How to Centralize Outlook Signature - Part 1

This time my article will be more technical and it's for IT Professionals.The article will be explain how can centralize Outlook signatures in a company if you don’t have budget to buy new software that can central email signatures or you don’t like to add third part software’s in the exchange environment.
Your Director decide that you must all the users to has the same Outlook Signature in the company and ask for you to proceed with the Project. How can proceed? You will propose for an software email signature manager? If you have the budget then all is ok. But if you don’t or you don’t want third part softwares to related with the Exchange? Then what will be your solution? 

It’s time to explain step by step how can proceed and centralize the Outlook signature for all the users in the company.

If you would like to read the other parts in this article series please go to:

Before start i would like to explain with few worlds how can proceed. You will download specific Poweshell Script from Microsoft Gallery and with few steps will be deploy through GPO.


  1. Install Psexec in your PC.
  2. Create Group Policy and allow remote connection through Psexec.
  3. Allow PowerShell to run in remote pc.


  1. Install Psexec in your PC.
  1. Create Group Policy and allow remote connection through Psexec.
  • Login in your Domain Controller and open the Group Policy Management
    Go in Group Policy Object , Right Click  and select New to create the new Policy.

  • After create the Group Policy, go in the right side find the Group Policy, Right Click and select Edit.

  • Go in Computer Configuration - - > Policies - - > Windows Settings - - > Security Settings - -> Windows Firewall with Advanced Security
  • Expand the Windows Firewall with Advanced Security. Right  click in Inbound Rules and select New.

  • When create the New Rulle will open a Wizard to configure it.
  • In the first Step you must defile the type of rule that you want to create.
  • Select predefined and choose File and Printer Sharing.
  • Click Next

  • In the next screen you will see the network connectivity requirements for the selected group.
  • Uncheck all the rules except of the File and Printer Sharing (SMB-In) and and click Next.

  • Check the option Allow the connection and  Click Finish.

  • Now you can see the Windows Firewall Rule in the right Pane.

  • Close the Group Policy Management Editor and you will go back in Group Policy Management.
  • Find the Group Policy  that you create from Group Policy Objects.
  • Click on it and from the right side choose in which users or group will be apllied. It is in section Security Filetring
  • This is very importa step because if you don't select where must be applied probably you will have problems with the Group Policy or will be applied in Authenticated Users which is the default and we don't want it.


  • Go in the appropriate Organization Unit and with Right click select Link an Existing GPO
  • Choose the policy that you have create and click OK.

  • After link the GPO verify that you have click in the Organization Unit that you want to deploy the Group Policy, go in the right side and with right click in the Group Policy click Enforced.

We finish with the Group Policy to allow psexec to connect remotely in the pc's. 

Wait until next day to Login all the users in the PC'S and apply the new Group Policy

  1. Allow PowerShell to run in remote pc

To deploy successfull the Powershwll script we must allow powershell to run in remote pc. As yo can see below this is the reason which open the port in Windows Firewall for the psexec.

  • Open a cmd.
  • Connect with psexec in remote pc. Type the following command
    psexec -s \\ip address of the pc cmd
  • If the command is right and the Group Policy of Windows Firewall Rule deploy without errors when type the psexec command you will see the following image. 

  • If you can'y connect you will get an error 
    Maker sure that the default admin us enable …. 

  • When connect successfull in the client PC Use the quick default configuration of WinRM with the following command:
    Winrm  quickconfig
  • When type the command you will  question to enable WinRM Firewall Exception. Type Y

If the WinRM is already configure you will get the message that is already running in the machine.

  • When finish to verify that the pc can allow Poweshell script you can open the Powershell and run the following command:
    Test-WsMan –computername “ipaddress or computername”
  • The result must be as the image. If not suceessfull it’s sure that you will understand it and must check if you have run successfull the command in the client.

Because when i do something i would like exactly to know what i do below is some info what really do the WinRM or you can find more details on

The WinRM command do the following things
Starts the WinRM service, and sets the service startup type to auto-start.
Configures a listener for the ports that send and receive WS-Management protocol messages using either HTTP or HTTPS on any IP address.
Defines ICF exceptions for the WinRM service, and opens the ports for HTTP and HTTPS.

We finish with the Powershell configuration and we will continue in the Part 2 with the last Steps before Centralize Outlook Signature.

Be patient until 24/2/2015 thtat i will Publish the Part2.

If you have any comment or you want to discuss this way of the Centralize Outlook signature just write in comments or send me an email in