Policy
Require trusted publisher signatures for macros that are always loaded
Microsoft Office
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10
This policy setting controls signature requirements for macros that are automatically loaded when Office applications start. Macros that are always loaded include VBA add-ins and templates that load automatically: Excel add-ins (xla/xlam), PowerPoint add-ins (ppa/ppam), Access add-ins (accda/mda), and Word templates (dot/dotm). If you enable this policy setting: - Unsigned macros that are always loaded are silently disabled and don't load. - Signed but untrusted macros that are always loaded display a red Message Bar with no option for users to enable them for the current session. - Macros signed by a trusted publisher are allowed to always load. If you disable or don't configure this policy setting, macros that are always on can load without requiring trusted publisher signatures.
Registry values
How enabled and disabled states update the registry.
| Scope | Registry location | Type | Enabled value | Disabled value | Copy |
|---|---|---|---|---|---|
| User | Path software\policies\microsoft\office\16.0\common\security Value name requirealwaysonmacrosig | REG_DWORD | HKCU 1 | HKCU 0 |
Policy elements
Inputs and configuration options exposed by this policy.
This policy has no additional user input fields.