Previous  Top  Next

Outlook stores its account settings etc. in a number of registry keys and files. When you start up Outlook for the first time, it will check if these keys exist and, if not, will prompt the user to create a new account. This works fine in the virtual environment when Outlook is not installed on the physical system. However, when the user already has Outlook installed physically, the Thinstalled version will find the registry keys in the system registry and use those settings, which is probably not what's intended. What's needed is "Full Isolation Mode" for the registry keys and files where Outlook stores its settings, so the Thinstalled version will pretend the system systems don't exist. To set this up, some changes need to be made to the capture. First of all, the following entries need to be added to the HKEY_CURRENT_USER.txt file:

isolation_full HKEY_CURRENT_USER\Identities
isolation_full HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles

Next, a file named
##Attributes.ini with the following contents:


must be created in each of the following subdirectories:

%Local AppData%\Microsoft\FORMS
%Local AppData%\Microsoft\Outlook

(create the subdirectories as needed)


By default, Outlook creates a directory where it stores attachments when you open an attachment for viewing. This directory will normally be something like "C:\Documents and Settings\<username>\Local Settings\Temp\Temporary Internet Files\OLKxxxx" where the last "xxxx" is replaced by something randomly chosen. This works fine when the viewing application runs in the same virtual sandbox as Outlook. However, when you want to use an external application (an application not running in Outlooks virtual sandbox) the external application won't be able to find the file it is supposed to show. This is because Outlook will store the file in the sandbox. To solve this, the isolation mode of the directory where the attachments are stored needs to be set to Merged. The next problem then is that we don't know what the name of that directory is (the last part of the name was randomly chosen).
To solve this, add a value to HKEY_CURRENT_USER.txt which sets the name of attachment directory:

isolation_full HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Security
  REG_SZ~%Profile%\Local Settings\OutlookTempxxxx#2300

(The "11.0" in the key name is for Outlook 2003, use the appropriate version number for your version of Outlook). For slightly increased security, replace the last 4 "xxxx" characters by something random.
Next, create a directory "%Profile%\Local Settings\OutlookTempxxxx" in your project and create an ##Attributes.ini file there containing:


The directory "%Profile%\Local Settings\OutlookTempxxxx" is just an example, you can use whatever you want, as long as you make sure that the directory is named in the OutlookSecureTempFolder registry key and is set to the correct isolation mode.