Default fonts and styles for Outlook via Intune

I might be not the only one who thought it would be simple to configure default fonts and styles for Outlook, via Intune. There’s no default policy available who can configure this directly from Intune. I had to create a powershell script for this.

Note: When i wrote this blog, Proactive remediation did not exist yet. In the comments, Olivier published his remediation script. If you have the required licenses for Proactive remediation i recommend to take a look at his comment here.

Users can change this setting on their device to anything they want. The company policy states that Outlook should use Arial 10 as the default font and styling. So, i had to figure out how to configure this setting every time over and over again.

I found the Intune Login script method by Nicola Suter (Nicolonsky Tech). This script creates a scheduled task in the endpoint which runs at every logon (in user context). It stores the actual Powershell script in the endpoint in C:\ProgramData\…\. Yes, a very smart user could still modify this file but Intune will overwrite it again so this one should be fine!.

See my script here: scripts/UEM_OutlookBranding.ps1 at main · j0eyv/scripts (github.com)

The magic is happening between rule #77 and #108. This part will be stored in C:\ProgramData\UEM_OutlookBrandingReg.ps1. This script is being executed by a scheduled task named “UEM-OutlookBrandingTasks”.

Implementing Intune

Open Endpoint Manager via https://endpoint.microsoft.com. Navigate to Devices -> Scripts. Create a new script by clicking “Add“.

Fill in a name. A description is optional.

Select the UEM_OutlookBranding.ps1 script which is available in my Github repo: scripts/UEM_OutlookBranding.ps1 at main · j0eyv/scripts (github.com)

Assign the script to “All users” or a specific Azure AD Group and finish the wizard.

Note: The script is being pushed to the endpoints by Intune. You can speed up this process to logoff and logon again on one of the intune managed devices. The scheduled task will then be created and the powershell script will be stored in the endpoint.

When u see the scheduled task u could logoff and logon again. This is the moment the scheduled task will run for the first time. You should then open Outlook and verify that the font and languages settings are configured with Arial 10.

And yes, this could probably also been done with a OMA-URI (ADMX).

Related Posts

4 thoughts on “Default fonts and styles for Outlook via Intune

  1. In my test environment, this only changed the font for a new e-mail to Arial 10; ReplyFontComplex and TextFontComplex were set to Calibri. I found that both values needed slightly different binary data. Also, I used Proactive Remediations for executing the script:

    Detect:

    Try {
    if (Test-Path -Path registry::HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\mailsettings) {
    1
    }
    else {
    0
    }
    }
    catch {
    $errMsg = $_.Exception.Message
    Write-Error $errMsg
    }

    Remediate:

    $ValueSimple = “3c,00,00,00,…”
    $ValueComposeComplex = “3c,68,74,6d,…”
    $ValueReplyComplex = “3c,68,74,6d,…”
    $ValueTextComplex = “3c,68,74,6d,…”

    $registryPath = ‘HKCU:\SOFTWARE\Microsoft\Office\16.0\Common\mailsettings’
    $Name1Simple = “ComposeFontSimple”
    $Name1Complex = “ComposeFontComplex”
    $Name2Simple = “ReplyFontSimple”
    $Name2Complex = “ReplyFontComplex”
    $Name3Simple = “TextFontSimple”
    $Name3Complex = “TextFontComplex”

    $hexSimple = $ValueSimple.Split(‘,’) | % { “0x$_”}
    $hexComposeComplex = $ValueComposeComplex.Split(‘,’) | % { “0x$_”}
    $hexReplyComplex = $ValueReplyComplex.Split(‘,’) | % { “0x$_”}
    $hexTextComplex = $ValueTextComplex.Split(‘,’) | % { “0x$_”}

    IF(!(Test-Path $registryPath))
    {
    New-Item -Path $registryPath -Force | Out-Null
    New-ItemProperty -Path $registryPath -name NewTheme -PropertyType string
    New-ItemProperty -Path $registryPath -Name $Name1Simple -Value ([byte[]]$hexSimple) -PropertyType Binary -Force
    New-ItemProperty -Path $registryPath -Name $Name2Simple -Value ([byte[]]$hexSimple) -PropertyType Binary -Force
    New-ItemProperty -Path $registryPath -Name $Name3Simple -Value ([byte[]]$hexSimple) -PropertyType Binary -Force
    New-ItemProperty -Path $registryPath -Name $Name1Complex -Value ([byte[]]$hexComposeComplex) -PropertyType Binary -Force
    New-ItemProperty -Path $registryPath -Name $Name2Complex -Value ([byte[]]$hexReplyComplex) -PropertyType Binary -Force
    New-ItemProperty -Path $registryPath -Name $Name3Complex -Value ([byte[]]$hexTextComplex) -PropertyType Binary -Force
    }

    ELSE {
    Set-ItemProperty -Path $registryPath -name NewTheme -value $null
    Set-ItemProperty -Path $registryPath -Name $Name1Simple -Value ([byte[]]$hexSimple) -Force
    Set-ItemProperty -Path $registryPath -Name $Name2Simple -Value ([byte[]]$hexSimple) -Force
    Set-ItemProperty -Path $registryPath -Name $Name3Simple -Value ([byte[]]$hexSimple) -Force
    Set-ItemProperty -Path $registryPath -Name $Name1Complex -Value ([byte[]]$hexComposeComplex) -Force
    Set-ItemProperty -Path $registryPath -Name $Name2Complex -Value ([byte[]]$hexReplyComplex) -Force
    Set-ItemProperty -Path $registryPath -Name $Name3Complex -Value ([byte[]]$hexTextComplex) -Force
    }

    I recommend setting the font and font size in Outlook and exporting the whole mailsettings key – in there, you’ll find the correct binary code.

    1. Hi Oliver,

      That’s true. And yes, the binary example should be changed to your needs. Also, proactive remediations would be better but at the time i was figuring out this issue it did not exists or was quite new. Few months ago someone mentioned that the script modified the registry keys in the endpoint but the application (Outlook) did not pick up the values from the registry. I was able to reproduce that in my environment. Probably a bug back then.

      If the proactive remediation works for you this would be way better and I’m very glad you shared it here 🙂

  2. Hi there,
    I’m not sure where I’m going wrong but I’m using the right binary I think but every time I set the registry via the script I can get the New e-mail working with right font but reply will be Calibri but if i click on the reg for reply it shows lato font which is what im trying to have work yet its still calibri.. what am i doing wrong?

    1. Hi Trevis,

      At this moment i would recommend to use a Proactive Remediation for this. See Olivier’s comment below this blog post. I’ll recommend to configure a outlook client with all the fonts you prefer and then export the registry key. In the past i had the same issue as you had. I see the registry settings being modified to the ones i needed but the outlook client it self did not pick these settings.

Leave a Reply

Your email address will not be published.

one × 3 =