Hi All,

I'll try to make this as simple as possible, I have customized a .prf file using the office customization tool, and made a .bat file that a user can click on, starts outlook and automatically imports the server settings.

My only issue is, with Exchange 2013, the "Logon network security" type needs to be Anonymous Authentication, and am not sure if it is even possible to set/change. I have opened the .prf file in notepad, but can't seem to find anything related.

Here is the .prf file for quick reference: 

;Automatically generated PRF file from the Microsoft Office Customization and Installation Wizard

; **************************************************************
; Section 1 - Profile Defaults
; **************************************************************

[General]
Custom=1
ProfileName=Test					
DefaultProfile=Yes
OverwriteProfile=Append
ModifyDefaultProfileIfPresent=false
DefaultStore=Service1

; **************************************************************
; Section 2 - Services in Profile
; **************************************************************

[Service List]
;ServiceX=Microsoft Outlook Client
ServiceEGS1=Exchange Global Section
Service1=Microsoft Exchange Server

;***************************************************************
; Section 3 - List of internet accounts
;***************************************************************

[Internet Account List]

;***************************************************************
; Section 4 - Default values for each service.
;***************************************************************

;[ServiceX]
;FormDirectoryPage=
;-- The URL of Exchange Web Services Form Directory page used to create Web forms.
;WebServicesLocation=
;-- The URL of Exchange Web Services page used to display unknown forms.
;ComposeWithWebServices=
;-- Set to true to use Exchange Web Services to compose forms.
;PromptWhenUsingWebServices=
;-- Set to true to use Exchange Web Services to display unknown forms.
;OpenWithWebServices=
;-- Set to true to prompt user before opening unknown forms when using Exchange Web Services.


[ServiceEGS1]
MailboxName=%UserName%@domain.com
HomeServer=
AccountName=domain
ConfigFlags=0x00000000
RPCoverHTTPflags=0x002d
RPCProxyServer=
RPCProxyPrincipalName=msstd:
RPCProxyAuthScheme=0x0001

[Service1]
OverwriteExistingService=Yes
UniqueService=No
MailboxName=%UserName%@domain.com
HomeServer=
DefaultAccount=TRUE

;***************************************************************
; Section 5 - Values for each internet account.
;***************************************************************

;***************************************************************
; Section 6 - Mapping for profile properties
;***************************************************************

[Microsoft Exchange Server]
ServiceName=MSEMS
MDBGUID=5494A1C0297F101BA58708002B2A2517
MailboxName=PT_STRING8,0x6607
HomeServer=PT_STRING8,0x6608
OfflineAddressBookPath=PT_STRING8,0x660E
OfflineFolderPathAndFilename=PT_STRING8,0x6610

[Exchange Global Section]
SectionGUID=13dbb0c8aa05101a9bb000aa002fc45a
MailboxName=PT_STRING8,0x6607
HomeServer=PT_STRING8,0x6608
ConfigFlags=PT_LONG,0x6601
RPCoverHTTPflags=PT_LONG,0x6623
RPCProxyServer=PT_UNICODE,0x6622
RPCProxyPrincipalName=PT_UNICODE,0x6625
RPCProxyAuthScheme=PT_LONG,0x6627
AccountName=PT_UNICODE,0x6620

[Microsoft Mail]
ServiceName=MSFS
ServerPath=PT_STRING8,0x6600
Mailbox=PT_STRING8,0x6601
Password=PT_STRING8,0x67f0
RememberPassword=PT_BOOLEAN,0x6606
ConnectionType=PT_LONG,0x6603
UseSessionLog=PT_BOOLEAN,0x6604
SessionLogPath=PT_STRING8,0x6605
EnableUpload=PT_BOOLEAN,0x6620
EnableDownload=PT_BOOLEAN,0x6621
UploadMask=PT_LONG,0x6622
NetBiosNotification=PT_BOOLEAN,0x6623
NewMailPollInterval=PT_STRING8,0x6624
DisplayGalOnly=PT_BOOLEAN,0x6625
UseHeadersOnLAN=PT_BOOLEAN,0x6630
UseLocalAdressBookOnLAN=PT_BOOLEAN,0x6631
UseExternalToHelpDeliverOnLAN=PT_BOOLEAN,0x6632
UseHeadersOnRAS=PT_BOOLEAN,0x6640
UseLocalAdressBookOnRAS=PT_BOOLEAN,0x6641
UseExternalToHelpDeliverOnRAS=PT_BOOLEAN,0x6639
ConnectOnStartup=PT_BOOLEAN,0x6642
DisconnectAfterRetrieveHeaders=PT_BOOLEAN,0x6643
DisconnectAfterRetrieveMail=PT_BOOLEAN,0x6644
DisconnectOnExit=PT_BOOLEAN,0x6645
DefaultDialupConnectionName=PT_STRING8,0x6646
DialupRetryCount=PT_STRING8,0x6648
DialupRetryDelay=PT_STRING8,0x6649

[Personal Folders]
ServiceName=MSPST MS
Name=PT_STRING8,0x3001
PathAndFilenameToPersonalFolders=PT_STRING8,0x6700 
RememberPassword=PT_BOOLEAN,0x6701
EncryptionType=PT_LONG,0x6702
Password=PT_STRING8,0x6703

[Unicode Personal Folders]
ServiceName=MSUPST MS
Name=PT_UNICODE,0x3001
PathAndFilenameToPersonalFolders=PT_STRING8,0x6700 
RememberPassword=PT_BOOLEAN,0x6701
EncryptionType=PT_LONG,0x6702
Password=PT_STRING8,0x6703

[Outlook Address Book]
ServiceName=CONTAB

[LDAP Directory]
ServiceName=EMABLT
ServerName=PT_STRING8,0x6600
UserName=PT_STRING8,0x6602
UseSSL=PT_BOOLEAN,0x6613
UseSPA=PT_BOOLEAN,0x6615
EnableBrowsing=PT_BOOLEAN,0x6622
DisplayName=PT_STRING8,0x3001
ConnectionPort=PT_STRING8,0x6601
SearchTimeout=PT_STRING8,0x6607
MaxEntriesReturned=PT_STRING8,0x6608
SearchBase=PT_STRING8,0x6603
CheckNames=PT_STRING8,0x6624
DefaultSearch=PT_LONG,0x6623

[Microsoft Outlook Client]
SectionGUID=0a0d020000000000c000000000000046
FormDirectoryPage=PT_STRING8,0x0270
WebServicesLocation=PT_STRING8,0x0271
ComposeWithWebServices=PT_BOOLEAN,0x0272
PromptWhenUsingWebServices=PT_BOOLEAN,0x0273
OpenWithWebServices=PT_BOOLEAN,0x0274
CachedExchangeMode=PT_LONG,0x041f
CachedExchangeSlowDetect=PT_BOOLEAN,0x0420

[Personal Address Book]
ServiceName=MSPST AB
NameOfPAB=PT_STRING8,0x001e3001
PathAndFilename=PT_STRING8,0x001e6600
ShowNamesBy=PT_LONG,0x00036601

; ************************************************************************
; Section 7 - Mapping for internet account properties.  DO NOT MODIFY.
; ************************************************************************

[I_Mail]
AccountType=POP3
;--- POP3 Account Settings ---
AccountName=PT_UNICODE,0x0002
DisplayName=PT_UNICODE,0x000B
EmailAddress=PT_UNICODE,0x000C
;--- POP3 Account Settings ---
POP3Server=PT_UNICODE,0x0100
POP3UserName=PT_UNICODE,0x0101
POP3UseSPA=PT_LONG,0x0108
Organization=PT_UNICODE,0x0107
ReplyEmailAddress=PT_UNICODE,0x0103
POP3Port=PT_LONG,0x0104
POP3UseSSL=PT_LONG,0x0105
; --- SMTP Account Settings ---
SMTPServer=PT_UNICODE,0x0200
SMTPUseAuth=PT_LONG,0x0203
SMTPAuthMethod=PT_LONG,0x0208
SMTPUserName=PT_UNICODE,0x0204
SMTPUseSPA=PT_LONG,0x0207
ConnectionType=PT_LONG,0x000F
ConnectionOID=PT_UNICODE,0x0010
SMTPPort=PT_LONG,0x0201
SMTPSecureConnection=PT_LONG,0x020A
ServerTimeOut=PT_LONG,0x0209
LeaveOnServer=PT_LONG,0x1000

[IMAP_I_Mail]
AccountType=IMAP
;--- IMAP Account Settings ---
AccountName=PT_UNICODE,0x0002
DisplayName=PT_UNICODE,0x000B
EmailAddress=PT_UNICODE,0x000C
;--- IMAP Account Settings ---
IMAPServer=PT_UNICODE,0x0100
IMAPUserName=PT_UNICODE,0x0101
IMAPUseSPA=PT_LONG,0x0108
Organization=PT_UNICODE,0x0107
ReplyEmailAddress=PT_UNICODE,0x0103
IMAPPort=PT_LONG,0x0104
IMAPUseSSL=PT_LONG,0x0105
; --- SMTP Account Settings ---
SMTPServer=PT_UNICODE,0x0200
SMTPUseAuth=PT_LONG,0x0203
SMTPAuthMethod=PT_LONG,0x0208
SMTPUserName=PT_UNICODE,0x0204
SMTPUseSPA=PT_LONG,0x0207
ConnectionType=PT_LONG,0x000F
ConnectionOID=PT_UNICODE,0x0010
SMTPPort=PT_LONG,0x0201
SMTPSecureConnection=PT_LONG,0x020A
ServerTimeOut=PT_LONG,0x0209
CheckNewImap=PT_LONG,0x1100
RootFolder=PT_UNICODE,0x1101
Account=PT_UNICODE,0x0002
HttpServer=PT_UNICODE,0x0100
UserName=PT_UNICODE,0x0101
Organization=PT_UNICODE,0x0107
UseSPA=PT_LONG,0x0108
TimeOut=PT_LONG,0x0209
Reply=PT_UNICODE,0x0103
EmailAddress=PT_UNICODE,0x000C
FullName=PT_UNICODE,0x000B
Connection Type=PT_LONG,0x000F
ConnectOID=PT_UNICODE,0x0010

Is this possible?

Thanks!

My only issue is, with Exchange 2013, the "Logon network security" type needs to be Anonymous Authentication, and am not sure if it is even possible to set/change.

Hi,

Sorry for the lack of knowledge on .prf file above.

However if we want to enable the Anonymous Authentication on the Exchange 2013 server side, I can share some information for you.

Based on my experience, the "Logon network security" option exists in Outlook client. We can run some commands on EMS to enable the Anonymous Authentication on the server side. Please follow me, steps as below:

1. First I suggest verify the Outlook Anywhere settings on Exchange 2013 CAS server via following command:

Get-OutlookAnywhere -Server Exch1

2. If "ExternalHostName" is set, please change the "ExternalClientAuthenticationMethod" to Negotiate via following command:

Get-OutlookAnywhere -Server Exch1 | Set-OutlookAnywhere -ExternalClientAuthenticationMethod Negotiate

3. Please note: If the DefaultAuthenticationMethod parameter is specified, InternalClientAuthenticationMethod, ExternalClientAuthenticationMethod and IISAuthenticationMethods parameters cannot be used. More details in the following article:

Set-OutlookAnywhere

http://technet.microsoft.com/en-us/library/bb123545(v=exchg.150).aspx

 

However if we enable the Anonymous Authentication, it maybe something wrong in some situation. For example, Users of Exchange Server 2013 or Exchange Online can't open public folders or shared mailboxes on an Exchange 2010 or Exchange 2007 server. 

Found a related KB for your reference:

http://support.microsoft.com/kb/2834139

 

Hope it is helpful

 

Thanks

This is not an answer and should not be marked answered. The Office 365 servers require Login Network Security to be set to Anonymous, but this is not an available option while creating a PRF file with the Microsoft Office Customization Tool. The question still remains, is there a value I can add to my PRF file so the Outlook profile is automatically created with anonymous as the "Login Network Security"?

Hello,

Technically speaking it is possible. Microsoft doesn't' recommend using .prf with Office 365.

I would very strongly advise to use zeroconfigexchange inseatd of .prf to deploy profiles for office 365.

http://technet.microsoft.com/en-us/library/cc837949(v=office.12).aspx

"Configure Exchange profile without interaction

You can configure Office Outlook 2007 to automatically create an Exchange account without displaying the Add New E-mail Account wizard after it finds the user contact information in Active Directory. To do this, set the following registry value to 1."

If you have profiles in place the best thing is to delete them and get new ones based on AutoDiscover.

The risk you take by using .prf is to remain with outdated profiles which sooner or later will need to be re-created.

• Edited by Sil.views Tuesday, July 15, 2014 8:51 AM

In your ServiceEGS1 section add

NetworkLogonSecurity=0x8000F001

and in Exchange Global Section add

NetworkLogonSecurity=PT_LONG,0x6619