively on different settings within a GPO.
The GPO applies to a user or computer only if that user or computer has both Read and Apply
Group Policy (AGP) permissions on the GPO, either explicitly or effectively though group
membership. By default, all GPOs have Read and AGP set to Allowed for the Authenticated
Users group, which includes users and computers. This is how all authenticated users receive the
settings of a new GPO when the GPO is applied to an organizational unit, domain, or site.
By default, Domain Admins, Enterprise Admins, and the local system have full control
permissions, without the Apply Group Policy access-control entry (ACE). Administrators are
153
also members of Authenticated Users. This means that, by default, administrators receive the
settings in the GPO. These permissions can be changed to limit the scope to a specific set of
users, groups, or computers within the organizational unit, domain, or site.
The Group Policy Management Console (GPMC) manages these permissions as a single unit
and displays the security filtering for the GPO on the GPO Scope tab. In GPMC, groups, users,
and computers can be added or removed as security filters for each GPO. For information about
GPMC, see the Group Policy Management Tools section.
Loopback processing
Loopback processing is an advanced Group Policy setting that is useful on computers in some
closely managed environments, such as servers, kiosks, laboratories, classrooms, and reception
areas. Setting loopback causes the User Configuration policy settings in GPOs that apply to the
computer to be applied to every user logging on to that computer, instead of (in Replace mode)
or in addition to (in Merge mode) the User Configuration settings of the user. Administrators can
use this feature to ensure that a consistent set of policy settings is applied to any user that logs
on to a specific computer, regardless of the user's location in Active Directory.
To set Loopback processing, administrators can use the User Group Policy loopback
processing mode policy setting, which is accessed under Computer
Configuration\Administrative Templates\System\Group Policy in Group Policy Object Editor.
To use the Loopback processing feature, both the user account and the computer account must
be in a Windows 2000 or later domain. Loopback does not work for computers joined to a
workgroup.
154
For more information about targeting the application of GPOs, see Controlling the Scope of
Group Policy Objects using GPMC (http://go.microsoft.com/fwlink/?LinkId=80462) on the
Microsoft TechNet site.
155
• excel12.adm: Microsoft Office Excel 2007
• groove12.adm: Microsoft Office Groove 2007
• ic12.adm: Microsoft Office InterConnect 2007
• inf12.adm: Microsoft Office InfoPath 2007
• onent12.adm: Microsoft Office OneNote 2007
• outlk12.adm: Microsoft Office Outlook 2007
• ppt12.adm: Microsoft Office PowerPoint 2007
• proj12.adm: Microsoft Office Project 2007
• pub12.adm: Microsoft Office Publisher 2007
• spd12.adm: Microsoft Office SharePoint Designer 2007
• visio12.adm: Microsoft Office Visio 2007
• word12.adm: Microsoft Office Word 2007
Administrators can use the 2007 Office system policy settings for tasks such as the following:
• Managing security settings for the 2007 Office system applications
• Preventing connections to the Internet from the 2007 Office system applications
• Hiding or disabling 2007 Office system user interface settings that might be confusing to
users or unnecessary for users to perform their work
• Creating highly managed or less restricted, standard configurations of users' computers
• Setting default File Save options for the 2007 Office system applications to prepare for
migration from earlier versions of Office
For example, administrators can use Group Policy to disable, enable, or configure most of the
settings that control the Office user interface, such as:
• Menu commands
• Shortcut keys
• Options dialog box settings
The large numbers of Group Policy settings available for the 2007 Office system provide a high
degree of flexibility. Administrators can create highly restricted or lightly managed configurations,
depending on the specific business requirements and security concerns of their organizations.
To download the 2007 Office system Administrative Template files, see 2007 Office System
Administrative Templates (ADM) in the Microsoft Download Center.
You can also download the 2007 Microsoft Office System Open XML Format converters
Administrative Template (ADM) file from the Microsoft Download Center. Administrators can use
this template to modify the default behavior for the Microsoft Office Word, Excel, and PowerPoint
2007 Open XML Format converters.
Administrators can modify Microsoft Office 2003 and Microsoft Office XP Administrative Template
files to set default File Save As options to include the new OpenXML file formats of the 2007
Microsoft Office programs. For more information, see KB article 932127, How to modify an
existing Office policy file (ADM file) for Office 2003 and for Office XP to set the Save As default
file format to include the new OpenXML file formats of the 2007 Microsoft Office programs on the
Microsoft Support Knowledge Base (KB) Web site.
156
For more information about Administrative Templates, see the Administrative Templates
Extension Technical Reference (http://go.microsoft.com/fwlink/?LinkId=56088).
Windows Vista and Windows Server 2008 introduce a new XML-based format for Administrative
Template files, as discussed in the next section.
Note
Administrators can convert ADM files to the ADMX format by using the ADMX Migrator
tool. ADMX Migrator provides an ADMX editor with a graphical user interface for creating
and editing administrative templates. For more information, see ADMX Migrator
(http://go.microsoft.com/fwlink/?LinkId=77409).
157
User preferences and true policies
Group Policy settings that administrators can fully manage are referred to as true policies.
Settings that users configure or that reflect the default state of the operating system at installation
time are referred to as preferences. Both true policies and preferences contain information that
modifies the registry on users’ computers. There are important distinctions between true policies
and preferences. True policy settings take precedence over preference settings.
Registry values for true policies are stored under the approved registry keys for Group Policy.
Users cannot change or disable these settings:
For computer policy settings:
• HKEY_LOCAL_MACHINE\Software\Policies (the preferred location)
• HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies
For user policy settings:
• HKEY_CURRENT_USER\Software\Policies (the preferred location)
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
Preferences are set by users or by the operating system at installation time. The registry values
that store preferences are located outside the approved Group Policy keys shown in the
preceding table. Users can change their preferences.
Administrators can write an .adm file that sets registry values outside of the approved Group
Policy registry trees. In this case, this method only ensures that a registry key or value is set in a
specific way. With this approach, the administrator configures preference settings instead of true
policy settings and marks the registry with these settings. This means that the settings persist in
the registry, even if the preference setting is disabled or deleted.
If you configure preference settings by using a GPO in this manner, the GPOs that you create do
not have Access Control List (ACL) restrictions. Therefore, users might be able to change these
values in the registry. When the GPO goes out of scope (if the GPO is unlinked, disabled, or
deleted), these values are not removed from the registry.
In contrast, true registry policy settings do have ACL restrictions to prevent users from changing
the settings. The policy values are removed when the GPO that sets the values goes out of
scope. For this reason, true policies are considered to be policy settings that can be fully
managed. By default, the Group Policy Object Editor only displays policy settings that can be fully
managed.
To view preferences in Group Policy Object Editor, click the Administrative Templates node,
click View, click Filtering, and then clear Only show policy settings that can be fully
managed.
True policy settings take priority over preferences; however, they do not overwrite or modify the
registry keys used by the preferences. If a policy setting is deployed that conflicts with a
preference setting, the policy setting takes precedence over the preference. If both a policy and
preference are present, the preference is successfully restored if the policy is removed or
disabled. Preference settings persist in the registry until they are reversed by a counteracting
policy setting or by editing the registry.
The following table summarizes the effects of policy settings and preferences.
158
Group Policy present Preference present Resultant behavior
No No Default
For the 2007 Office system, all user-specific policy settings are stored in the
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0 sub-key. Computer-specific
policies are stored in the HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office\12.0
sub-key. By default, both policy sub-keys are locked to prevent users from modifying them.
159
• Group Policy Modeling. Simulates what policy settings are applied under circumstances
specified by an administrator. Administrators can use Group Policy Modeling to simulate the
RSoP data that would be applied for an existing configuration, or they can analyze the effects
of simulated, hypothetical changes to their directory environment. Group Policy Modeling
requires that you have at least one domain controller running Windows Server 2003, because
this simulation is performed by a service running on a domain controller that is running
Windows Server 2003. For more information, see Group Policy Modeling
(http://go.microsoft.com/fwlink/?LinkId=82672) on the Microsoft TechNet Web site.
• Group Policy Results. Represents the actual policy data that is applied to a computer and
user. Data is obtained by querying the target computer and retrieving the RSoP data that was
applied to that computer. The Group Policy Results capability is provided by the client
operating system and requires Windows XP, Windows Server 2003, or later versions of the
operating system. For more information, see Group Policy Results
(http://go.microsoft.com/fwlink/?LinkId=82673) on the Microsoft TechNet Web site.
GPMC was originally provided as a separate download component for Microsoft Windows Server
2003 and Windows XP. To download GPMC, see Download Group Policy Management Console
(GPMC) (http://go.microsoft.com/fwlink/?LinkId=58541) on the Microsoft Download Center Web
site.
In Windows Vista and Windows Server 2008, GPMC is integrated directly into the operating
system and is the standard tool for managing Group Policy tasks along with Group Policy Object
Editor.
For more information about GPMC, see Step-by-Step Guide to Using Group Policy Management
Console (http://go.microsoft.com/fwlink/?LinkId=75196) on the Microsoft TechNet Web site.
160
Group Policy Object Editor consists of two main nodes: User Configuration, which contains
settings that are applied to users at logon and periodic background refresh, and Computer
Configuration, which contains settings that are applied to computers at startup and periodic
background refresh. The main nodes are further divided into folders that contain the different
types of policy settings that can be set. These folders include:
• Software Settings, which contains software installation settings
• Windows Settings, which contains Security Settings and Scripts policy settings
• Administrative Templates, which contains registry-based policy settings
For more information about Group Policy Object Editor, see Group Policy (pre-GPMC)
(http://go.microsoft.com/fwlink/?LinkId=72742) on the Microsoft TechNet Windows Server 2003
site.
See Also
• Enforce settings by using Group Policy in the 2007 Office system
• Disabling User Interface Items and Shortcut Keys by Specifying Toolbar Control IDs
• Planning for security in the 2007 Office system
• Plan for configuring security settings in Outlook 2007
• Using Group Policy to set default file save options
161