In this post, we will see how you can add, remove or modify Trusted Locations so that files in these locations will not be checked. We will also show you will show you how to enable or disable Trusted Locations in Microsoft Office apps like Word, Excel, PowerPoint, etc. using Group Policy or Registry Editor. Show Microsoft Office includes Trust Center, which contains security & privacy settings, to keep your Windows computer secure & safe. Using the File Block feature, you can prevent outdated file types or suspicious files from opening, and open them in Protected View. There may be cases where you trust some files – especially those with macros, data connections, ActiveX controls – completely and do not want them to be checked by Trust Center, every time you open them – or you may not want them opened in Protected View. In such cases, rather than changing the default Trust Center settings to a less-safe macro security setting, it is better to move such files to a Trusted Location. Trusted Locations in Office If you do not want Office files to be checked by Trust Center or opened in Protected View, add them to Trusted Locations. You can add trusted locations, in any Microsoft Office document like Access, Excel, Visio, Word and PowerPoint, by following this procedure.
You even have options to allow Trusted Locations on your networks or disable all Trusted Locations, by checking the boxes. How to enable or disable Trusted Locations in Microsoft OfficeWe have seen how to add, remove or modify Trusted Locations in Microsoft Office apps. However, if you do not want to use this functionality at all, you can disable it on your computer. For your information, it is possible to enable or disable Trusted Locations in Microsoft Office apps using in-built settings or the Options panel, Local Group Policy Editor, and the Registry Editor. Here, we have shown the steps for Microsoft Excel. However, you can do the same in Word and PowerPoint as well. To enable or disable Trusted Locations in Microsoft Office, follow these steps:
To learn more about these steps, continue reading. First, you need to open Microsoft Excel or any other Microsoft Office app and click on the Options menu. Then, go to the Trust Center tab, click on the Trust Center Settings button, and switch to the Trusted Locations tab. I figured out a way around the issue by adding the Mapped Drive to the Registry and it works like a charm. We have more than a thousand Excel files that reference the mapped location so changing the Path was not an option. Here's what I did. I will not be able to edit this location in Excel's Trust Center afterwards so to change the path at a later time I will need to edit it in the Registry. I am using Microsoft Office Home and Business 2016. The Registry Locations will be different for other version and may not work. *** Use at your own Risk! Not responsible for any damage that you cause to your computer by modifying the registry. I created the following Registry Keys : I changed the Location6 to the next consecutive value in my machine's registry location. --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- since the update of office in june excel files with macros cannot be opened on our network locations by default, we wanted to roll out a GPO to restore the previous state. The problem we are facing is, the checkbox for the "Allow Trusted Locations on my network (not recommended)" inside the Trust Center is not being set by this GPO even though it is activated and rolled out. The paths for our network locations are however added and present inside the Trust Center under Trusted Locations. We checked our GPO by using gpresult on our clinets and it shows up. We checked the registry as well. Here the value "allownetworklocations" under "Computer\HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\office\16.0\excel\security\trusted locations" is set to "1". Our Excel 365 clients do not care unfortunately... We've also noticed that shortly after the GPOs are updated on our clients (checked with event viewer) the checkbox is set and grayed out. But if you reopen this after a minute it is gone again. Do we need to roll this out in The Office 365 Admin Center under Configuration and not in our GPOs on our DMCs, perhaps? windows-group-policyoffice-deploymentComment Comment · Show 2 Comment 5 |1600 characters needed characters left characters exceeded
▼
Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total. emilyhua-msft · Oct 17 at 07:19 AM Hi @ChrisAdmin123-1354 Welcome to Q&A forum ~ For Office, do other group policy in the same OU or one of other OUs not work as "Allow Trusted Locations on my network (not recommended)"? From an Office perspective, you can try pushing cloud policy to a small test group. 0 Votes 0 · ChrisAdmin123-1354 emilyhua-msft · Oct 17 at 08:12 AM I cannot check every user but we have several tickets which describe the same problem in our OU. (I hope I understood your question correctly) We tried this and did not have any positive effect unfortunately. We will need to try this. Here a screenshot for clarifications. 0 Votes 0 · unbenannt.png (35.1 KiB) LimitlessTechnology-0326 answered • Oct 17, '22 | TimMoore-2884 commented • Nov 30, '22 Hello there, This behavior has been confirmed by Microsoft in one of their blogs. VBA macros are a common way for malicious actors to gain access to deploy malware and ransomware. Therefore, to help improve security in Office, we’re changing the default behavior of Office applications to block macros in files from the internet. To prepare for this change, we recommend that you work with the business units in your organization that use macros in Office files that are opened from locations such as intranet network shares or intranet websites. Macros from the internet will be blocked by default in Office https://learn.microsoft.com/en-us/deployoffice/security/internet-macros-blocked --If the reply is helpful, please Upvote and Accept it as an answer– Comment Comment · Show 2 Comment 5 |1600 characters needed characters left characters exceeded
▼
Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total. ChrisAdmin123-1354 · Oct 18 at 06:45 AM Hello, This is why I want to get a GPO running to deactivate this behavior for our trusted locations inside our internal network. This is however not working correctly for us since checkbox "Allow Trusted Locations on my network (not recommended)" inside the Trust Center is not being set by our GPO. My question was as to why this is the case. Ergo if we have set our GPO incorrectly or there is a Bug in Office perhaps... Does Office 365 have group policy?Group Policy settings can be used regardless of whether users install Microsoft 365 Apps themselves from the Office 365 portal, or if you deploy Microsoft 365 Apps to your users by using the Office Deployment Tool.
How to fix Microsoft has blocked macros from running because the source of this file is untrusted?For an individual file, such as a file downloaded from an internet location or an email attachment the user has saved to their local device, the simplest way to unblock macros is to remove Mark of the Web. To remove, right-click on the file, choose Properties, and then select the Unblock checkbox on the General tab.
What is Microsoft Trust Center?The Trust Center is where you can find security and privacy settings for Microsoft Office programs. With the consistent appearance of the ribbon in Office programs, steps to find the Trust Center are the same for each program.
Should I send optional data to Microsoft?If you choose Optional, additional data that helps make product improvements and provides enhanced information to help detect, diagnose, and remediate issues is sent to Microsoft. If you choose to send optional diagnostic data, required diagnostic data is also included.
|
