Permanently Disabling Outlook Programmatic Access Security Prompts

Permanently Disabling Outlook Programmatic Access Security Prompts  – Local Server Solution

Summary

This article provides procedures to permanently suppress Microsoft Outlook’s security warnings for programmatic access (including “A program is trying to send an e-mail message on your behalf” and “A program is trying to access email address information stored in Outlook…”) when using Microsoft 365 Outlook on a Windows Server.

Target scenario:
Local server configuration (not domain-wide), with enforcement via local registry or Local Group Policy, my use case was for unattended RPA bots retrieving MFA codes

Background:
Microsoft Outlook includes an Object Model Guard security feature.
This feature prompts the user if an external program (such as an RPA tool) attempts to access Outlook data or send messages, particularly if antivirus status cannot be validated (common on Windows Server). For example, the RPA bots retrieving MFA codes from Outlook, these security prompts interrupt workflows and must be permanently suppressed.

Permanent Fix: Registry Method (Recommended)

1. Open Registry Editor 
>Press `Win + R`
>type `regedit`
>Run as Administrator

2. Navigate to the Outlook Security Registry Path
– For Microsoft 365
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Office\16.0\Outlook\Security
– If any subkey in the path is missing, right-click and create it as needed.

3. Create or Update Required DWORD Values

Within the `Security` key, add or update the following values:

ValueName: ObjectModelGuard
Type: DWORD (32)
ValueData: 2
Purpose: Suppress “send on your behalf” warnings

ValueName: PromptOOMAddressBookAccess
Type: DWORD (32)
ValueData: 2
Purpose: Suppress address book access warnings

ValueName: PromptOOMAddressInformationAccess
Type: DWORD (32)
ValueData: 2
Purpose: Suppress address information access warnings

Value Definitions:
– `0` = Prompt when antivirus is not valid

– `1` = Always prompt

– `2` = Never prompt (completely suppress)

4. Close Registry Editor and Reboot

– Exit Registry Editor.

– Reboot the server to apply changes.

Method 2: Local Group Policy Editor

1. Install Office Administrative Templates (ADMX/ADML)

– Download from: Microsoft Download Center – Office ADMX
– Copy to `C:\Windows\PolicyDefinitions` and relevant language folders.

2. Open Local Group Policy Editor
– Run `gpedit.msc`.

3. Navigate and Configure Outlook Programmatic Access

– User Configuration
→ Administrative Templates
→ Microsoft Outlook 2016
→ Security
→ Security Form Settings

Set the following:
– Outlook Security Mode: Enabled
– Select “Use Outlook Security Group Policy”
– Programmatic Security prompts (e.g., “Configure a programmatic access prompt for the address book,” etc.): Enable and set to “Automatically approve”/”Never prompt”

4. Apply and Exit

– Apply the settings.
– Log off and back on (or reboot) for changes to take effect.

Troubleshooting and Verification

Confirm Outlook Trust Center

1. Open Outlook
2. Go to File → Options → Trust Center → Trust Center Settings → Programmatic Access.
3. Confirm the message:
– Never warn me about suspicious activity (not recommended)` is selected (may be greyed out and state it’s enforced by administrator).

Common Pitfalls

Wrong Registry Path:
Click-to-Run installations require use of the `ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Office\16.0\Outlook\Security` path.

Conflicting GPOs:
Domain or user Group Policies can override the local registry. Ensure only local GPOs apply if isolation is needed.

– Antivirus Status:
If antivirus is not recognized, Outlook defaults to secure behavior. The registry/GPO method here disables the prompt regardless.

—

FAQs

Q1: The prompt still appears. What did I miss?
– Double-check the registry path.
– Reboot the server after making changes.
– Ensure no domain-wide Group Policy overwrites your local setting.

Q2: Will this survive Office updates?
– Yes. The key is in the correct Click-to-Run location and is persistent.

Q3: Is this safe?
– Disabling these warnings removes a security check. Perform this action only on isolated, trusted automation servers, not on general-use desktops.

References

– Microsoft Learn: “A program is trying to send an e-mail message on your behalf” warning in Outlook
– Bobcares: How to fix Outlook programmatic access warnings
– Microsoft Outlook Security Settings
– Office Administrative Template files (ADMX/ADML