There is no diagnostic logging for the trusted add-ins feature in Outlook 2007

When you use the Group Policy object (GPO) in Microsoft Office Outlook 2007 to set up trusted add-ins, there is no diagnostic logging information to help you determine whether the add-in is trusted.

How to obtain the hotfix

This issue is fixed in the Outlook 2007 post-Service Pack 1 hotfix package that is dated February 24, 2008. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
To enable Outlook 2007 to use the GPO for security administration, follow these steps:

1. Exit Outlook 2007.
2. Start Registry Editor.
   • In Windows Vista, click Start
     Collapse this imageExpand this image

     
     , type regedit in the Start Search box, and then press ENTER.
     
     
     Collapse this imageExpand this image

     
     If you are prompted for an administrator password or for confirmation, type your password, or click Continue.
   • In Windows XP, click Start, click Run, type regedit in the Open box, and then click OK.
3. Locate and then click the following registry subkey:
   HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\Security
4. Right-click AdminSecurityMode, and then click Modify.
5. In the Value data box, type 3, and then click OK.
6. On the File menu, click Exit.

Note The new logging information that is generated after you apply this hotfix is located in the Application log on the Outlook 2007 client computer. To view the Application log, follow these steps:

1. Click Start, click Run, type eventvwr.msc, and then click OK.
2. In the right pane, click Application.

In the Application log, look for event IDs 39, 40, and 41 that have Outlook as the Source of the event. The following events are examples of what you will find in the Application log after installing this hotfix:

Event Type: Information
Event Source: Outlook
Event Category: None
Event ID: 39
Date: <Date>
Time: 9:31:23 AM
User: N/A
Computer: CLIENT
Description: AdminSecurityMode value: 0x03. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Information
Event Source: Outlook
Event Category: None
Event ID: 40
Date: <Date>
Time: 9:31:23 AM
User: N/A
Computer: CLIENT
Description: Outlook has attempted to obtain security properties and attachment information from the GPO. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Information
Event Source: Outlook
Event Category: None
Event ID: 41
Date: <Date>
Time: 9:31:23 AM
User: N/A
Computer: CLIENT
Description: Evaluating FKGGCGOLIMNKPLNGKACFMGAHFEHCNHHLHNLMPECK hash for sample.dll, hash matches, sample.dll will be trusted. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.