You have enabled Crossware Mail Signature for Exchange on-premises, but users can still add and apply personal signatures to their emails by using the native tool in Microsoft Outlook. This can result in some users with two different signatures - one from Outlook and one from Crossware Mail Signature.
You want to disable the functionality that allows users to use existing or add new signatures through Outlook to prevent these being applied by users in the future.
Note: this article applies to disabling the creation of Outlook signatures in the Outlook desktop application, not in Outlook Web Access (OWA). To disable the creation of Outlook signatures in OWA, please follow the steps in this article (to be written).
To disable Microsoft Outlook signatures centrally, you can use a Group Policy Object (GPO). This must be created on a domain which you have full administrative access to, on your Domain Controller or another machine responsible for Group Policy configuration.
Please ensure that your version of Office 365 supports Group Policy creation by following this link and scrolling down to the Group Policy support row.
Note: This method will ensure that signature options will be disabled and these changes will prevent signatures in Outlook from being applied (existing signatures included). However, existing signature files will not be deleted from client computers. If you disable this policy, signatures will begin to be applied again.
Before you begin, create a Security Group
This method requires you to have a Security Group containing all users who you want Outlook signatures disabled for. You can go ahead and create one now using these steps if you don't yet have one:
1. Use Windows search to find the Active Directory Administrative Center tool.
2. Right mouse click on Users and click New > Group.
3. Name the group something recognisable such as Users with Disabled Local Signatures and ensure that Security is selected under Type. This will now appear under the User list.
4. Go to Members > Add and type in the Group name or individual user names of each person you would like to disable Outlook signatures for, then click Check Names and save.
Before you begin, download the necessary Microsoft Administrative Template files
1. Download and extract appropriate version(s) of the Microsoft Administrative Template files (ADM, ADMX/ADML) for the version of Microsoft Outlook you are running in your organisation by clicking the appropriate link below from the Microsoft website and following the download sequence.
These files are provided by Microsoft. If they do not work, please visit the Microsoft Download Center to find the latest download URL.
Note: If you are running multiple versions of Outlook in your organisation, you should download an Administration Template for each version.
Both the applicable ADML and the ADMX file are a significant part of the disabling process and need to be copied from the extraction folder to your Windows PolicyDefinitions folder (steps below). For more info on these file formats click here.
Note: These steps assume that you are running Windows Server 2008 or above.
Creating a Group Policy Object to disable Outlook signature creation
For Outlook 2010, 2013 or 2016
1. Navigate to the folder that you extracted the Administrative Template files (ADM, ADMX/ADML), open the AMDX folder and locate outlk14.admx (Outlook 2010), outlk15.admx (Outlook 2013) or outlk16.admx (Outlook 2016).
2. Copy this file to Local Disk (C:) > Windows > PolicyDefinitions
3. Open the AMDX folder again and navigate to the applicable language folder (e.g. en-us).
4. Copy the Outlook ADML file (outlk14.adml / outlk15.adml / outlk16.adml) to the corresponding languages folder in Local Disk (C:) > Windows > PolicyDefinitions (e.g. if the language folder in PolicyDefinitions is en-US, copy the outlk14.adml / outlk15.adml / outlk16.adml file from under the ADMX > en-us folder).
5. Open the Group Policy Management Console by selecting Start > Administrative Tools > Group Policy Management (this should be included in Windows Server 2008 and beyond).
6. In the left menu pane, right click on your domain and select Create a GPO in this domain, and Link it here... and name your GPO.
7. Click the newly created GPO.
8. On the Scope tab, click Authenticated Users in the Security Filtering pane then click Remove.
9. In the same pane, click Add in and select the name of the Security Group that you created earlier (e.g. Users with Disabled Local Signatures).
10. Right click on your GPO in the left panel and select Edit, then navigate to User Configuration > Policies > Administrative Templates
11. Expand the Administrative Templates folder and navigate to Microsoft Outlook 2010 / Microsoft Outlook 2013 / Microsoft Outlook 2016 > Outlook Options > Mail Format
12. Enable the Do not allow signatures for email messages policy to disable signatures for Microsoft Outlook 2010 /2013 / 2016.
13. All users must now log out then log back in for changes to be applied. A manually forced policy update is also recommended using gpupdate / force. Remember that changes may not be applied immediately as it depends on your environment's configuration.