Automatic Encryption Unchecks Itself

Hello,

I have a user that is running Outlook 2010 on Win7 Enterprise 64. He goes into the Trust Center and selects "Encrypt contents and attachments for outgoing messages" and then clicks ok. He locks his PC and removes his PIV card from the keyboard. When he comes back and reinserts his PIV card and unlocks Windows, he has to go back into the Trust Center and recheck the box again as it has cleared itself out.

We have rebooted and tried to run a repair on Office. Any other ideas?

Thanks in advance

March 23rd, 2015 3:11pm

Hi,

Did the issue occur again after repairing of Office? How does the user access his Operating System and Outlook?Through PIV card? Was this user the only one who faced this issue? Was there any Group Policy restrained user of setting encryption? Was this user in Administrator group?

Meanwhile, we can try approach below:

   1.Start Outlook with Admin privilege. Set encryption again, see if the change got revert or not.

   2.Start Regedit, modify the key below:

     HKCU\Software\Microsoft\Office\14.0\Outlook\Security\InitEncrypt  set the key value to 2

Let me know the result, thank you.


Free Windows Admin Tool Kit Click here and download it now
March 24th, 2015 4:38am

1. Yes, the error continued after the repair.

2. The user accesses his computer with his PIV card. It is not mandatory yet but it soon will be.

3. Yes, he is the only user with this problem.

4. Going to check his GP shortly to find out.

5. User is not in any admin groups.

6. Thank you for that registry key you're amazing! Will test this shortly also. :)

March 24th, 2015 8:01am

Hi,

Did the issue occur again after repairing of Office? How does the user access his Operating System and Outlook?Through PIV card? Was this user the only one who faced this issue? Was there any Group Policy restrained user of setting encryption? Was this user in Administrator group?

Meanwhile, we can try approach below:

   1.Start Outlook with Admin privilege. Set encryption again, see if the change got revert or not.

   2.Start Regedit, modify the key below:

     HKCU\Software\Microsoft\Office\14.0\Outlook\Security\InitEncrypt  set the key value to 2

Let me know the result, thank you.


Free Windows Admin Tool Kit Click here and download it now
March 24th, 2015 8:37am

Hi,

Did the issue occur again after repairing of Office? How does the user access his Operating System and Outlook?Through PIV card? Was this user the only one who faced this issue? Was there any Group Policy restrained user of setting encryption? Was this user in Administrator group?

Meanwhile, we can try approach below:

   1.Start Outlook with Admin privilege. Set encryption again, see if the change got revert or not.

   2.Start Regedit, modify the key below:

     HKCU\Software\Microsoft\Office\14.0\Outlook\Security\InitEncrypt  set the key value to 2

Let me know the result, thank you.


March 24th, 2015 8:37am

Hi,

Did the issue occur again after repairing of Office? How does the user access his Operating System and Outlook?Through PIV card? Was this user the only one who faced this issue? Was there any Group Policy restrained user of setting encryption? Was this user in Administrator group?

Meanwhile, we can try approach below:

   1.Start Outlook with Admin privilege. Set encryption again, see if the change got revert or not.

   2.Start Regedit, modify the key below:

     HKCU\Software\Microsoft\Office\14.0\Outlook\Security\InitEncrypt  set the key value to 2

Let me know the result, thank you.


Free Windows Admin Tool Kit Click here and download it now
March 24th, 2015 8:37am

Are others all use PIV card to access their computer but don't have this issue? Please also keep me posted with the test results.


March 24th, 2015 8:41am

Are others all use PIV card to access their computer but don't have this issue? Please also keep me posted with the test results.


Free Windows Admin Tool Kit Click here and download it now
March 24th, 2015 12:40pm

Are others all use PIV card to access their computer but don't have this issue? Please also keep me posted with the test results.


March 24th, 2015 12:40pm

Are others all use PIV card to access their computer but don't have this issue? Please also keep me posted with the test results.


Free Windows Admin Tool Kit Click here and download it now
March 24th, 2015 12:40pm
Yes all other users are working fine just this user is having the issue. I checked and the key value was already set to 2. Any other thoughts?
March 25th, 2015 8:07am
Anyone...?
Free Windows Admin Tool Kit Click here and download it now
March 26th, 2015 11:29am

Hi,

Sorry for the late response. In this case, we may check items below:

  1.        If the Registry Key get reversed after the use logout and re-login
  2.        Check events log, see if any application had contributed to this change
  3.        Use Process Monitor to Monitor Registry changes of Outlook during logout and login(Resource of Process Monitor)

Send the log files to me through mail: ibsofc@microsoft.com

Meanwhile, we can try follow steps:

  1.        Check if this user has different Add-ins compare to other user
  2.        Start Outlook with Safe mode, enable the encryption option
  3.        Perform a clean boot, see if the Encryption get reversed: How to perform clean boot

Let me know the result, thank you.

March 29th, 2015 2:24am

Hi,

Sorry for the late response. In this case, we may check items below:

  1.        If the Registry Key get reversed after the use logout and re-login
  2.        Check events log, see if any application had contributed to this change
  3.        Use Process Monitor to Monitor Registry changes of Outlook during logout and login(Resource of Process Monitor)

Send the log files to me through mail: ibsofc@microsoft.com

Meanwhile, we can try follow steps:

  1.        Check if this user has different Add-ins compare to other user
  2.        Start Outlook with Safe mode, enable the encryption option
  3.        Perform a clean boot, see if the Encryption get reversed: How to perform clean boot

Let me know the result, thank you.

Free Windows Admin Tool Kit Click here and download it now
March 29th, 2015 6:22am

Hi,

Sorry for the late response. In this case, we may check items below:

  1.        If the Registry Key get reversed after the use logout and re-login
  2.        Check events log, see if any application had contributed to this change
  3.        Use Process Monitor to Monitor Registry changes of Outlook during logout and login(Resource of Process Monitor)

Send the log files to me through mail: ibsofc@microsoft.com

Meanwhile, we can try follow steps:

  1.        Check if this user has different Add-ins compare to other user
  2.        Start Outlook with Safe mode, enable the encryption option
  3.        Perform a clean boot, see if the Encryption get reversed: How to perform clean boot

Let me know the result, thank you.

March 29th, 2015 6:22am

Hi,

Sorry for the late response. In this case, we may check items below:

  1.        If the Registry Key get reversed after the use logout and re-login
  2.        Check events log, see if any application had contributed to this change
  3.        Use Process Monitor to Monitor Registry changes of Outlook during logout and login(Resource of Process Monitor)

Send the log files to me through mail: ibsofc@microsoft.com

Meanwhile, we can try follow steps:

  1.        Check if this user has different Add-ins compare to other user
  2.        Start Outlook with Safe mode, enable the encryption option
  3.        Perform a clean boot, see if the Encryption get reversed: How to perform clean boot

Let me know the result, thank you.

Free Windows Admin Tool Kit Click here and download it now
March 29th, 2015 6:22am
I had the user use soft certs instead of hard (PKI) certs and he was able to lock the pc, log back in and still have the encryption checked. That lasted for about a minute...
April 8th, 2015 12:32pm
I emailed you the log files, did you notice anything unusual?
Free Windows Admin Tool Kit Click here and download it now
April 8th, 2015 12:33pm

Hi,

From the event log you sent to me, I found some information about Activclient. Do you have this software in your environment? If so, please make sure it configured correctly for the user.

This article is a guidance of Activclient. Thanks.

April 10th, 2015 2:17am
Thanks, I'll try and un/reinstall it and see what happens.
Free Windows Admin Tool Kit Click here and download it now
April 10th, 2015 7:37am

Problem: Automatic Encryption Unchecks itself. Every time the user locks computer and removes PIV card from keyboard, the "Encrypt contents and attachments for outgoing messages" box becomes unchecked, as does the "Add digital signature to outgoing messages" box, when the user logs back in.

Multiple changes to the registry did not work. Microsoft suggested to check that the key value for: HKCU\Software\Microsoft\Office\14.0\Outlook\Security\InitEncrypt was set the value of 2. It was already.

A full rebuild of the users profile was attempted including renaming and then deleting the old profile both locally and server-side and resulted in the same issue.

The only thing that has worked is this:

1. In Outlook 2010 Click File > Options > Trust Center > Trust Center Settings > E-mail Security  > Settings.
2. Click "New" to create a new "Security Settings Name"
3. Enter a new name.
4: Check the boxes for "Default Security Setting for this cryptographic message format" & "Default Security Setting for all cryptographic messages"
5: Select a "Signing Certificate" by clicking on the "Choose" button
6: Select an "Encryption Certificate" by clicking on the "Choose" button.
7: Click "OK"
8: Make sure the new Security Settings Name is selected and that the Encrypt and sign boxes are checked.

When the user unlocks the computer the outgoing emails will still be automatically encrypted.

April 22nd, 2015 10:54am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics