Microsoft Office_mac 2008 Home and Student Edition GZA 00006 User Manual

Microsoft Office 2008 for Mac  
Administrator Guide  
Table of contents  
Office 2008 Evaluation  
Introducing Office 2008 for Mac  
Office 2008 for Mac is a suite of desktop productivity applications that is designed to work  
specifically with the Macintosh operating system. It provides Macintosh users with applications for  
creating effective documents, sharing ideas with other users on Macintosh computers or Windows-  
based computers, and managing information efficiently. With its updated user interface and  
collaborative tools, Office 2008 provides enhanced and more secure capabilities for capturing and  
using business information.  
Intended Audience  
The Microsoft Office 2008 for Mac Administrator’s Guide is for system implementers, IT managers,  
system administrators, or others who are responsible for planning, implementing, and maintaining  
Office 2008 in their organizations.  
Documentation Roadmap  
The following table describes the chapter content in the guide.  
Chapter  
Description  
Describes how Office 2008 delivers business value and how businesses can  
benefit from upgrading to this new version of Office.  
The purpose of this section is to provide conceptual information to help  
decision makers evaluate and recommend information technology solutions to  
their organizations. It includes information about the new features in Office  
2008 for the consumers, the system requirements for implementing Office 2008  
in a production environment, and the licensing terms.  
Provides detailed instructions about what to plan before you deploy Office 2008  
in a production environment.  
The purpose of this section is to help system architects, planners, and  
administrators envision and plan the early phases of Office 2008 deployment in  
a production environment. This includes providing information about:  
The hardware and software resources, as well as other infrastructure  
requirements for deploying Office 2008.  
The background information that pertains to the deployment of  
Office 2008, such as information about the different deployment  
methods.  
Using Office 2008 with related Microsoft products.  
1
   
Office 2008 Evaluation  
Chapter  
Description  
Describes how to install and deploy Office 2008 in a production environment.  
The purpose of this section is to provide system implementers with step-by-step  
procedures that will help them deploy Office 2008.  
Provides instructions about how to maintain the Office 2008 installation.  
The purpose of this section is to provide information for administrators who are  
responsible for maintaining the system after deployment. This includes  
information about how to distribute product updates efficiently.  
Provides details about the enhanced security features in Office 2008.  
The purpose of this section is to provide IT professionals with information that  
will help them efficiently mitigate security threats while maintaining information  
worker productivity.  
Provides a list of reference topics that are relevant to running Office 2008.  
The purpose of this section is to provide references to additional resources that  
might be helpful in planning, deploying, and maintaining Office 2008.  
Office 2008 Evaluation  
How Office 2008 delivers business value  
Office 2008 for Mac is redesigned and reinvented to be more compatible, powerful, and easy to  
use. Office 2008 introduces new and improved features across all its applications, so that users can  
seamlessly manage information, use high-impact design elements to communicate ideas, and  
work efficiently across platforms. The redesigned user interface helps users find the tools they want  
quickly and achieve their goals easily. This intuitive user experience also minimizes training and  
support demands by providing end users with significantly improved Help capabilities and self-  
service tools.  
2
     
Office 2008 Evaluation  
Challenges and solutions  
Typical  
challenges in a  
business  
environment  
Why choose Office 2008  
Maximizing user  
impact on  
business  
New graphic capabilities, including SmartArt, WordArt, slide themes, and  
charting, enable users to create professional-looking, high-impact documents,  
workbooks, and "publication ready" presentations without having to spend  
hours on formatting. For example:  
outcomes  
Redesigned charting tools in Excel - By using the improved  
charting tools, users can quickly build professional-looking charts  
with special effects such as 3-D, transparency, and soft shadows.  
WordArt and SmartArt - Excel, PowerPoint, and Word include  
updated, modern-looking WordArt that users can use to apply 2-D  
and 3-D effects to text. Also, users can choose from dozens of  
SmartArt graphics to quickly create designer-quality diagrams,  
charts, and other information graphics.  
Slide themes in PowerPoint - A theme is a coordinated set of fonts,  
colors, and visual effects that gives a presentation a unified design.  
Users can preview and apply dozens of professionally designed  
themes directly from the Slide Themes tab in the Elements Gallery.  
Users can also modify themes to match their organization’s design,  
as well as import themes from other Office files.  
3
Office 2008 Evaluation  
Typical  
challenges in a  
business  
environment  
Why choose Office 2008  
Increasing  
individual  
productivity  
Office 2008 helps maximize productivity by providing tools that users can use  
to prioritize and manage daily activities, e-mail, calendars, and tasks. With its  
results-oriented interface, Office 2008 helps users quickly assemble and create  
high quality documents, presentations, and workbooks. The following is a list  
of some sample features that help users increase their productivity:  
Automator support - Automator is a Mac OS X v10.4 (Tiger)  
application that helps automate commonly performed and  
repetitive tasks. All Office 2008 applications come with several  
sample Automator workflows. For example, a workflow in Word  
converts text to audio and sends the audio to an iPod. In  
Entourage, users can use a sample workflow to print selected e-  
mail messages.  
To Do Lists and My Day in Entourage - Users can manage time and  
tasks more efficiently by using the new To Do List feature. The To  
Do List displays all To Do items in one place. My Day is a widget-  
like application that allows users to display their day's events and  
To Do List on the desktop. Users don't even have to open  
Entourage to use My Day and view their To Do List.  
Entourage Calendar - The redesigned Calendar interface makes it  
easier to manage events and tasks. Users can color-code events by  
using categories, quickly create new events by dragging, and view  
the To Do List next to the Calendar.  
Toolbox and Object Palette - The Office Toolbox provides a one-  
stop destination for some of the most useful tools in Office 2008. It  
consolidates the Formatting Palette, Object Palette, Compatibility  
Report, Scrapbook, Reference Tools, and other application-specific  
tools in one convenient interface. The new Object Palette gives  
quick and easy access to shapes, Clip Art, symbols, and photos  
(including iPhoto).  
4
Office 2008 Evaluation  
Typical  
challenges in a  
business  
environment  
Why choose Office 2008  
Optimizing IT  
resource  
efficiency  
By deploying Office 2008, organizations can reduce the total cost of  
ownership for Microsoft Office in areas including employee training,  
information technology support (IT), meeting expenses, and hardware costs.  
Office 2008 can help in the following ways:  
Documentation support - The new and improved Help and online  
training resources provide extensive guidance about how to use  
Office 2008. They have been designed to help minimize training  
and technical assistance costs. In addition to Help, the Microsoft  
Office 2008 for Mac Administrator’s Guide provides technical  
guidance to IT professionals who are responsible for planning,  
deploying, and maintaining Office 2008 in a business environment.  
The online versions of these documentation sets, available both in  
Office 2008 Help and on the Microsoft Web site, will now be  
updated on an ongoing basis to provide the most up-to-date and  
relevant content to users.  
Open XML Formats- The new file formats allow users to create  
documents from different data sources, reduce the size of files, and  
improve data recovery in corrupted files.  
Note Open XML Formats are also the default file formats for the  
2007 Microsoft Office system.  
Security features - Expanded security features such as anti-spam  
and anti-phishing e-mail filters help prevent fraudulent links or  
spoofed domains and protect users from these types of online  
scams.  
5
Office 2008 Evaluation  
What's new in Office 2008  
What's new for the IT professional  
For the IT professional who implements and maintains applications and technical solutions across  
an organization, Office 2008 for Mac comes with improved deployment applications. These  
applications are designed to help reduce the amount of time that is required to plan and execute  
deployments, as well as to simplify the tasks that are associated with managing the organization's  
desktop clients. Here are highlights of some of the new and enhanced features in Office 2008.  
Office 2008  
Office 2008 offers streamlined manageability for the IT professional, helping your team collect,  
organize, and share critical information across boundaries. The following list describes some of the  
new features in Office 2008.  
Universal binary format  
Office 2008 uses the universal binary format and is therefore optimized for both Intel-based and  
PowerPC-based Macintosh computers.  
Open XML Formats  
Open XML Formats are now the default file formats for Word 2008, Excel 2008, and PowerPoint  
2008. These new file formats allow users to create documents from different data sources, reduce  
file sizes, and recover data from corrupted files more easily.  
The file formats are based on compressed XML and are therefore substantially smaller than earlier  
versions of Office binary formats. This helps businesses reduce the costs that are associated with  
document storage.  
Note With the Open XML File Format Converter for Mac, you can convert Open XML files to a  
format that is compatible with Office 2004 for Mac and Office v. X for Mac. File conversion  
tools are available in the Downloads  
(www.microsoft.com/mac).  
area of the Office for Mac Web site  
Enhanced deployment tools  
Office 2008 uses the Apple-recommended Apple Installer technology for installation. This makes  
the installation process more efficient because the data that Office installs is in the .pkg format.  
Office Installer is compatible with Apple Remote Desktop and the installation applications are  
AppleScript-ready.  
The Office Installer includes enhanced customization capabilities, such as optional font  
installations, to assist the IT professional in distributing resources.  
6
     
Office 2008 Evaluation  
Intuitive user interface  
The updated user interface in Office 2008 provides a more intuitive experience, which makes the  
product features easier to find and use. This intuitive user experience also helps minimize training  
and support demands by providing end users with significantly improved Help capabilities and  
self-service tools.  
Documentation support  
The Microsoft Office 2008 for Mac Administrator's Guide provides technical guidance for IT  
professionals who are responsible for planning, deploying, and maintaining Office 2008 in a  
business environment.  
The new and improved Help and training resources provide extensive guidance about how to use  
Office 2008. They have been designed to give users the answers they need and to help minimize  
training and technical assistance costs in an enterprise.  
Entourage 2008  
Entourage 2008 provides enhanced features that help users manage time and information,  
instantly locate information, and filter out unwanted junk e-mail. Entourage also helps protect  
users from fraudulent Web sites. When combined with Microsoft Exchange Server 2007, Entourage  
2008 makes significant strides with several updates, including support for document retention  
policies, support for Kerberos authentication, and support for availability services.  
For more information about how Entourage 2008 works with different versions of Microsoft  
Office 2008 Planning section.  
Support for compliance with managed e-mail folders  
Exchange 2007 offers managed folders, a new approach to mail retention policies, archiving, and  
regulatory compliance for user mailboxes. Entourage 2008 users can see and interact with these  
folders just like any other mail folder, but the messages stored within these folders gain retention,  
archive, and expiration policies defined by the administrator. With managed e-mail folders, users  
and administrators can easily comply with various forms of external regulation and internal  
company policies regarding message retention.  
Message classification for mail messages and message posts  
When used with Exchange 2007, Entourage 2008 displays message classifications on received  
messages. Examples of potential classifications might include HIPAA, Legal Documents, and  
Confidential.  
7
Office 2008 Evaluation  
Support for Exchange Web Services  
Entourage 2008 uses Exchange 2007 Web Services to support the following features:  
Free/busy For Exchange 2007 users, Entourage 2008 exposes additional free/busy  
details, such as subject and location.  
Out of Office Assistant For Exchange 2007 users, Entourage 2008 exposes additional  
Out of Office Assistant settings, such as separate internal and external out-of-office  
messages.  
Autodiscover service For users of Exchange 2007 Service Pack 1 (SP1) and Entourage  
2008 SP1, the Autodiscover service makes it easier to configure Entourage 2008. It uses a  
user's e-mail address or domain account to configure a user's profile automatically. For  
more information about the Autodiscover service, see the Exchange Server  
documentation (technet.microsoft.com).  
Note Web Services are also used for assigning delegate rights. Delegation Web services are  
available only in Microsoft Exchange Server 2007 SP1.  
Client certificate-based authentication  
Client certificate-based authentication is available with Entourage 2008 for Mac Service Pack 1  
(SP1). This authentication is a type of two-factor authentication that uses two separate items, a  
client certificate and a password, to verify a user's identity.  
Kerberos authentication  
Entourage 2008 adds supports for Kerberos authentication protocol for Exchange server. This  
makes signing into Microsoft Exchange Server and LDAP server, which your Exchange account uses  
for the Global Address List, easier and more secure.  
For more information about Kerberos authentication in Entourage 2008, see Using Entourage 2008  
with Kerberos authentication in the Office 2008 Planning section.  
Junk e-mail filtering and phishing detection  
Entourage 2008 now includes improved, customizable junk e-mail filtering, as well as phishing  
protection that helps detect messages with fraudulent links or spoofed domains.  
For information about how to set the level of junk e-mail protection, see the following topics in  
Entourage 2008 Help:  
Customize junk e-mail protection  
About junk e-mail protection  
8
Office 2008 Evaluation  
Unsafe attachment blocking  
Entourage 2008 detects and blocks attachments that are application files or other files that could  
contain malicious software.  
For more information about the different application files or other files that Entourage 2008  
blocks, see Attachment file types in Entourage 2008 in the Office 2008 Technical Reference section.  
For more information about how to customize the attachment policy settings, see Customize  
Entourage 2008 attachment settings in the Office 2008 Planning section.  
HTML protection  
To protect against malicious code that could be embedded in an e-mail message, Entourage 2008  
does not run scripts or downloads that are specified by the formatting code in the e-mail message.  
Improved S/MIME support  
Entourage 2008 supports increased levels of industry-standard signing and encryption algorithms:  
Signing algorithms Entourage 2008 can create a digital signature with any of the  
following algorithms: SHA-512, SHA-384, SHA-256, SHA-1.  
Encryption algorithms Entourage 2008 can encrypt messages with any of the  
following algorithms: AES-256, AES-192, AES-128, and 3DES.  
For more information about digital signatures in Entourage 2008, see Digital certificate  
Entourage 2008 in the Office 2008 Planning section.  
Improved smart card support  
Entourage 2008 supports the use of digital IDs that have been stored on smart-card-based  
keychains to perform secure messaging operations such as digitally signing, verifying, encrypting,  
and decrypting mail messages. Several improvements have been made in Entourage 2008 that  
enhance support for smart cards. For example, users can now send digitally signed and encrypted  
messages by using smart cards that follow one of the approved specifications: Common Access  
Card (CAC), Government Smart Card Interoperability Specification (GSCIS), or Personal ID  
Verification (PIV).  
For more information about the different Entourage 2008 features that support the use of smart  
cards, see Smart card support in the Office 2008 Planning section.  
9
Office 2008 Evaluation  
What's new for the end user  
Office 2008 for Mac provides a suite of desktop productivity tools that helps Macintosh users get  
more impact out of their information and seamlessly share their ideas. The latest release delivers  
new capabilities that enhance how users work with each other and empowers them to achieve the  
results they want, faster. For example, the redesigned user interface reduces clutter and  
interruptions. The intuitive design makes it easier for users to find and use product features and  
supports the creation of great-looking documents.  
New features available throughout Office 2008 for Mac  
Office 2008 includes new tools that help users create more professional-looking documents in less  
time, build documents more easily from frequently used content, and produce great-looking  
letters, proposals, workbooks, and presentations. Quick formatting capabilities help users rapidly  
apply a new look and feel to documents and the preview capabilities give users a quick look at any  
changes they make to the documents. The following list describes some of the new features  
introduced in Office 2008.  
Share documents across platforms  
The new Open XML Formats are the default file formats for Office 2008 desktop applications.  
Open XML Formats are also the default file formats for the 2007 Microsoft Office system. This  
makes it easier for Macintosh users to share files with users running Windows-based computers.  
Open XML Formats offer a dramatic reduction in file size. They also offer an improvement in data  
recovery for damaged files. These new formats provide tremendous savings to storage and  
bandwidth requirements and help reduce the burden of IT costs.  
In addition to using the Open XML Formats, Office runs on Intel-based and PowerPC-based  
Macintosh computers, which enables Macintosh users to share documents easily with each other  
regardless of the Macintosh computer that they use.  
Add preformatted elements in just a few clicks  
The Elements Gallery in Office 2008 puts frequently used design features in a convenient  
thumbnail collection.  
10  
   
Office 2008 Evaluation  
The Elements Gallery is located below the toolbars in Word, PowerPoint, and Excel. It provides  
quick access to some of the most-used features. From the Elements Gallery, users can add  
SmartArt graphics, WordArt, charts, tables, and templates to their documents and presentations.  
For example, in PowerPoint, users can apply slide layouts or slide themes from the Elements  
Gallery. And in Excel, users can find preformatted ledger sheets in the Elements Gallery.  
Access the most-used tools quickly and easily  
The Office Toolbox is now a one-stop destination for some of the most useful tools in Office. The  
new Toolbox consolidates the Formatting Palette, Object Palette, Compatibility Report, Scrapbook,  
Reference Tools, and other application-specific tools in one convenient interface. Users can also  
customize Toolbox settings, such as which palettes to show and how the Toolbox should appear  
when it's not in use.  
The new Object Palette gives quick and easy access to all shapes, Clip Art, symbols, and photos  
(including iPhoto). Users can adjust the Object Palette zoom slider to show just the size and  
number of objects that they want.  
Create a unified look for your documents, presentations, and workbooks  
By using Quick Styles and document themes, users can quickly change the appearance of text,  
tables, and graphics throughout their documents and presentations to match their preferred style  
or color scheme. Users can use the new theme-aware color picker on the Formatting Palette in  
Word, PowerPoint, and Excel, to quickly see how various theme colors appear when applied to a  
theme. Office 2008 users can easily share themes across all Office applications to create a great-  
looking and coordinated set of materials.  
Use designer-quality SmartArt graphics  
Users can now quickly create designer-quality diagrams, charts, and other information graphics by  
using SmartArt graphics. They can choose from dozens of SmartArt graphics to visually represent  
lists, hierarchies, and other relationships. Users can add stunning visual effects to SmartArt  
graphics, shapes, WordArt, and charts, including three-dimensional (3-D) effects, shading,  
reflections, glows, and more. Users can also preview and add all SmartArt graphics from the  
Elements Gallery in Excel, PowerPoint, and Word.  
Use new designer-quality chart templates  
Users can use the new designer-quality chart templates to illustrate their data with special effects  
such as 3-D, transparency, and shadows. In Word, PowerPoint, and Excel, users can insert charts  
from the Elements Gallery. They can also apply updated chart styles, edit, and format charts. Users  
must create and edit data in Excel, but they can insert the chart into Word document or  
PowerPoint presentation.  
11  
Office 2008 Evaluation  
Save as PDF  
It is now easier to save and share documents, presentations, and workbooks by using the popular  
Portable Document Format (PDF). PDF helps ensure that documents appear with the correct layout  
and fonts on any computer that can view PDF files. The PDF file format option is now available in  
the Save As dialog box on the File menu in Word, PowerPoint, and Excel.  
Automate commonly performed tasks  
Automator is a Mac OS X v10.4 (Tiger) application that helps to automate commonly performed  
and repetitive tasks. In Office 2008 and Office 2008 Home and Student Edition, all of the  
applications come with several sample Automator workflows. For example, a workflow in Word  
converts text to audio and sends the audio to an iPod. In Entourage, users can use a sample  
workflow to print selected e-mail messages.  
New features in Word  
New formatting tools, views, templates, and a fresh, intuitive user interface in Word 2008 can help  
transform creative ideas into great-looking documents. In addition to enhancements made to the  
standard print layout view, Word 2008 introduces a new specialized environment called publishing  
layout view that brings desktop-publishing-caliber tools to Word.  
Publishing layout view in Word 2008 includes specialized tools like professional-quality layout  
guides and templates.  
Create professional-looking documents  
Word 2008 helps produce professional-looking documents by providing a comprehensive set of  
tools, such as publishing layout view, new publishing templates, and ligatures in fonts, for creating  
and formatting documents.  
Document Elements (for word processing) This feature can help automate common, but  
sometimes time-consuming tasks. Available in the Elements Gallery, these professionally designed  
publishing components include cover pages, tables of contents, headers, footers, and  
bibliographies to help users quickly assemble complex documents.  
12  
Office 2008 Evaluation  
Publishing layout view (for layout- rich documents) This new specialized environment in Word  
2008 combines powerful desktop publishing tools and designer templates in one location. Users  
can use publishing layout view to quickly create professional-looking documents that are  
traditionally created by using advanced Desktop Publishing (DTP) applications.  
Publication templates Word 2008 provides dozens of professionally designed  
publication templates. Users can use these templates to create great-looking brochures,  
newsletters, posters, and flyers. They can customize any template by using a theme. Or,  
they can use pictures and text to make the publication look just the way that they want.  
Ligatures in fonts Ligatures are font characters that combine two or more separate  
characters to improve text style and readability. Some ornate font ligatures include  
decorative swashes that users can use to enhance the style of a document.  
In Word 2008, users can use ligatures in Apple Advanced Typography (AAT) fonts in  
Mac OS X v10.4 (Tiger) and both AAT and OpenType fonts in Mac OS X v10.5 (Leopard).  
Use improved notebook layout view  
Word 2008 introduces significant enhancement to notebook layout view. In Word 2008, users can  
customize and personalize notebook documents with different appearances and backgrounds.  
Notebook tabs now support colors for improved categorization of notes, and can be dragged  
across different Word notebook documents. The audio recording preferences for notebook layout  
view now offer easier customization.  
Use improved mail merge  
The new streamlined Mail Merge Manager in Word 2008 combines, or merges, information from a  
data source with information in Word document so that users don't have to create multiple  
versions of the document by hand. Performing mail merges by integrating Word documents, e-  
mails, forms, and contacts is simple and much faster than the manual alternative.  
New features in Excel  
Excel 2008 helps users manage their data for powerful results, visually persuasive charts, and  
thought-provoking graphs.  
Ledger sheets in Excel 2008 make tracking finances, inventories, invoices, and even portfolios  
easy with preformatted spreadsheets and automatic calculations.  
13  
Office 2008 Evaluation  
Use improved tools for writing formulas  
The Formula Builder helps users create formulas in a simple, step-by-step approach. Users don't  
have to memorize functions or their syntax. They can use Formula Builder to create formulas,  
search for functions, insert functions and arguments in existing formulas, and get help on all Excel  
functions.  
With Formula AutoComplete, users can write and edit formulas without having to remember  
function names, defined names, or other elements of a formula. When they type a formula in a  
cell, users can choose valid functions, names, and named ranges in context.  
Create professional-looking charts  
The new charting features include 3-D shapes, transparency, soft shadows, and other special  
effects. Because charts in Excel 2008 have the same functionality as drawing objects, users can  
apply a workbook theme or add an assortment of visual effects to a chart. New effects, such as 3-  
D, fill, and transparency, can greatly enhance the look of a chart. Users also can format different  
chart areas, such as the plot area, the title, the data label, or the legend, and can rotate and flip  
charts with precision.  
Use more rows and columns  
To enable users to explore substantial amounts of data in spreadsheets, Excel 2008 supports more  
than 1 million rows and 16 thousand columns per sheet. Specifically, the Excel 2008 grid is  
1,048,576 rows by 16,384 columns, which provides users with 1,500% more rows and 6,300% more  
columns than was available in earlier versions of Excel.  
New features in PowerPoint  
Users can create and deliver dynamic presentations that inspire their audience’s imagination with  
compelling visuals and layouts.  
Slide themes in PowerPoint 2008 give your presentation a professional and unified design.  
14  
Office 2008 Evaluation  
Enhance the visual effects of presentations with new themes and rich graphics  
Office 2008 comes with new themes, layouts, and Quick Styles that offer users a wide range of  
formatting options. Themes simplify the process of creating professional presentations. With one  
click, all the background, text, graphics, charts, and tables change to reflect the theme that users  
select, ensuring that all elements in the presentation complement one another. Users can apply the  
same theme to a Word 2008 document or Excel 2008 sheet that they apply to a presentation.  
PowerPoint now supports true 3-d shapes and images, bevels, powerful custom gradient support,  
reflections, and soft shadows control, glow effects and much more. In addition, PowerPoint  
supports Apple ColorSync technology.  
Choose from the new custom-designed table styles  
Users can choose from 74 custom-designed table styles. There is even the ability to have banded  
tables and different looks for the header and last row. In addition, the new table properties allows  
to easily add columns and rows directly from the formatting palette.  
Customize presentation layouts  
Users can use custom layouts to make text and other objects appear precisely where they want  
them to on their slides. For each layout, users can specify the number, size, and location of  
placeholders, background properties, graphic images, charts, and diagrams.  
New features in Entourage  
Entourage 2008 provides new features to help users manage time and information, instantly locate  
information, and protect important documents and files. My Day and the To Do List are some of  
the new features in Entourage 2008 that help users organize information in new and rich ways. The  
new user interface makes it easier for users to see and make changes to their schedules quickly  
and easily. In addition, it allows users to see their tasks along with their schedules, which makes  
tracking daily work a more productive experience.  
The following list includes some key features of Entourage 2008.  
Keep e-mail more secure and reduce spam  
Junk e-mail protection in Entourage 2008 identifies and filters out more unwanted messages than  
earlier versions of Entourage. Users can choose from different levels of junk e-mail protection and  
set options to determine the optimum settings. Entourage 2008 also detects phishing messages  
that might have links to fraudulent Web sites.  
15  
Office 2008 Evaluation  
Prioritize and manage time  
My Day in Entourage 2008 manages schedules and tasks in one easy interface.  
By using the new My Day and To Do List features, users can quickly view calendar events and  
manage their To Do List from their desktops without having to open Entourage.  
Create Out of Office messages  
When users use a Microsoft Exchange Server 2007 mail account, they can now schedule Out of  
Office messages in advance without worrying about forgetting to turn the Out of Office Assistant  
on or off. Entourage 2008 also allows users to customize Out of Office auto-replies for internal and  
external contacts.  
Find information quickly  
To help users better manage their time and information, Entourage 2008 offers a number of new  
and improved features, from Spotlight search to assigning color-coded categories to items. These  
features make it easier to locate, manage, prioritize, and act on the volumes of information that  
users encounter every day.  
Spotlight search Users can access the power of Spotlight, which is built into the Mac OS, to  
quickly find any information in Entourage, including message attachments.  
Color- coded categories Users can assign color-coded categories to items, which makes it easy to  
locate and organize project information.  
Favorites Bar The Favorites Bar is located below the toolbar and can be customized to display  
shortcuts to a user's favorite views.  
16  
Office 2008 Evaluation  
Schedule meetings with the new and improved calendar  
Entourage 2008 has a redesigned calendar interface that makes it easier and more intuitive for  
users to schedule and manage meeting invitations.  
Accept, Tentative, and Decline from the Calendar Attendees can change meeting status directly  
from the event. Calendar management actions, such as declining a previously accepted meeting  
directly from the event, are more straightforward and consistent with Outlook.  
Meeting update and cancellation improvements Entourage 2008 provides meeting organizers  
more flexibility in managing invitation updates and cancellations. Organizers can choose whether  
to update attendees about a change or cancellation, and they can include comments. If attendees  
are added or removed from a meeting, the organizer can choose to update all attendees or just  
those attendees whose status has changed.  
Meeting Reply, Reply All, and Forward By using Reply, Reply All, and Forward, organizers can  
quickly correspond with meeting participants through e-mail without opening or changing the  
meeting. Attendees can now easily forward their meetings to others who they think should  
participate. Those additional attendees receive their own copy of the invitation and can choose to  
accept if they agree.  
Out of date invitation detection Entourage 2008 is smarter about handling updated invitations,  
making it easier for meeting participants to know which invitation is the right one. Old invitations  
are labeled Out of Date, and the Accept, Tentative, and Decline buttons are disabled, leaving only  
the current invitation active.  
Invitation Conflict and Adjacent banners Invitation banner accuracy is improved, especially  
around delegation and single-user concurrent Outlook and Entourage Calendar usage. In addition,  
Entourage 2008 includes Outlook-inspired time management banners called Conflict and  
Adjacent.  
No Response Requested support Entourage 2008 respects No Response Requested invitations  
and simply creates the event on the Calendar without sending a response to the organizer.  
Compare versions of Office for Mac  
At the core of the Microsoft Office 2008 solution are its integrated and easy-to-use applications,  
including Excel, Word, PowerPoint, and Entourage. These familiar applications deliver various  
desktop productivity tools to information workers.  
17  
   
Office 2008 Evaluation  
The following comparison tables show what improvements have been made over the years in the  
different Office applications.  
Features that are found in multiple Office applications  
Feature is included  
Feature is not included  
Office  
2001  
Office  
v. X  
Office  
2004  
Office  
2008  
Features  
Optimized for Mac OS X  
Formatting Palette  
Image editing tools  
Clipboard  
Project Gallery  
Flag for Follow-up  
Save as HTML  
AutoText  
Office Notifications  
Output to Portable Document Format (PDF)  
Project Center  
Microsoft AutoUpdate  
Quick Preview in Print dialog box  
Save as Picture  
Quartz graphics engine  
Contextual Help links  
Full AppleScript support  
Compatibility Reports  
Unicode font and language support  
18  
Office 2008 Evaluation  
Office  
2001  
Office  
v. X  
Office  
2004  
Office  
2008  
Features  
Long file names  
Error reporting  
Scrapbook  
Security improvements  
Spotlight support  
Object Palette  
Freshly designed templates  
SmartArt Graphics  
New WordArt  
Soft shadows  
Office-wide Reference Tools palette  
Save as PDF  
Improved Help  
Elements Gallery  
Support for Visual Basic for Applications (VBA)  
19  
Office 2008 Evaluation  
Entourage  
Feature is included  
Feature is not included  
Office  
2001  
Office  
v. X  
Office  
2004  
Office  
2008  
Features  
E-mail and personal information manager  
Color-coded categories  
Custom views  
Support for Windows Live Hotmail Plus Web-based e-  
mail service  
Rich e-mail editing  
Junk e-mail filtering  
Improved user interface  
Rich content  
Microsoft Exchange support  
Delegate access  
Global address list (GAL) information  
Public Folder access  
Reading pane view  
Archiving  
Action buttons supported by Microsoft MapPoint  
Sync Services support  
Smart Card improvements  
Delegate management  
Permissions  
Browsable GAL  
20  
Office 2008 Evaluation  
Office  
2001  
Office  
v. X  
Office  
2004  
Office  
2008  
Features  
Organizational and membership information available  
in the GAL  
Folder storage quota access  
Password expiration notice  
Multiple calendars and address books  
Managed folders  
Message classification for received messages  
Additional free/busy details (subject/location)  
Out-of-office (OOF) messages  
Kerberos authentication  
Message and contacts flagged as To Do Items  
synchronized with Microsoft Office Outlook 2007  
Web services for assigning delegate rights  
Autodiscover service for account setup  
Client certificate-based authentication  
Phishing detection  
Unsafe attachment blocking  
Favorites bar  
Spotlight integration  
My Day  
Reference Tools  
To Do List  
Mini-calendar in all views  
21  
Office 2008 Evaluation  
Office  
2001  
Office  
v. X  
Office  
2004  
Office  
2008  
Features  
Customizable toolbar  
Accept, Tentative, and Decline from the Calendar  
Meeting Reply, Reply All, and Forward  
Out-of-date invitation detection  
Invitation conflict and adjacent banners  
No response requested  
Collapsible account names in folder view  
Available in Microsoft Office 2004 Service Pack 2 (SP2)  
Available for Microsoft Exchange Server 2007 users only  
Available in Microsoft Exchange Server 2007 Service Pack 1 (SP1)  
Available in Microsoft Office 2008 Service Pack 1 (SP1)  
22  
Office 2008 Evaluation  
Word  
Feature is included  
Feature is not included  
Office  
2001  
Office  
v. X  
Office  
2004  
Office  
2008  
Features  
Mail Merge Manager (Data Merge Manager)  
Ability to click and type anywhere in document  
Contact toolbar  
Entourage Address Book integration  
Track Changes  
Multi-selection  
Save as HTML  
Notebook layout view  
Reference Tools in Toolbox  
Smart Buttons  
Style improvements  
Navigation pane  
Thumbnail view  
Publishing layout view  
Ligatures in fonts  
Document map  
Document Elements  
Citations and bibliography  
Improved, easy-to-use Mail Merge Manager  
23  
Office 2008 Evaluation  
Excel  
Feature is included  
Feature is not included  
Office  
2001  
Office  
v. X  
Office  
2004  
Office  
2008  
Features  
List Manager  
FileMaker Pro Import Wizard  
Transparent charts  
Euro currency support  
Preference improvements  
Page layout  
Smart buttons  
Function ScreenTips  
Rangefinder improvements  
Ledger Sheets  
Formula Builder  
More than a million rows and 16,000 columns  
Improved charting  
Formula AutoComplete  
24  
Office 2008 Evaluation  
PowerPoint  
Feature is included  
Feature is not included  
Office  
2001  
Office  
v. X  
Office  
2004  
Office  
2008  
Features  
Tri-pane view  
PowerPoint movies  
Compatibility with PowerPoint for Windows  
Slide animations  
PowerPoint Packages  
Presenter tools  
New design templates  
Font formatting improvements  
Send to iPhoto (for viewing in iPod)  
Office Themes  
SmartArt Graphics  
Thumbnail view  
Custom layouts  
Apple Remote Control-enabled  
Dynamic guides  
Animation pane  
Reference Tools  
Rich graphics (reflection, soft shadows, 3-D)  
Table styles  
Improved WordArt  
25  
Office 2008 Evaluation  
Office  
2001  
Office  
v. X  
Office  
2004  
Office  
2008  
Features  
Object Palette with iPhoto integration  
Support for Microsoft Office PowerPoint 2003  
for Windows comments  
Integrated charting  
Microsoft Word-like text  
Office 2008 system requirements  
The following table lists the minimum hardware and software requirements for installing Office  
2008.  
Component  
Processor  
Minimum requirement  
Intel, PowerPC G5, or PowerPC G4 (500 MHz or faster) processor  
Operating system Mac OS X v10.4.9 or later version  
Memory  
512 MB of RAM or more  
Hard disk  
1.5 GB of available hard disk space; Hierarchical File System (HFS)+ hard disk  
format (also known as Mac OS Extended or HFS Plus)  
External disk  
drive  
DVD drive (or connection to a local area network if you are installing over a  
network)  
Monitor  
1024 x 768 pixel or higher resolution  
Mouse or compatible input device  
Input device  
Microsoft  
Exchange Server  
Connectivity to Microsoft Exchange Server 2007, Microsoft Exchange Server  
2003, or Microsoft Exchange 2000 Server is required for certain advanced  
functionality in Entourage 2008  
26  
   
Office 2008 Planning  
About Microsoft Volume Licensing programs  
Microsoft Volume Licensing programs offer companies of all sizes a great way to buy and manage  
five or more software licenses. For more information about licensing options for businesses, visit  
the following resources:  
Compares the different Microsoft Volume Licensing  
programs to help you decide the program best suited for your needs.  
Gives you automatic access to new technology and  
provides productivity benefits, support, tools, and training to help deploy and use  
software efficiently.  
select Microsoft products, find the right Microsoft Volume Licensing program, and  
determine estimated retail pricing (ERP) based on your software needs.  
Provides an online tool to help you find and  
Helps you find a Microsoft Volume Licensing  
specialist in your region or contact your preferred Microsoft Reseller.  
Note Downloading the volume license version of Microsoft Office 2008 for Mac is unsuccessful  
when you use the Safari Web browser. We recommend that you use the latest version of  
Mozilla Firefox® Web browser (Mozilla  
http://www.mozilla.com) to download the volume  
license versions of the Microsoft Office 2008 for Mac suite or stand-alone applications.  
Office 2008 Planning  
Planning a deployment  
Deployment methods for Office 2008  
There are two general approaches for deploying Office 2008:  
Installing retail copies of Office 2008 on individual users' computers.  
Deploying Office 2008 under a volume license from a central location to multiple  
computers on a network.  
27  
         
Office 2008 Planning  
You cannot deploy retail versions of Office across an organization from a central location. To  
deploy Office 2008 centrally, your organization must have a volume license. For more information  
about volume licensing, see About Microsoft Volume Licensing programs in the Office 2008  
Evaluation section.  
Important  
Before you install Office 2008 on a computer, we recommend that you prepare the  
computer as follows:  
1. Turn off virus protection software, and quit any applications that are running.  
2. Back up any existing Entourage identity databases.  
After Office 2008 has been installed on the computers of Entourage users, these users can import  
information from their previous Entourage identities. For more information about importing  
information to a new Entourage identity, see Microsoft Entourage 2008 for Mac Help.  
Installing retail copies on individual computers  
To install Office 2008 on a single computer, follow the instructions in the retail product. Each retail  
copy must be installed by using its own unique Product key.  
Deploying Office 2008 from a central location to multiple computers  
There are several methods available for deploying Office to multiple computers from a central  
location. Some methods install Office directly on users' computers. Other methods load Office  
applications onto users' computers at run time from a server. You can use any of the deployment  
methods that are described below to deploy the default installation image from the Office 2008  
distribution media. You can also deploy a customized installation image of Office 2008 that reflects  
your preferred preference settings for a group of computers in your organization.  
The methods for deploying Office 2008 include:  
Installation by using Apple Remote Desktop  
Use Apple Remote Desktop to distribute the .mpkg file onto users' computers. Office  
2008 uses the Apple-recommended Apple Installer technology for installation. This  
makes the installation process more efficient because the data that Office installs is in  
the .mpkg format. Office Installer is compatible with Apple Remote Desktop, and the  
installation programs are AppleScript ready.  
28  
Office 2008 Planning  
Important  
When you deploy Office 2008 by using a remote connection, such as Apple Remote  
Desktop, to a client computer at a login window, a postflight script in the Office Installer  
causes the Dock application to open with root user privileges. Any applications  
subsequently opened from the Dock will also be run with root user privileges. Under these  
conditions, someone with physical access to the client computer can gain local elevation  
of privilege. This security issue can only occur when Office 2008 is deployed to computers  
that run Mac OS X v10.4.9 or a later version of Mac OS X v10.4 (Tiger). This is not an issue  
for computers that run Mac OS X v10.5 (Leopard). For information about how to mitigate  
(Tiger) in the Office 2008 Known Issues section. For more information about this security  
Installation from a file server  
Load the installation image on a file server. Users install Office on their computers by  
dragging the .mpkg file from the file server to their computers and then opening it.  
Running from a NetBoot image  
When you configure Office as part of the NetBoot image, Office is available to users  
automatically when they start or restart their computers.  
For more information about these deployment methods, see the following topics in the Office  
2008 Deployment section:  
For detailed information about how to create an installation image and customize preferences, see  
the Office 2008 Deployment section.  
Deployment methods for Office 2008 preferences  
As an administrator, you can modify many Office 2008 application preferences and deploy them to  
your users. For example, you can set default locations for saving files or set the level of junk e-mail  
protection. This makes it possible for you to enhance security, standardize application settings, and  
decrease the amount of time you spend managing Office on your network.  
To establish a standard set of preferences for users, you set preferences for each application and  
then deploy the corresponding preference files or settings to users' home folders.  
29  
   
Office 2008 Planning  
Most Office 2008 preferences are stored as a key/value pair in the property list (.plist) files. These  
.plist files, also known as preference files, are stored in /Users/username/Library/Preferences.  
However, some Office 2008 preferences are stored in other locations such as in the Entourage  
2008 database.  
For information about preference file locations, see Office 2008 preference file locations for  
deployment in the Office 2008 Deployment section.  
The first time a user opens an Office 2008 application, Office finds the preference files that  
correspond to that application and then uses the settings that are stored in the files.  
You can use the following methods to deploy preferences:  
Workgroup Manager Use Workgroup Manager specifically when you want to modify  
preference settings that have been deployed already or when you want to manage  
individual preferences in a .plist file without disrupting other settings in the same file.  
Apple Remote Desktop Use Apple Remote Desktop when you want to replace or  
update application preferences.  
Setup sequence of events  
The setup architecture in Office 2008 has been redesigned to enable users to easily install and  
remove Office for Mac components. The new setup design also offers an improved user experience  
with cross-language upgrades and includes enhanced customization capabilities, such as optional  
font installations.  
Office 2008 uses the Apple installer technology for installation. Office Installer is compatible with  
Apple Remote Desktop, the data that Office 2008 installs is in the .pkg format, and the installation  
programs are AppleScript-ready. This helps to distribute resources to user computers on a  
network.  
In Microsoft Office 2004, the entire process of installation was handled by the Office Setup  
Assistant. In Microsoft Office 2008, installation is divided into two stages:  
1. Using Office Installer to install Office 2008  
2. Using the Office Setup Assistant to set up Office 2008 applications  
In stage 1, Office Installer copies the Office 2008 files on to the user’s computer. In stage 2, the  
users' computers are prepared for first use of the Office 2008 applications.  
30  
   
Office 2008 Planning  
Users can start the installation process by running Office Installer. The Office Installer provides a  
user interface to guide the users through installing Office applications on their computers. If you  
are installing Office on a local computer, after the Office Installer completes the installation  
process, the Office Setup Assistant launches automatically. However, if you are installing Office  
from a remote computer, the Office Setup Assistant will run when the user first launches one of the  
Office applications.  
Stage 1: Using Microsoft Office Installer  
Users should have administrator credentials to install Office 2008. When launched, Office Installer  
checks for a number of installation prerequisites, including minimum system requirements for  
installing Office 2008. For detailed information about hardware and software requirements for  
Office 2008, see Office 2008 system requirements in the Office 2008 Evaluation section or the  
Office 2008 Planning section. If the minimum requirements are not met, the installation will close  
at this point, and a message will be displayed that informs the user about the failure to install.  
We recommend that users disable all virus protection software before installing Office 2008. Users  
should also make sure to quit all applications before the installation. This is because Office Installer  
might change existing fonts that might be in use during the Office installation. If there are  
applications open during the installation, they might appear to have corrupted fonts.  
If Office Installer finds that the system meets all the basic requirements, it continues with the  
installation process. If this is a volume license, the Product ID screen asks you to input your name  
and company information for identification purposes. You can create an OfficePID.plist file and  
distribute it to pre-populate the name and company information that a user would normally enter  
on this screen.  
Next, the Office Installer asks for the destination volume where it will install the Office 2008  
components. Office 2008 needs 1.5 GB of hard disk space to install all of the components. Users  
should make sure that the volume they select has enough disk space.  
31  
Office 2008 Planning  
There are two installation options, Easy Install and Custom Install:  
Easy Install  
This standard installation automatically does the following:  
Installs all Office 2008 components  
Installs fonts in /Library/Fonts/Microsoft  
The Office Installer moves older Office fonts from /Users/username/Library/Fonts and  
/Library/Fonts to /Users/username/Library/Fonts Disabled and /Library/Fonts Disabled,  
respectively.  
Adds Office 2008 icons to the Dock  
Installs the Automator Sample Workflows to /user-selected install location/Microsoft  
Office 2008/Office/Office First Run/MUD  
Installs the Microsoft Application Support Tools to /Library/Application  
Support/Microsoft (MERP, MAU and Help Viewer)  
Installs a Web hyperlink to /user-selected install location/Microsoft Office  
2008/Additional Tools/ Microsoft Silverlight  
Installs a Web hyperlink to the Flip4Mac plugin to /user-selected install  
location/Microsoft Office 2008/Additional Tools/Windows Media Components for  
QuickTime  
Installs the Windows Office Compatibility font collection to /user-selected install  
location/Microsoft Office 2008/Office/Office First Run/Library/FontCollections  
Note If users select the Easy Install option and there isn’t enough disk space to process this  
request, Office Installer directs users to the Custom Install option.  
Custom Install  
The custom installation option allows users to select what they want to install from a list of Office  
2008 components, which include the following:  
Microsoft Word  
Microsoft Excel  
Microsoft PowerPoint  
Microsoft Entourage  
Microsoft Messenger  
32  
Office 2008 Planning  
Proofing tools for Danish, Dutch, English (Aus), English (UK), English (US), Finnish,  
French, French (Canadian), German, Italian, Japanese, Norwegian (Bokmål), Norwegian  
(Nynorsk), Portuguese, Portuguese (Brazil), Spanish, Swedish, Swiss German  
Office Fonts  
Automator Actions  
Dock Icons  
Note When any of the four Office applications are installed, the following components are  
installed: Clipart, Equation Editor, Microsoft Graph, Organization Chart, Sounds, Templates,  
shortcut to Microsoft Silverlight, and shortcut to Flip4Mac plugin.  
Upgrading to a different language Office Installer provides the option of upgrading from one  
language to another language. If the user upgrades from language A to language B, the Microsoft  
User Data (MUD) folder is changed from language/location 1 to language/location 2.  
Installing fonts Office Installer provides the option of installing the Office 2008 fonts when the  
Office applications are installed. If users clear this selection, they will not receive the package of  
Office 2008 fonts or the Windows Office Compatibility font collection. If users select the option to  
install the fonts, Office Installer copies the fonts to /Library/Fonts/Microsoft. It checks for existing  
fonts in the following locations before copying new fonts to the user’s computer:  
/Library/Fonts  
/Users/username/Library/Fonts  
When users choose to install fonts, the Office Installer installs the fonts on the user computer as  
follows:  
Moves duplicate fonts from /Users/username/Library/Fonts and /Library/Fonts to either  
/Users/username/Library/Fonts Disabled or /Library/Fonts Disabled.  
Installs only Office 2008 fonts on the user’s computer.  
Installs the Windows Compatibility font collection in /user-selected install  
location/Microsoft Office 2008/Office/Office First Run/Library/FontCollections. The  
Office Setup Assistant copies the files to the appropriate location during the setup  
process.  
33  
Office 2008 Planning  
Note If users choose to install Office 2008 without the fonts, it will result in severely reduced  
functionality and user experience. For example:  
Users will find that font substitution occurs frequently and immediately because many  
applications have new default fonts.  
Office Themes makes use of several fonts introduced in Office 2008. Without these, the  
Office Themes experience will be limited, and users will find that font substitution  
occurs frequently.  
2007 Microsoft Office system has introduced new fonts as default and additional fonts.  
Therefore, users of Office 2008 who open files created in Windows-based versions of  
Office will encounter font substitution that results in document layout differences.  
Some results provided in the Reference Tools will not render correctly because they  
depend on some of the new fonts.  
Some existing fonts of earlier versions of Office have been updated in Office 2008.  
Removing earlier versions of Office As part of Office 2008 installation, users have the  
opportunity to remove all previous versions of Office. When upgrading to Office 2008, we  
recommend that users remove all previous versions of Office before using Office 2008. Users can  
also choose to run the Remove Office application of the previous version of Office. When you  
choose to remove all existing versions of Office, the Office Installer searches the hard disk for all  
versions and displays a list of the Office installations that were found. Users can select the versions  
that they want to remove.  
The following component is placed in the Trash for each Office installation:  
The entire Microsoft Office <version> folder  
The following component is not removed:  
User-created templates in the Microsoft Office <version> folder are moved to  
/Users/username/Desktop/Rescued Items/Office/<version>/.  
Stage 2: Using the Office Setup Assistant  
After the Office 2008 files are installed on the client computer, run the Office Setup Assistant to  
configure and set up Office 2008. When the Office Setup Assistant is launched, it checks the user's  
computer for any previous versions of Office. If information from the earlier versions of Office is  
found on the user computer, such as custom dictionaries, AutoCorrect lists, and proofing tool  
settings, the information is copied to Office 2008.  
34  
Office 2008 Planning  
Configuring the user identity Office 2008 shares the personal information that users enter during  
setup among all Office 2008 applications that are installed on the computer. These applications  
use identity information to personalize the user documents. The Office Setup Assistant provides  
the option of choosing from older identities for the user. If no previous identities are found, the  
user is asked to create an identity. In either case, the Office Setup Assistant determines whether  
there is enough space to import an older identity or to create a new identity. If there isn’t enough  
available space to transfer or create new identity information, the Office Setup Assistant displays a  
message that asks the user to free up disk space and then restart the Office Setup Assistant.  
Note It is possible to have more than one user information file stored on a user’s computer.  
Configuring feedback Customer Experience Improvement Program (CEIP) is the tool that users  
can use to provide feedback to Microsoft about how they use Microsoft software and services.  
Participating in CEIP is optional. If users participate in this program, Microsoft automatically  
collects anonymous information about their hardware configuration and how they use Microsoft  
software and services. Microsoft does not collect any personally identifiable information. User  
feedback is very valuable to Microsoft, as it helps identify issues to fix and provides information  
that can be used to improve design and implement features in future versions of the product.  
Installing Office 2008 updates The Microsoft AutoUpdate for Mac tool is installed as part of the  
Office 2008 installation. After you set up the Office 2008 components, Office Setup Assistant  
launches the Microsoft AutoUpdate for Mac tool. This tool informs the user of any available  
updates and provides the option to download and install updates before users start using the  
applications.  
Planning for Office 2008 product updates  
From time to time, Microsoft publishes software updates to improve application security,  
performance, and reliability. There are two ways to receive updates for Office 2008 for Mac:  
Automatically  
You can use Microsoft AutoUpdate for Mac to look for updates to your Office 2008  
software. By default, AutoUpdate is set to look for updates automatically once per  
week.  
Manually  
You can find updates and service packs for Office 2008 on the Downloads  
the Microsoft Web site (www.microsoft.com/mac).  
page of  
35  
   
Office 2008 Planning  
Deploying updates from a central location  
If your policies do not allow users to have administrator privileges on their computers, or if you  
want to centrally manage updates in order to ensure a common software environment for your  
users, you can choose the updates that you want to use and deploy them from a central location.  
This distributes updates to the appropriate users' computers and ensures that your existing  
installations have the latest software updates.  
You can set a preference to disable automatic update checking on users' computers. For more  
information, see Configuring AutoUpdate for Office 2008 in the Office 2008 Deployment section.  
Note There is no way to prevent a user who has an administrator account from independently  
downloading updates from the Microsoft Web site or from overriding your deployed  
preferences and using AutoUpdate.  
For procedural information about deploying updates centrally, see Distributing Office 2008  
product updates in the Office 2008 Operation section.  
Allowing users to perform updates independently  
If you are not planning to deploy Office 2008 updates centrally, you can instruct users to use  
AutoUpdate. To run AutoUpdate, the user opens any Office 2008 application and then on the Help  
menu, clicks Check for Updates. Running AutoUpdate requires that the user log in as an  
administrator.  
Planning your e-mail system  
When you are implementing Office 2008 in a Microsoft Exchange Server environment, you can  
choose any of the following e-mail applications for Macintosh clients in your enterprise:  
Entourage 2008, which enables Web Distributed Authoring and Versioning (DAV) access  
to a server that is running Microsoft Exchange.  
Outlook Web Access Light, which enables browser-based access to an Exchange server.  
Remote Desktop Connection Client for Mac, which enables a Macintosh client computer  
to connect to Outlook on a Windows-based computer for access to an Exchange server.  
Solutions such as Boot Camp, Parallels, or other third-party products that allow  
Microsoft Office Outlook to run under Windows on the Macintosh computer and to  
connect from there to an Exchange server.  
36  
   
Office 2008 Planning  
The following table shows system requirements for each e-mail application.  
Client-side  
E-mail  
application  
Client operating system software  
Server-side software  
requirements  
requirements  
requirements  
Entourage  
2008  
Mac OS X v10.4 or a  
later version  
Entourage 2008  
For e-mail support, Microsoft  
Exchange 2000 Server (with  
latest service pack), Microsoft  
Exchange Server 2003, or  
Microsoft Exchange Server 2007  
must be installed.  
For GAL and Active Directory  
support, Microsoft Exchange  
2000 Server (with latest service  
pack), Microsoft Exchange  
Server 2003, or Microsoft  
Exchange Server 2007 must be  
installed on Microsoft Windows  
2000 Server or a later version of  
Windows Server.  
Outlook Web Access must be  
functioning.  
Outlook Web  
Access  
Mac OS 8.1 to 9.x or  
Mac OS X  
Web browser  
Microsoft Exchange 2000 Server  
(with latest service pack),  
Microsoft Exchange Server 2003,  
or Microsoft Exchange Server  
2007 must be installed. Tasks are  
supported beginning with  
Microsoft Exchange Server 2003.  
Outlook Web Access must be  
functioning.  
37  
Office 2008 Planning  
Client-side  
Client operating system software  
E-mail  
Server-side software  
application  
requirements  
requirements  
requirements  
Remote  
Desktop  
Connection  
Client for Mac  
Mac OS X v10.1 or a  
later version  
Remote Desktop  
Connection Client  
for Mac  
Outlook must be installed on  
one of the following:  
A server that has Terminal  
Services enabled and that  
is running Microsoft  
Windows 2000 Server or a  
later version of Windows  
Server  
A Windows-based  
computer (such as a  
mobile user's own  
desktop computer) on  
which Remote Desktop  
Connection is installed  
and that is configured to  
allow remote desktop  
connections; requires the  
Remote Desktop Protocol  
support in Windows XP or  
Windows Vista  
The appropriate version of  
Exchange Server must be  
installed to support the version  
of Outlook that is installed.  
Outlook for  
Windows  
running on a  
Macintosh  
computer  
Mac OS X v10.5 or a  
later version that  
supports Boot  
Any version of the  
Microsoft Windows Exchange Server must be  
client operating  
system and any  
The appropriate version of  
installed to support the version  
of Outlook that is installed.  
Camp(Mac OS X v10.4  
for Boot Camp beta), or version of Outlook  
a third-party  
for Windows  
virtualization product  
with supporting version  
of Mac OS X  
38  
Office 2008 Planning  
The following table lists the important characteristics of each e-mail application.  
Implemented in  
Outlook for  
Windows on a  
Macintosh  
Implemented in  
Entourage 2008?  
Implemented in Outlook Web  
Access Light?  
Characteristic  
computer?  
Support for  
Yes  
Yes  
Yes  
Microsoft Exchange  
account e-mail  
Support for HTML  
e-mail  
Yes  
Yes  
Read: Yes  
Yes  
Yes  
Compose: No  
Support for other  
e-mail protocols  
such as POP, IMAP,  
and Windows Live  
Hotmail Plus  
No  
accounts  
Support for Global  
Address List (GAL)  
directory search  
Yes; includes  
browse capability  
when the  
Exchange server is  
running Windows  
Server 2003 or a  
later version.  
Limited  
Yes  
Support for offline  
access to GAL  
No  
No  
No  
Yes  
Yes  
Support for offline  
access to data and  
reminders  
Yes  
Support for  
handheld  
Yes  
No  
Yes  
synchronization  
39  
Office 2008 Planning  
Implemented in  
Outlook for  
Windows on a  
Macintosh  
Implemented in  
Entourage 2008?  
Implemented in Outlook Web  
Access Light?  
Characteristic  
computer?  
Support for public  
folders  
Yes  
Yes: Exchange 2000 and Exchange  
2003  
Yes  
No: Exchange 2007  
Yes  
Support for  
Yes  
Yes  
scheduling and  
delegated group  
calendaring  
Note In an Exchange 2003  
environment, delegates have  
read-only access to the  
delegated or shared calendar by  
using Outlook Web Access.  
For more information about how to  
open another user's calendar by  
using Outlook Web Access, see How  
in the Microsoft Knowledge Base  
(support.microsoft.com).  
Support for .pst  
files  
Only when  
No  
Yes  
importing .pst  
files from Outlook  
2001 for Mac  
Support for  
delegation rights  
assignment  
Yes  
No  
No  
Yes  
No  
Consistent with  
Macintosh  
Yes  
application  
interface style  
40  
Office 2008 Planning  
Implemented in  
Outlook for  
Windows on a  
Macintosh  
Implemented in  
Entourage 2008?  
Implemented in Outlook Web  
Access Light?  
Characteristic  
The same user  
computer?  
No; however, the  
No; however, the experience is  
similar.  
Yes  
experience as when experience is  
using Outlook on a similar.  
Windows-based  
computer  
Knowledge of  
Windows required  
No  
Yes  
No  
Yes  
Yes  
Yes  
Can be used with  
other e-mail clients  
at the same time  
Planning for Entourage 2008  
Default ports for Entourage 2008  
Entourage 2008 uses default ports for standard communication protocols. Your network and  
account configuration may require some or all of the ports that are listed in the following table.  
Default port Used for  
80  
HTTP  
DAV uses HTTP for functions such as synchronizing mail, public folders, contacts,  
and events.  
443  
53  
HTTPS  
HTTP with Secure Sockets Layer (SSL), if SSL is enabled for DAV  
DNS queries  
To locate the Active Directory global catalog server for a user account, Entourage  
sends DNS queries to DNS servers.  
41  
     
Office 2008 Planning  
Default port Used for  
1023 (and  
higher)  
DNS query responses  
135  
Assigning delegate rights  
5000 and  
higher  
Connecting to a Microsoft Exchange Server for delegation rights assignment by  
Entourage client users.  
the Microsoft Knowledge Base (support.microsoft.com).  
3268  
LDAP global catalog searches  
To obtain Global Address List (GAL) data, Entourage sends LDAP queries to the  
Active Directory global catalog server.  
3269  
389  
LDAP global catalog searches with SSL  
Other LDAP searches and authentication and domain password expiration check  
636  
Other LDAP searches with SSL and authentication and domain password expiration  
check  
25  
SMTP and SMTPS (SSL/TLS)  
Many ISPs now use port 465 or port 587.  
143  
993  
110  
995  
119  
563  
IMAP  
IMAP (SSL)  
POP  
POP (SSL)  
NNTP  
NNTP (SSL)  
Exchange Server and related requirements for Entourage 2008  
Entourage 2008, like Entourage 2004 and Outlook Web Access, uses WebDAV, which in turn uses  
HTTP as the connection protocol for Microsoft Exchange mail accounts. WebDav is used for all  
folder and item synchronization. This includes synchronizing managed folders.  
42  
   
Office 2008 Planning  
Note You cannot use Entourage 2008 with a version earlier than Microsoft Exchange 2000  
Server, such as Microsoft Exchange Server 5.5. That is because these versions of Exchange  
Server do not support WebDAV. To connect to Microsoft Exchange Server 5.5, you can use  
Outlook with Remote Desktop Connection Client for Mac.  
The following must be enabled on your network.  
Server type  
Requirement  
Computer that  
is running  
Microsoft Exchange 2000 Server with Service Pack 2, Microsoft Exchange  
Server 2003, or Microsoft Exchange Server 2007  
Microsoft  
Exchange Server  
Outlook Web Access  
If you want to use Secure Sockets Layer (SSL) with Entourage 2008, you  
must enable SSL on the Exchange server. For more information about  
how to enable SSL with Entourage 2008, see Enable Secure Sockets Layer  
in the Office 2008 Planning section.  
Domain  
controller  
Lightweight Directory Access Protocol (LDAP) is required if you want to  
provide Global Address List (GAL) access and password expiration notices;  
otherwise, it is not required for Entourage.  
Public folder  
server  
If you are using Exchange 2007 and you want users to be able to assign  
delegate rights in Entourage, a public folder server must be installed in  
your organization. For more information about creating an Exchange  
2007 public folder tree, see When you use Outlook with an Exchange  
in the Microsoft Knowledge Base  
(support.microsoft.com).  
Entourage 2008 deployments in an Active Directory infrastructure  
In an Active Directory infrastructure, Entourage 2008 can configure users' Microsoft Exchange  
Server accounts automatically if the following requirements are met.  
43  
   
Office 2008 Planning  
Computer Requirements  
Client  
Before Entourage is opened for the first time on a computer on which you intend to  
use the Account Setup Assistant, specify any preferred DNS server(s) and search  
domain(s) on the TCP/IP tab under Network Preferences in Mac OS X. This is  
because the combination of the two values is critical to the ability of the Account  
Setup Assistant to find servers on the network. If no DNS server is specified, a server  
that is assigned by DHCP will be used. The Account Setup Assistant is not always able  
to locate servers automatically.  
For information about how the Account Setup Assistant detects information for  
automatic account configuration, see How the Account Setup Assistant works in the  
Office 2008 Planning section.  
Server  
To auto-configure accounts, Entourage relies on the underlying DNS service that  
supports your Active Directory infrastructure. The DNS server that is used by the  
Macintosh clients must be able to do one of the following:  
Return a DNS resource record that identifies the Active Directory domain  
controller for the domain names that the DNS server hosts.  
Resolve the domain name that the user enters for his or her Microsoft  
Exchange account.  
In either case, the DNS server should be able to provide name resolution for any  
name in the Active Directory namespace that this server supports.  
Entourage must be able to locate the global catalog server for the Active Directory  
domain and then authenticate the user account information that is supplied for the  
Microsoft Exchange mail account. The fundamental configuration step that makes this  
possible is performed at the time that Active Directory is deployed. Deploying  
Entourage requires no additional configuration of Active Directory.  
Important  
In anActive Directory infrastructure that is heavily secured, the Account  
Setup Assistant might have difficulty locating the Active Directory  
global catalog server and authenticating the user account. Examples of  
heavily secured scenarios can include, using Windows IP sec policies,  
internal firewalls, or proxy servers requiring authentication.  
For more information about deploying Active Directory, see Windows Server 2003  
on the Microsoft TechNet Web site (technet.microsoft.com).  
44  
Office 2008 Planning  
How the Account Setup Assistant works  
When the Entourage 2008 Account Setup Assistant is used to set up a Microsoft Exchange Server  
mail account, the Account Setup Assistant performs the following steps to locate the information it  
needs from the computer that is running Exchange server in the following sequence.  
1. The Account Setup Assistant queries the DNS server for all DNS resource records for its  
domain name. It is looking for the global catalog server (LDAP server) for the Active  
Directory domain to which the user account belongs. To perform this query, the  
Account Setup Assistant uses a DNS server that is configured in Mac OS X under  
Network Preferences on the TCP/IP tab. If no DNS server has been configured, the  
Account Setup Assistant uses a DNS server that is assigned by DHCP. This query returns  
all of the resource records for the Active Directory domain controllers that are hosted  
by the DNS server. The Account Setup Assistant then uses the priority rankings that are  
returned by the DNS server to select the catalog server that it will use. After the global  
catalog server is found, the Account Setup Assistant authenticates to that server and  
then performs an LDAP query for the homeMDB attribute of the user account. This  
attribute provides the host name for the Exchange server that stores the user's mailbox.  
In addition, the global catalog server is set as the Directory Service server for the  
account.  
2. If the query to the DNS server is not successful, the Account Setup Assistant tries to  
locate the Exchange server by using the name of the domain that the user entered for  
his or her Microsoft Exchange account. For example, if mydomain.microsoft.com was  
entered as the domain for a Microsoft Exchange account, the Account Setup Assistant  
creates a DNS query for the name mydomain.microsoft.com. The DNS resource records  
that are returned in response to this query include the records for the domain  
controllers in the domain, which then can be queried for the Exchange server  
information.  
3. If the Account Setup Assistant cannot find information about the Exchange server, it  
provides the option to manually enter the information. The required information might  
include the name or address of the Exchange server and the name or address of the  
public folder server, which also provides the free/busy data.  
Note If Entourage cannot find the homeMDB attribute, this is usually because Entourage could  
not find the user object in Active Directory. In this situation, you might find it useful to use the  
LDP.exe tool to connect from a Windows-based computer to the LDAP service that is returned  
by the DNS query. The LDP.exe tool is included in the Support Tools for Windows 2000 Server  
and Windows Server 2003. Also, make sure that the user's Active Directory object is replicating  
properly to the target domain controller and that the homeMDB attribute is being returned  
correctly.  
45  
   
Office 2008 Planning  
How e-mail rules work in Entourage 2008  
The capabilities of Entourage 2008 differ from those of Outlook with regard to server-based rules  
for Microsoft Exchange Server e-mail accounts.  
Although server-based e-mail rules that have been created in Outlook are applied to the Microsoft  
Exchange accounts of Entourage users when applicable, Entourage users cannot create or modify  
server-based e-mail rules in Entourage. To change a server-based e-mail rule, users must use  
Outlook Web Access Premium.  
Note The server-based rules management feature is not available in Outlook Web Access Light.  
Server-based e-mail rules can be changed by using Microsoft Office Outlook. Users must be  
running Microsoft Office Outlook under Windows in one of the following ways:  
By using Remote Desktop Connection Client for Mac, which connects the Macintosh  
computer with a remote computer or terminal server that is running Windows  
By using a solution such as Boot Camp that runs Windows on the Macintosh computer  
Microsoft Exchange users can create client-side rules in Entourage by clicking Rules on the Tools  
menu in Entourage.  
How information is synchronized between Entourage 2008 and  
Exchange Server  
When Entourage 2008 is connected to Microsoft Exchange Server, all e-mail messages, contacts,  
and calendar items are synchronized between the computer running Microsoft Exchange Server  
and the Microsoft Exchange account in Entourage.  
However, not all types of data are synchronized. For example, tasks, notes, and items in the folders  
On My Computer, including the contacts that were created in the local Address Book, are not  
synchronized.  
Note Personal distribution lists are not supported in Entourage.  
Because not all types of data are synchronized with the Exchange server, any complete plan for  
backing up data must include a provision for backing up the unsynchronized data on users'  
computers in addition to backing up the Exchange server database. All Entourage database files,  
including the unsynchronized data, are stored in /Users/username/Documents/Microsoft User  
Data/Office 2008 Identities/identityName/Database/ for each identity. These Entourage database  
files can be backed up as part of a procedure that backs up the user's home folder.  
46  
     
Office 2008 Planning  
Entourage synchronizes messages, events, and contacts when one or more of the following actions  
occurs:  
A Microsoft Exchange account is set up.  
Entourage connects to the Exchange server.  
A user creates or changes a message, event, or contact on a client computer that is  
connected to the Exchange server. Entourage waits one minute before it begins  
synchronization. If the user makes another change, the one-minute countdown starts  
over. This schedule prevents Entourage from synchronizing too frequently when a user  
is editing multiple records.  
If Entourage is connected to a server (for example the back-end Exchange server) that is  
sending out User Datagram Protocol (UDP) broadcasts, then messages, events, and  
contacts are synchronized whenever such a broadcast is received.  
If Entourage does not have access to UDP broadcasts (for example, if it is connected to  
a front-end server that resides outside the corporate network), it scans for remote  
changes on the server at one-minute intervals.  
Contacts that are stored on the Exchange server can be synchronized both with the Entourage  
Address Book and with Outlook. However, Entourage and Outlook store some kinds of contact  
information differently, as described in the following table.  
Note Microsoft Exchange distribution lists are not supported in Entourage. All Entourage  
groups contain only local contacts and their e-mail addresses.  
Type of  
contact  
information  
In Outlook  
(on a Windows-based  
computer)  
In Entourage  
Synchronization  
E-mail  
address  
identifiers  
Maximum 13  
identifiers  
Maximum 3 identifiers  
The default e-mail address  
for the Entourage contact  
is synchronized with the  
E- mail field in Outlook  
for the contact. The next  
two addresses for the  
Entourage contact are  
synchronized with the  
E- mail 2 and E- mail 3  
fields in Outlook for the  
contact.  
47  
Office 2008 Planning  
Type of  
contact  
In Outlook  
(on a Windows-based  
information  
In Entourage  
No  
computer)  
Synchronization  
Business  
address  
identifier  
Yes  
A contact's address that is  
identified in Outlook as  
Other address is displayed  
by Entourage as the Work  
address. If the Work  
address is edited in  
Entourage and the  
contacts then are  
synchronized, the address  
identifier in Outlook  
changes to Business.  
Phone  
number  
types  
Two work types:  
Two work types:  
Work in Entourage is  
Business in Outlook.  
Work, Main  
Business, Company  
Main in Entourage is  
Company in Outlook.  
Number of  
children’s  
names in  
Maximum 10  
names  
No maximum (delimited list)  
If an Outlook contact that  
lists more than 10  
children's names is edited  
in Entourage, Entourage  
alphabetizes the list and  
discards all names after  
the first 10 names.  
one contact  
Instant  
Message  
(IM)  
Maximum 13  
addresses  
Maximum 1 address  
The IM addresses in  
Entourage are not visible  
in Outlook; the IM address  
in Outlook is not visible in  
Entourage.  
addresses  
48  
Office 2008 Planning  
Type of  
contact  
In Outlook  
(on a Windows-based  
information  
In Entourage  
computer)  
Synchronization  
Other fields  
Custom Date 1/2,  
Custom  
1/2/3/4/5/6/7/8,  
Interests, Astrology  
Sign, Furigana,  
Greeting Cards  
Account, Billing Information,  
Business/Home Address PO  
Box, Company Yomi,  
Computer Network Name,  
Customer ID, FTP Site, Given  
Yomi, Government ID  
The respective fields exist  
in only in Entourage or  
only in Outlook.  
Number, Internet Free/Busy  
Address, Language, Location,  
Organizational ID Number,  
Mileage, Profession, Referred  
By, Surname Yomi, User Field  
1/2/3/4; Phone Number types:  
Callback, Car, ISDN, Other,  
Other Fax, Primary, Radio,  
Telex, TTY/TDD  
Because of differences between Entourage and Outlook, users who work with both Entourage and  
Outlook may encounter the following situation:  
If a user specifies travel time for an item that was created in the Entourage Calendar, this  
information does not appear in Outlook. For example, if a user schedules a meeting for 1:00 P.M.  
to 2:00 P.M. with a travel time of 15 minutes, the Outlook Calendar displays only the scheduled  
meeting time and does not include the travel time.  
How Entourage 2008 works with free/busy data  
In Microsoft Exchange 2000 Server and Microsoft Exchange Server 2003 organizations, a public  
folder server is responsible for storing free/busy data. In organizations that are running Microsoft  
Exchange Server 2007, it is now possible to query free/busy data using a Web service. Entourage  
2008, supports both a public folder server and an Exchange Web service to query free/busy data.  
For more information about how free/busy data is managed in Exchange 2003, see Managing  
on the Microsoft TechNet Web site  
(technet.microsoft.com).  
49  
   
Office 2008 Planning  
Entourage 2008 features supported by different versions of  
Exchange Server  
Entourage 2008 works well with a variety of e-mail servers, and you can take advantage of an even  
richer feature set by using Entourage with Microsoft Exchange Server 2007. Entourage 2008  
features that work better with Exchange 2007 include scheduling meetings and enhanced  
Out of Office functionality.  
Features supported by Exchange Server 2007,  
Exchange Server 2003, and Exchange 2000 Server  
Exchange Exchange Exchange  
Entourage 2008 feature  
2007  
2003  
2000  
The Kerberos network security protocol uses cryptography to  
help provide mutual authentication between Entourage 2008  
and Microsoft Exchange.  
Junk e-mail protection and phishing detection features  
provide additional security to help prevent fraudulent links or  
spoofed domains and protect users from online scams.  
By using sharing, users can give other users access to their  
Microsoft Exchange calendars, address books, or mail folders.  
By using delegation, a user can give another Exchange server  
user access to his or her Microsoft Exchange inbox, calendar,  
and address book. The delegate can send and reply to  
invitations and messages on the owner's behalf.  
By using Microsoft Exchange public folders, users can view  
and post messages, events, and contacts.  
Tentative calendar booking is managed on the Exchange  
server.  
A user can create separate internal and external Out of Office  
messages. External replies can be limited to contacts in the  
user's address book. The user has the option of scheduling  
Out of Office replies only during a specified time period.  
Corporate archival policies can be implemented using  
managed folders.  
50  
   
Office 2008 Planning  
Exchange Exchange Exchange  
Entourage 2008 feature  
2007  
2003  
2000  
In conjunction with Exchange 2007, Entourage 2008 displays  
message classifications on a received message. Examples of  
potential classifications include HIPAA, Legal Documents, and  
Confidential.  
For Exchange 2007, Entourage 2008 exposes the following  
free/busy details: subject and location.  
For a chart that compares the features of Microsoft Exchange Server 2007, Microsoft Exchange  
Server 2003, and Microsoft Exchange 2000 Server, see Exchange Server Version Comparison  
the Microsoft Web site (www.microsoft.com).  
Differences between Entourage 2008 and Outlook 2007  
Entourage 2008 and Microsoft Office Outlook 2007 differ in some key respects. The following table  
summarizes these differences.  
Implemented in  
Entourage 2008?  
Implemented in  
Outlook 2007?  
Feature  
Communicates with the  
server that is running  
Microsoft Exchange Server.  
Yes  
Yes  
Entourage 2008 uses the  
WebDAV protocol to  
communicate with the  
Exchange server to manage  
mail, contacts, and the  
Calendar.  
Outlook uses a MAPI-based  
architecture to communicate  
with the Exchange server.  
Provides offline access to the  
Global Address List (GAL).  
No  
Yes  
51  
   
Office 2008 Planning  
Implemented in  
Entourage 2008?  
Implemented in  
Outlook 2007?  
Feature  
Enables mapping between  
subscribed public folders in  
Entourage and public folder  
favorites in Outlook.  
No  
No  
Public folders that are set as  
favorites in Entourage are not  
established automatically as  
favorites in Outlook. Users can  
choose to subscribe to such  
folders manually in Outlook.  
Public folders that are set as  
favorites in Outlook are not  
established automatically as  
subscribed public folders in  
Entourage. Users can choose to  
subscribe to such folders  
manually in Entourage.  
Enables Outlook forms,  
voting buttons, and receipt  
tracking.  
No  
Yes  
Enables RTF message  
formatting.  
Compose/Send: No  
Yes  
Receive: When an RTF e-mail  
message is sent to an Entourage  
client, the Exchange server  
converts the message into  
HTML or Plain Text format  
before sending it to the client.  
Creates or modifies server-  
based rules.  
No  
Yes  
Yes  
For information about creating  
server-based rules, see How e-  
2008 in the Office 2008  
Planning section.  
Synchronizes Tasks and  
Notes with the Exchange  
server.  
No  
For information about  
synchronization, see How  
Exchange Server in the Office  
2008 Planning section.  
52  
Office 2008 Planning  
Implemented in  
Entourage 2008?  
Implemented in  
Outlook 2007?  
Feature  
Manages Exchange server  
distribution lists  
No  
Yes  
Synchronizes the following  
with Outlook:  
No  
Not applicable  
Personal  
distribution list  
Categories and  
projects  
Synchronizes S/MIME  
certificates and contact  
photos between Outlook and  
Entourage  
No  
No  
Planning Entourage security  
Authentication and security in the WebDAV environment  
You can configure Entourage to use the strongest authentication method that is available under  
the current network and Microsoft Exchange configurations. Users may be authenticated to an  
Exchange server in any of the ways listed for WebDAV transactions in the following table.  
Please note that the types of authentication methods that are available for Microsoft Exchange e-  
mail accounts can vary depending on whether authentication is performed on a front-end server  
or on a back-end server.  
Authentication  
method  
Type of  
authenticating  
server  
Description  
Basic  
authentication  
Back-end server  
Basic authentication is the least secure authentication  
method that is supported by Entourage 2008.  
53  
   
Office 2008 Planning  
Authentication  
method  
Type of  
authenticating  
server  
Description  
Digest  
authentication  
Back-end server  
for Exchange  
2000 and  
Digest authentication transmits passwords in hashed  
form, which offers limited security. Digest  
authentication can be used with or without Secure  
Sockets Layer (SSL).  
Exchange 2003  
Client Access  
server for  
Exchange 2007  
Integrated  
Windows  
(Kerberos and  
NTLM)  
Back-end server  
for Exchange  
2000 and  
Integrated Windows authentication (formerly known as  
NTLM authentication) is the strongest authentication  
method that is supported by Entourage and Microsoft  
Exchange. It incorporates its own encryption methods  
and therefore does not require SSL.  
Exchange 2003  
authentication  
Client Access  
server for  
Exchange 2007  
Note In Microsoft Exchange Server 2007, Client  
Access server supports Integrated Windows  
authentication and HTTP 1.1 Digest authentication  
for Exchange 2007 virtual directories. A Client  
Access server that is redirecting to a back-end server  
that is running Exchange 2000 or Exchange 2003  
supports only Basic authentication and forms-based  
authentication.  
Client certificate-  
based  
authentication  
Front-end server  
Client certificate-based authentication is available with  
Entourage 2008 for Mac Service Pack 1 (SP1). This  
authentication is a type of two-factor authentication  
that uses two separate items, a client certificate and a  
password, to verify a user's identity.  
54  
Office 2008 Planning  
Authentication  
method  
Type of  
authenticating  
server  
Description  
Forms-based  
authentication  
Front-end server  
Forms-based authentication transmits user credentials  
through HTML forms that users fill out. The credentials  
are then processed by using Basic authentication.  
Forms-based authentication requires SSL. Enabling  
Forms-based authentication and SSL on a front-end  
server makes it possible for an organization to provide  
access to Microsoft Exchange resources from the  
Internet with programs such as Outlook Web Access  
and Entourage in a more secure manner.  
Notes  
When they use forms-based authentication,  
users must enter their credentials either in the  
universal naming convention (UNC) format  
(for example, domain\username) or in the user  
principal name (UPN) format (for example,  
The default domain setting in Internet  
Information Services (IIS) can be set only to \  
(backslash). This restriction is designed to  
support user logins that use the UPN format. If  
the default domain setting is changed,  
Exchange System Manager resets the default  
domain setting to \ on the Web server.  
Cookies are used the same way for Entourage  
clients and Outlook Web Access clients that  
are connected to an Exchange server. The  
Exchange server authenticates the user by  
using Forms-based authentication before  
Entourage synchronizes the data. Subsequent  
transactions during a session, including  
synchronization, are authenticated by passing  
a cookie from the client to the Exchange  
server.  
55  
Office 2008 Planning  
No matter what authentication method you use with DAV, the data is transmitted in a plain-text  
XML stream between the user and the server. Third parties could discover this data by using  
network monitoring or packet sniffing tools. If your users use Microsoft Exchange accounts for  
critical or sensitive information, we recommend that you use SSL to encrypt the data that is  
transmitted between the user and the server, particularly for users who access their accounts from  
outside the corporate network. For added security when mail travels between your server and  
servers outside your organization, we recommend certificate encryption.  
For information about how to enable SSL in Entourage 2008, see Enable Secure Sockets Layer in  
the Office 2008 Planning section.  
Configure external program access to Entourage 2008  
You can configure Entourage 2008 to limit how applications that are external to Office use  
Entourage to silently send e-mail or access the address book. Use the following procedure to set  
the options for controlling external program access to Entourage 2008.  
Set the options to control external program access  
1. On the Entourage menu, click Preferences.  
2. Under General Preferences, click Security.  
3. Under Security, select the Warn before allowing an external application to send  
mail check box and the Warn before allowing an external application to access the  
Address Book check box.  
When either of the above options is set, Entourage prompts the user with a warning and asks for a  
response when an external application attempts to send mail or access the Address Book.  
Customize Entourage 2008 attachment settings  
To help protect your computer, Entourage 2008 blocks certain types of incoming attachments  
because they could potentially introduce a virus to your computer.  
As an administrator, you can view the default Attachment Policy property list (.plist) file, which  
contains a list of the file types that Entourage automatically blocks. If you choose, you can create a  
supplementary .plist file that overrides or extends the policy to block or allow file types that you  
specify. You then can deploy this file to users' computers. The Attachment Policy property list  
(.plist) file is located in Microsoft Entourage.pkg/Contents/Resources.  
To edit a .plist file, you can use a property list (plist) editor, which is available as part of Apple's  
XCode toolset. The default location for the plist editor on the hard disk is  
/Developer/Applications/Utilities/Property List Editor. Various third-party plist editor products also  
are available.  
56  
 
Office 2008 Planning  
The types of files that are blocked or allowed when a user sends or receives a message are  
specified in the Entourage 2008 Attachment Policy. For more information about the Attachment  
Policy, see Attachment file types in Entourage 2008 in the Office 2008 Technical Reference section.  
If you want to change the Attachment Policy, create a supplementary .plist file as described in the  
following procedure. Any changes made to the default Attachment Policy .plist file are subject to  
override during application updates. Changes to the supplementary file will not be affected by  
updates.  
Create a supplementary Attachment Policy .plist file  
1. Hold down CONTROL and click the Microsoft Entourage icon.  
2. Click Show Package Contents.  
3. Double-click Contents, and then double-click Resources.  
4. Click AttachmentPolicy.plist, and then press +D to duplicate the file.  
5. Drag the duplicate file either to /Library/Preferences (to take effect for all users on the  
computer) or to /Users/username/Library/Preferences (to take effect for a single user).  
6. Rename the file com.microsoft.entourage.attachmentpolicy.plist.  
7. Open the file in your property list (plist) editor.  
8. Delete all individual String entries, but do not delete the Dictionary and Array entries.  
9. In the AllowedAttachments list, create String entries for any file types that you want to  
allow.  
You can specify a file type by using a FilenameExtension, a MIMEContentFileType, or a  
MacOSFileType.  
Create the String entry as a child entry under the corresponding Array type.  
10. In the UnsafeAttachments list, create entries for any file types that you want to block.  
It is not necessary to specify file types that are already blocked in the default .plist file.  
11. Save, and then close the file.  
12. Quit, and then restart Entourage.  
Note When specifying the file extensions, do not precede the extension with a dot (.). For  
example, if you want to include the extension asp to your AllowedAttachments list, just specify  
asp instead of .asp.  
57  
Office 2008 Planning  
Digital certificate requirements for sending and receiving messages  
The Entourage cryptography model uses public key encryption to send and receive digitally signed  
and encrypted e-mail messages. Encryption makes a message unreadable to anyone other than  
the intended recipient. To send an encrypted message, the sender must have a copy of the  
recipient’s digital certificate. The message is encrypted specifically for each recipient by using the  
recipient’s public key; it can be decrypted only by using the associated private key, which is stored  
on the recipient's computer. Entourage uses the sender’s keys to read and write encrypted  
messages in the Drafts or Sent Items folders, which allows users to review encrypted messages that  
they have created. If the sender has no digital certificate, this review is not possible.  
A digital signature helps the recipient verify the sender’s identity and the message integrity.  
Digitally signing a message helps the recipient verify that you are the authentic sender and that  
the contents of the message were not altered in transit.  
Tip We recommend that digital certificates have a key size of 1,024 bits or more. Using a digital  
certificate of this size makes it extremely difficult to decode an encrypted message or forge a  
digital signature. For more information about the digital certificate key size, see Entourage  
Help.  
To  
The digital certificate requirement is  
Send an encrypted The sender must have a copy of each recipient’s digital certificate. The  
message  
sender does not need to have a digital certificate of his or her own. However,  
if the sender does not have a digital certificate, he or she will not be able to  
read the saved message in the Draft or Sent Items folder, and will not be  
able to receive an encrypted response from a recipient.  
Receive an  
encrypted  
message  
The recipient must have a digital certificate of his or her own. The sender  
must have a copy of the recipient's digital certificate in order to encrypt the  
message.  
Entourage 2008 can encrypt messages with any of the following encryption  
algorithms: AES-256, AES-192, AES-128, and 3DES. Of these four algorithms,  
3DES is the most compatible with other S/MIME applications and AES-256 is  
the most secure.  
Entourage 2008 supports the following signing algorithms for digital  
signatures, which are listed from strongest to weakest: SHA-512, SHA-384,  
SHA-256, and SHA-1. Of these four algorithms, SHA-1 is the most  
compatible with other S/MIME application, and SHA-512 is the most secure.  
58  
 
Office 2008 Planning  
To  
The digital certificate requirement is  
Send a  
The sender must have a digital certificate of his or her own.  
digitally-signed  
message  
Receive a  
The recipient does not need a digital certificate of his or her own.  
digitally-signed  
message  
Enable password encryption for POP and IMAP accounts  
Before you deploy password encryption for your Entourage 2008 users who have POP or IMAP  
accounts, you must know whether the POP server or IMAP server accepts password encryption. If  
the server does not accept password encryption and users configure their accounts to use this type  
of encryption, they might not be able to receive their incoming messages.  
Enable password encryption for POP and IMAP accounts in Entourage 2008  
1. On the Tools menu, click Accounts.  
2. On the Mail tab, double-click the IMAP account or the POP account.  
3. On the Account Settings tab, click Click here for advanced receiving options, and  
then select the Always use secure password check box.  
Enable SMTP authentication  
If your POP or IMAP mail server requires SMTP authentication when Microsoft Entourage 2008 for  
Mac users send messages, you can provide special login information to users for that purpose.  
Different account IDs and passwords can be specified for sending and receiving messages.  
Enable SMTP authentication in Entourage  
1. On the Tools menu, click Accounts.  
2. On the Mail tab, double-click the IMAP account or the POP account.  
3. On the Account Settings tab, click Click here for advanced sending options, and  
then select the SMTP server requires authentication check box.  
4. If different account ID and password information is required, click Log on using, and  
then enter the information.  
Enable Secure Sockets Layer  
If you enable Secure Sockets Layer (SSL) in Microsoft Entourage 2008 for Mac for a server that is  
associated with a Microsoft Exchange account, all Entourage communications with the SSL-  
enabled server are encrypted. SSL is required for forms-based authentication and is strongly  
recommended for Basic authentication.  
59  
 
Office 2008 Planning  
If you plan to deploy SSL for Entourage 2008 users, you must make sure that SSL is enabled on the  
Exchange server. For information about how to enable SSL on an Exchange server, see Exchange  
on the Microsoft TechNet Web site (technet.microsoft.com).  
To use SSL with Entourage, the user's computer must trust the Exchange server's SSL certificate.  
This might require importing a root certificate to the user's X509 Anchors keychain or the user  
login keychain. For more information about this requirement, see How users manage digital  
certificates in Entourage 2008 in the Office 2008 Planning section.  
As the Microsoft Exchange account administrator, you will want to provide SSL setup instructions  
to users, or you can enable SSL in a deployed account.  
Enable SSL for an account in Entourage  
1. On the Tools menu, click Accounts.  
2. On the Mail, News, or Directory Service tab, double-click the account.  
3. Do one of the following.  
For this  
Do this  
account type  
IMAP, POP,  
and News  
On the Account Settings tab, click either Click here for  
advanced receiving options or Click here for advanced  
sending options, and then select the options that you want.  
Microsoft  
Exchange  
mail  
On the Account Settings tab, select the This DAV service  
requires a secure connection (SSL) check box.  
To enable SSL on the public folders server, on the Advanced  
tab, under Public Folders Settings, select the This DAV  
service requires a secure connection (SSL) check box.  
To enable SSL on the LDAP server, on the Advanced tab,  
under Directory Settings, select the This LDAP server  
requires a secure connection (SSL) check box.  
Directory  
service  
On the Account Settings tab, click Click here for advanced  
LDAP options, and then select the This LDAP server requires a  
secure connection (SSL) check box.  
60  
Office 2008 Planning  
How users manage digital certificates in Entourage 2008  
To use encryption and digital signature features, the user must have a digital certificate - the  
combination of a user's certificate and public and private encryption key set. Digital certificates,  
also known as digital IDs, help to keep users' e-mail messages secure by letting them exchange  
cryptographic messages. Managing digital certificates includes:  
Obtaining digital certificates  
Importing, exporting, or deleting a certificate from your computer  
Installing root certificates  
Obtaining digital certificates  
You can issue a self-signed certificate or you can purchase digital certificates from a certification  
authority (CA). For more information about how to obtain a digital certificate from a Certification  
on the Microsoft Office Web site  
(office.microsoft.com).  
Importing, exporting, or deleting a certificate from the user computer  
For more information about how to import, export, or delete digital certificates, see Entourage  
Help.  
Installing root certificates  
Entourage uses root certificates, also called anchor certificates, to verify the authenticity of all  
certificates that derive from it in a chain of trust. Mac OS X comes with a default set of root  
certificates that are trusted. But users might have to install additional root certificates on their  
computers in order to verify certificates that are issued by non-standard CAs.  
To install a root certificate on the computer, the person installing it must have access to an  
administrator account. Entourage looks for root certificates in the following locations:  
X509 Anchors keychain on Mac OS X  
X509 Anchors (not visible by default) and the login keychains on Mac OS X v10.5  
(Leopard) and later  
Caution  
Entourage 2008 does not recognize any trust level settings defined for a certificate. The  
improved Trust Settings in Mac OS X v10.5 (Leopard) allow you to configure different  
levels of trust. For example, you can configure to Always Trust or Never Trust a  
certificate. However, Entourage will ignore these settings.  
61  
 
Office 2008 Planning  
Installing root certificate in Mac OS X  
1. Double-click the .cer file to open the Keychain Access application.  
2. In the Add Certificates dialog box, on the pop-up menu, click X509 Anchors, and then  
click OK.  
If you are asked to provide a name and password, use the administrator credentials.  
3. Click View Certificates to verify the details of the certificate  
4. Quit, and then restart Entourage.  
Installing root certificate in Mac OS X v10.5  
1. Double-click the .cer file to open the Keychain Access application.  
2. In the Add Certificates dialog box, on the pop-up menu, click login, and then click OK.  
If you are asked to provide a name and password, use the administrator credentials.  
3. Click View Certificates to verify the details of the certificate  
4. Quit, and then restart Entourage.  
Plan for limiting junk e-mail  
Settings for junk e-mail protection in Entourage 2008 can be customized to specify a protection  
level and to always allow or always block messages from specific senders or domains. The  
Entourage 2008 junk e-mail filter is periodically updated by Microsoft and is automatically  
downloaded and installed on users' computers according to the settings in effect for Microsoft  
AutoUpdate for Mac.  
For information about how to set the level of junk e-mail protection, see Entourage 2008 Help.  
For more information about AutoUpdate, see Distributing Office 2008 product updates in the  
Office 2008 Operations section.  
62  
Office 2008 Planning  
Relocating multiple identities in Entourage to separate user accounts  
It is not only possible to have separate Mac OS X login accounts for several individuals on one  
computer — in Entourage, it is possible to have multiple Entourage user identities within a single  
Mac OS X login account. This capability was created before the release of Mac OS X to allow  
multiple users to more easily share Entourage on a single computer. Separate identities allowed  
each user to have separate Entourage preferences, messages, Calendar events, and other items.  
Now, however, this separation of Entourage user preferences is provided with better security and  
ease of use by the multi-user login features of Mac OS X.  
Therefore, we do not recommend setting up Entourage identities for multiple users within a single  
Mac OS X login account. When an Entourage user logs in to Mac OS X, he or she should use his or  
her own login account.  
Difficulties that are associated with allowing multiple Entourage users to share a single Mac OS X  
login account include the following:  
Entourage security is compromised because there is no password protection between  
the identities. Users can read each others' mail and can impersonate each other when  
they are sending mail.  
Computer security is compromised because users of all the identities have access to the  
documents and network rights of the user whose Mac OS X login account they are  
using.  
Spotlight searches that are conducted from the Finder commingle results from all users'  
Entourage data.  
You can relocate multiple Entourage identities that exist within a single user login account to  
separate Mac OS X user accounts. To relocate identities to separate user accounts, you must log in  
by using the Administrator account. You can move the folder for an identity, or the whole  
Microsoft User Data folder, to a shared folder. The user can then import the identity from the  
shared folder when setting up his or her account. For more information on importing into  
Entourage, see Entourage Help.  
63  
 
Office 2008 Planning  
Smart card support  
Entourage 2008 supports the use of digital certificate that have been stored on smart card-based  
keychains to perform secure messaging operations such as digitally signing, verifying, encrypting,  
and decrypting e-mail messages.  
Smart card features in Entourage 2008  
Entourage 2008 includes the following features:  
Mac OS X has built-in smart card support that complies with the U.S. Department of  
Defense standards for U.S. federal government smart cards. These standards follow one  
of the approved specifications: Common Access Card (CAC), Government Smart Card  
Interoperability Specification (GSCIS), Personal ID Verification (PIV).  
Entourage users can now apply send or save a digitally signed e-mail message in their  
Drafts folder.  
When there are more than one certificate associated with an e-mail account, Entourage  
uses the certificate that is not expired. If all the certificates associated with an e-mail  
message are expired, Entourage displays an error message.  
Entourage uses visual cues to distinguish between expired and current certificates.  
Entourage uses symbols to identify the certificates used for digital signatures.  
For information about Apple’s support for smart cards, see Smart Card Services  
Developer Web site (developer.apple.com).  
on the Apple  
Using Entourage 2008 with ISA Server and ADAM  
Internet Security and Acceleration Server (ISA Server) is compatible with most of the authentication  
methods that can be used with Entourage 2008. However, you cannot use forms-based  
authentication when Entourage 2008 is used with ISA Server 2004. For information about how to  
use forms-based authentication in an ISA Server environment, see You cannot access your mailbox  
the Microsoft Knowledge Base (support.microsoft.com).  
For more information about ISA Server, see the Microsoft Internet Security and Acceleration  
on the the Microsoft Web site (www.microsoft.com/isaserver).  
If you provide secured external access to the Global Address List (GAL), you might prefer not to  
open ports for LDAP searches through ISA Server. Instead, you can host a copy of the GAL on an  
Active Directory Application Mode (ADAM) server that is exposed to the Internet for Secure  
Sockets Layer (SSL) access. For more information about ADAM, see Introduction to Windows Server  
on the Microsoft Web site (www.microsoft.com).  
64  
Office 2008 Planning  
Important  
When you use an ADAM server to provide GAL access, your Entourage users who are  
located outside of corporate network will not be able to browse GAL like an Entourage  
user who is connected directly to a Microsoft Windows Server 2003 based Global Catalog  
Server inside the corporate network.  
Using Entourage 2008 with Kerberos authentication  
Entourage 2008 supports Kerberos protocol as a method of authentication with Microsoft  
Exchange Server and standalone LDAP accounts. Kerberos protocol uses cryptography to help  
provide secure mutual authentication for a network connection between a client and a server, or  
between two servers.  
Kerberos protocol is based on ticketing. In this scheme, a client must provide a valid user name  
and password only once to prove their identity to an authentication server. Then, the  
authentication server grants the client strongly encrypted tickets that includes client information  
and the session key that expires after a specified period of time. The client then attempts to  
decrypt the ticket by using its password. If the client successfully decrypts the ticket, it keeps the  
ticket, which is now shared by the client and the server. This decrypted ticket indicates the proof of  
the client's identity and is used to authenticate the client. The timestamp included in the ticket  
indicates that it's a recently generated ticket and is not a replay attack. If an attacker tries to  
capture and decrypt the information in a ticket, the breach will be limited to the current session.  
The client can use the same ticket on the network to request other network resources. To use this  
ticketing scheme, both the client and the server must have a trusted connection to the domain Key  
Distribution Center (KDC).  
Mac OS X includes built-in support for Microsoft Kerberos authentication and Active Directory  
authentication policies, such as password changes, expiration and forced password changes, as  
well as Active Directory replication and failover. By leveraging the Mac OS X Kerberos service,  
Entourage 2008 uses the single sign on mechanism to offer better password handling and a  
cleaner setup experience.  
Kerberos authentication and Entourage  
You should determine the type of authentication that your organization's Exchange server uses.  
You can use Kerberos protocol or the other supported authentication methods: NTLM, basic  
authentication, or forms-based authentication for the Exchange server. In Entourage, you do not  
have control over the type of authentication methods that users choose. You should ask your users  
to choose Kerberos authentication if your organization's Exchange server uses it and their  
computer is connected to the corporate network. For more information about how to set up an  
Exchange account in Entourage, see Configuring Exchange accounts in Entourage 2008 in the  
Office 2008 Deployment section.  
65  
 
Office 2008 Planning  
When you set up your account in Entourage, you must click Use Kerberos authentication, or for  
all other types of authentication, click Use my account information. When you choose the  
Kerberos authentication method, the user, password, and domain text fields in the Use my  
account information section are disabled. The disabled fields serve as a visual clue that Kerberos  
authentication is mutually exclusive with the other available authentication. When Kerberos  
protocol is enabled, it is used to attempt authentication against all of the servers related to the  
account, such as HTTP or LDAP. When Kerberos protocol is disabled in the account settings,  
Kerberos authentication will not be attempted against any of the servers related to the account.  
For new Exchange accounts, Kerberos protocol is disabled by default with None selected in the  
Kerberos ID pop-up menu. When you enable Kerberos protocol, Entourage allows the user to  
choose or create a valid Kerberos ID. If the account is created using auto-detect, the Kerberos ID  
pop-up menu is populated with the existing ID. Kerberos protocol attempts auto-detect against  
servers if there is at least one Kerberos ticket present in the Mac OS X credential cache or a  
_kerberos._tcp.<domain> record is available from the Domain Name Server (DNS). If the auto-  
detect process is successful, the ticket is populated on the account’s Kerberos ID pop-up menu. If  
the auto-detect process does not include a successful Kerberos authentication, the account’s  
Kerberos setting will be disabled and Kerberos ID pop-up menu is set to None.  
To create a new Kerberos ID, provide the user name, password, and realm information. Realm is  
another name for a "domain" In the Authenticate to Kerberos dialog box, in the Name field, type  
Account ID. This is sometimes the part of your e-mail address before the "@" symbol.  
Note In the Realm field, you must type the domain name in all uppercase letters, such as  
ALPINESKIHOUSE.COM.  
Kerberos authentication for administrators  
Kerberos authentication might fail if the account’s primary mailbox server does not support  
Kerberos protocol or if the KDC fails. To ensure that users are authenticated successfully by using  
Kerberos protocol, you should make sure that the KDC is up and running for users to access the  
different network services. In enterprise and mission-critical environments, it's important for  
administrators to create at least one failover KDC.  
When Kerberos authentication fails, Entourage provides the option of using the other supported  
authentication mechanisms. The types of authentication methods that are available for Microsoft  
Exchange e-mail accounts can vary depending on whether authentication is performed on a front-  
end server or on a back-end server. For more information about the different authentication  
methods, see Authentication and security in the WebDAV environment in the Office 2008 Planning  
section.  
66  
Office 2008 Planning  
Planning to use Office 2008  
with related Microsoft products  
Working with SharePoint sites and Office Live Workspace by using  
Document Connection for Mac  
Microsoft Document Connection for Mac, available as part of Microsoft Office 2008 for Mac  
Service Pack 2 (12.2.0), makes it easy to work with files that are located either on a SharePoint site  
or on Microsoft Office Live Workspace. By using this application, users can download, edit, and  
upload documents that are on these sites. By using Document Connection for Mac, teams,  
especially those in a mixed environment of Windows-based and Mac-based computers, can stay  
connected and productive. The application provides easy access to the documents and  
information that users have to have to make more informed decisions and to do their jobs more  
efficiently.  
Planning content management  
If you administer or use a SharePoint site to share data, you should be aware of the following  
features and limitations of Document Connection for Mac.  
Users can browse through different sites, document libraries, and folders on a  
SharePoint site or an Office Live Workspace by using Document Connection for Mac.  
You must assign the appropriate permissions at the SharePoint Portal Server level for  
users to browse through the sites. For more information, see the Planning site and  
content security section.  
Note A user must sign in to the Office Live Workspace by using a Windows Live ID.  
A user can save any site, including the Office Live Workspace, to the navigation pane in  
Document Connection for Mac. A user can also drag any site, library, and folder from  
the file list to the navigation pane for quick access. For more information about how to  
save a favorite file or location, see Document Connection for Mac Help.  
67  
     
Office 2008 Planning  
A user can add a new document that is located on his or her computer to a SharePoint  
site or Office Live Workspace by using the Add File feature in Document Connection for  
Mac.  
Note A user can also drag a file from the computer to the file list in Document  
Connection for Mac.  
If a SharePoint site has a template that is associated with it, a user can create a new  
document based on the template by using the New File feature in Document  
Connection for Mac.  
Note Document Connection for Mac can open only a file that has an application  
associated with it.  
In Document Connection for Mac, a file cannot be deleted from a SharePoint site or  
Office Live Workspace. To delete a file from these locations, use the Web browser.  
If a file remains in the Drafts folder after it is saved to the server, a user cannot edit it,  
check it in, or check it out. To remove this file from the Drafts folder, delete the  
Document Connection.xml database from /Users/username/Library/Microsoft/Office  
2008/Document Connection/. Also, in /Users/username/Library/Microsoft/Office  
2008/Document Connection/, delete Document Connection.mdccache. Restart  
Document Connection for Mac.  
Planning site and content security  
You can use basic authentication, Integrated Windows Authentication (NTLMv2), or the Kerberos  
protocol as methods of authentication with the SharePoint server. To authenticate users to the  
Office Live Workspace, Document Connection for Mac requires Windows Live ID.  
As an administrator, you must plan for site security and assign permission levels to the users who  
are to access content on SharePoint sites at the SharePoint Portal Server level. In the SharePoint  
Portal Server, you can select users who will be authorized to access the content on a site. You can  
also select the permission levels for these users to enable them to view, change, or manage a  
particular site or documents within the site. The permission level controls all permissions for the  
site and for any subsites, lists, document libraries, folders, and items or documents that inherit the  
site's permissions. The following table describes the default permissions levels.  
68  
Office 2008 Planning  
Permission  
level  
Description  
Full Control User has administrator access to the site. This permission level cannot be customized  
or deleted.  
Design  
Contribute  
Read  
User can view, add, update, delete, approve, and customize documents.  
User can view, add, update, and delete documents.  
User can only view documents.  
Note If you set the permission level for a user to Read or Limited access, you  
have to assign some additional permission settings to enable read-only access to  
a site by using Document Connection for Mac. For more information about the  
list of permissions for read-only access, see the tables in the List permissions for  
read-only or limited access and the Site permissions for read-only or limited  
access sections.  
Limited  
access  
User can view application pages, browse user information, use remote interfaces,  
use client integration features, and open documents.  
For more information about how to manage the permission levels on the SharePoint Portal Server,  
List permissions for read-only or limited access  
You can restrict permissions to a list by using any of the following settings.  
List permission  
View Items  
Description  
View items in lists, documents in document libraries, and Web discussion  
comments.  
Open Items  
View the source of documents by using server-side file handlers.  
View forms, views, and application pages. Enumerate lists.  
View Application  
Pages  
69  
Office 2008 Planning  
Site permissions for read-only or limited access  
Assign additional permission settings to enable read-only access to a site by using Document  
Connection for Mac. You can restrict permissions to a site by using any of the following settings.  
Site permission  
View Pages  
Description  
View pages on a Web site.  
View information about users of the Web site.  
Browse User  
Information  
Browse Directories  
Enumerate files and folders in a Web site by using SharePoint Designer  
and Web DAV interfaces.  
Use Remote  
Interfaces  
Use SOAP, Web DAV, or SharePoint Designer interfaces to access the Web  
site.  
Use Client  
Integration Features  
Use features that start client applications. Without this permission, users  
must work on documents locally and upload their changes.  
Open  
Allow users to open a Web site, list, or folder in order to access items  
inside that container.  
70  
Office 2008 Planning  
Working with external data sources in Excel  
Excel 2008 can retrieve information from database servers, such as a computer that is running  
Microsoft SQL Server or other external databases by using third-party Open Database Connectivity  
(ODBC) drivers. After you download and install the ODBC drivers, you can use database queries to  
retrieve the data. The following table describes each of the query types.  
Query type Description  
FileMaker  
query  
A FileMaker query is used to retrieve data from the FileMaker server. To interact with  
a FileMaker database, users must have the FileMaker Pro application installed on  
their client computers.  
Web query A Web query is used to query data from a specific Internet or intranet site and  
display the information directly in an Excel 2008 spreadsheet.  
Note Web queries are handled by Secure Sockets Layer (SSL) connections.  
For more information about how to create Web queries, see XL98: How to Create  
(support.microsoft.com).  
in the Microsoft Knowledge Base  
Database  
query  
A database query is used to request information from database servers, such as a  
computer that is running Microsoft SQL Server. To use Microsoft Query in Excel  
2008, users must first install compatible ODBC drivers on their computers so that  
they can retrieve the data from the database.  
For information on how to import data from a database, see Excel 2008 Help.  
Text query A text query is used to query the contents of a text file in Excel 2008.  
71  
   
Office 2008 Planning  
Plan a strategy to control access to workbooks  
As an administrator, you must assign the appropriate permissions to the user accounts that will be  
connecting to the databases. Users must then provide their account information when they  
connect to the external data source network (DSN) by using third-party ODBC drivers.  
To connect to an external DSN, on the Data menu, click Get External Data.  
Caution  
If users have permissions that are too broad in scope, they might be able to modify  
queries in Microsoft Query to add, delete, or modify data that is stored on the server or to  
delete databases and tables.  
To prevent unauthorized users from modifying queries and then saving them in the  
database, make sure that all users have the correct permissions assigned to them at the  
database server level. For example, you can restrict users who have permission to view  
snapshots of workbooks from altering any of the data in the workbooks, or prevent them  
from altering the query that is used to retrieve data. Users can still open, interact with,  
refresh, and recalculate workbooks that have read restrictions; but they cannot save any  
modifications to the workbook on the server. They can save revisions only locally.  
Working with macros  
Microsoft Visual Basic macros cannot be run or edited in Office 2008. But if you want to retain the  
functionality of existing macros, you can convert them to a native Mac OS X scripting language  
such as AppleScript or Automator.  
To see the specific actions that are available in AppleScript or Automator for a specific Office  
application, in the Finder, in the folder in which Office 2008 has been installed (usually the  
Applications folder or /Users/username/Applications), drag the icon for the Office application from  
the Microsoft Office 2008 folder to either the Script Editor application icon in  
Applications/AppleScript or the Automator application icon in the Applications folder.  
Although users cannot edit or run Visual Basic macros in Office 2008, documents that contain  
Visual Basic macros can be opened, edited, and saved correctly in Office 2008. Documents that  
contain macros can be passed back and forth between Office 2008 and other versions of Office  
without loss of the macro coding; macros will continue to run in the versions of Office that  
permit it.  
For more information about Automator, see Working with Automator  
Web site (developer.apple.com).  
on the Apple Developer  
72  
   
Office 2008 Deployment  
Office 2008 Deployment  
Deploying Office 2008 applications  
Creating the installation image  
The first step in deploying Microsoft Office 2008 in a corporate environment is to create a network  
installation point. To do this, you copy all of the source files from the Microsoft Office 2008 for  
Mac CD to a shared location on your network. Then you deploy Office to users from this  
installation point.  
For more information about the different deployment methods that you can use for deploying  
Office 2008 to your user environment, see Deployment methods for Office 2008 in the Office 2008  
Planning section.  
Create a default Office 2008 installation image on the network installation point  
1. Prepare a computer on the network for the network installation point.  
If the computer is currently running the Classic environment (Mac OS 9), switch to  
Mac OS X, and then quit the Classic environment.  
Turn off virus protection software, and quit any applications that are running.  
Back up any existing Entourage identity folders from  
/Users/username/Documents/Microsoft User Data/Office<version>Identities/ in one  
of the following ways:  
Create and deploy a script for renaming the existing Entourage identities on  
each computer.  
If you are in a relatively small setup environment, you can instruct users to back  
up the Entourage identities that are stored in  
/Users/username/Documents/Microsoft User Data/Office<version>  
Identities/folderName and copy them to another location on their computers.  
Note After you have deployed the Office 2008 applications, users can import  
information from their previous identities. For information on how to import from  
identities, see Entourage 2008 Help.  
Remove any Dock icons for Office applications.  
2. Insert the Office 2008 DVD into your DVD drive.  
73  
       
Office 2008 Deployment  
3. Copy the .mpkg file from the DVD to a shared location on the network.  
4. You can now deploy Office 2008 applications to users from this installation point. For  
more information about deploying Office 2008, see the following topics in the Office  
2008 Deployment section.  
Installation by using Apple Remote Desktop  
In this Office 2008 installation method, you use Apple Remote Desktop to deploy Office 2008 to  
users' computers.  
Important  
When you deploy Office 2008 by using a remote connection, such as Apple Remote  
Desktop, to a client computer at a login window, a postflight script in the Office Installer  
causes the Dock application to open with root user privileges. Any applications  
subsequently opened from the Dock will also be run with root user privileges. Under these  
conditions, someone with physical access to the client computer can gain local elevation  
of privilege. This security issue can only occur when Office 2008 is deployed to computers  
that run Mac OS X v10.4.9 or a later version of Mac OS X v10.4 (Tiger). This is not an issue  
for computers that run Mac OS X v10.5 (Leopard). For more information about this  
To ensure a more secure deployment when you use a remote connection, such as Apple  
Remote Desktop, you must delete the postflight script file from Office  
Installer.mpkg/Contents/Packages/Office2008_<language>_dock.pkg/Contents/Resources  
/. After the install, restart the computers. If you use Apple Remote Desktop 3 or later to  
deploy Office 2008, you can choose the options that lock the screens during installation.  
For more information about how to delete the postflight script file, see the "Install Office  
2008 by using Apple Remote Desktop" section later in this topic.  
Install Office 2008 by using Apple Remote Desktop  
1. We recommend that you write an AppleScript script to perform the steps for preparing  
the users' computers at the beginning of the installation process. For more information,  
see the "Prepare a user computer for installation of Office 2008 when deployed by  
using Apple Remote Desktop" section later in this topic.  
If you do not use a script to perform all the steps that are required to prepare users'  
computers, you will need to provide instructions for users to prepare their own  
computers immediately before Office 2008 is installed.  
74  
   
Office 2008 Deployment  
2. Copy Office Installer from the Office 2008 DVD to a writable volume.  
3. Before you use the Office 2008 installer, delete the postflight script file from Office  
Installer.mpkg/Contents/Packages/Office2008_<language>_dock.pkg/Contents/Resourc  
es/. A Known issue prevents network deployment of Office 2008 Dock icons. However, a  
postflight script, which is in the package that attempts to install icons in the Dock, runs  
successfully. The postflight script causes the Dock application to close and then reopen.  
To delete the postflight script, perform the following steps:  
1. Copy Office Installer from the Office 2008 DVD to a writable volume.  
2. Hold down CONTROL and click the Office Installer icon.  
3. Click Show Package Contents.  
4. Double-click Contents, and then double-click Packages, and then locate  
Office2008_<language>_dock.pkg.  
Note Replace <language> with the relevant two-letter language code, such as  
en, ja, or fr.  
5. Hold down CONTROL and click Office2008_<language>_dock.pkg, and then  
click Show Package Contents.  
6. Double-click Contents, and then double-click Resources, and then delete  
postflight.  
4. Set up Apple Remote Desktop to deploy Office 2008 to users' computers.  
As an added security measure, we strongly recommend that you lock the screens of the  
client computers before you deploy. If you use Apple Remote Desktop 3 or later to  
deploy Office 2008, you can choose the options that lock the screens during installation.  
You may want to instruct users to leave their computers on overnight so that you can  
schedule the distribution during nonworking hours.  
For an introduction to Apple Remote Desktop, see Apple Remote Desktop 3  
Apple Web site (www.apple.com/remotedesktop). For detailed information, see the  
on the  
download from the Resources page in the same area of the Apple Web site.  
5. After the install is finished, restart the client computers.  
75  
Office 2008 Deployment  
Prepare a user computer for installation of Office 2008 when deployed by using  
Apple Remote Desktop  
1. If the computer is currently running the Classic environment (Mac OS 9), switch to Mac  
OS X, and then quit the Classic environment.  
To quit the Classic environment, on the Apple menu, click System Preferences, and  
then click Classic. On the Start/Stop tab, click Stop.  
2. Turn off virus protection software, and quit any applications that are running.  
3. Back up any existing Entourage identity folders from  
/Users/username/Documents/Microsoft User Data/Office<version>Identities/ in one of  
the following ways:  
Create and deploy a script for renaming the existing Entourage identities on each  
computer.  
If you are in a relatively small setup environment, you can instruct users to back  
up the Entourage identities that are stored in  
/Users/username/Documents/Microsoft User Data/Office<version>  
Identities/folderName and copy them to another location on their computers.  
Note After you have deployed the Office 2008 applications, users can import  
information from their previous identities. For information on how to import from  
identities, see Entourage 2008 Help.  
4. Remove any Dock icons for Office applications.  
Installing Office 2008 from a NetBoot image  
When you configure Office as part of the NetBoot image, Office is made available to users  
automatically when they start or restart their computers.  
Note We recommend that you use a NetBoot image with Apple Remote Desktop installed and  
configured. Otherwise, it is not possible to administer the client computers by using Apple  
Remote Desktop after they start up from NetBoot.  
Install Office 2008 from a NetBoot image  
To install from a NetBoot image, include the installation image as part of the NetBoot  
image. Office 2008 is then automatically made available to users when they start or  
restart their computers. For more information about creating a NetBoot image, see your  
server documentation.  
76  
   
Office 2008 Deployment  
Prepare a user computer for installation of Office 2008  
Before users load Office 2008 for the first time, their computers must be prepared by performing  
the following steps  
1. If the computer is currently running the Classic environment (Mac OS 9), switch to Mac  
OS X, and then quit the Classic environment.  
To quit the Classic environment, on the Apple menu, click System Preferences, and  
then click Classic. On the Start/Stop tab, click Stop.  
2. Turn off virus protection software, and quit any applications that are running.  
3. Back up any existing Entourage identity folders from  
/Users/username/Documents/Microsoft User Data/Office<version>Identities/ in one of  
the following ways:  
Create and deploy a script for renaming the existing Entourage identities on each  
computer.  
If you are in a relatively small setup environment, you can instruct users to back up  
the Entourage identities that are stored in /Users/username/Documents/Microsoft  
User Data/Office<version> Identities/folderName and copy them to another  
location on their computers.  
Note After you have deployed the Office 2008 applications, users can import  
information from their previous identities. For information on how to import from  
identities, see Entourage 2008 Help.  
4. Remove any Dock icons for Office applications.  
Installation from a file server  
If you want to deploy Office 2008 from a file server, copy the disk image (.dmg) from the install  
DVD to the shared location on the file server. You can then ask users to copy the .dmg from the  
shared location and install Office on their local computers.  
77  
   
Office 2008 Deployment  
Install Office 2008 from a file server  
1. Create the installation image in a shared location as specified in Creating the installation  
image in the Office 2008 Deployment section.  
2. We recommend that you write an AppleScript to perform the steps for preparing the  
users' computers before deploying the installation image.  
If you do not use a script to perform all the steps that are required to prepare users'  
computers, you will need to provide instructions for users to prepare their own  
computers immediately before Office 2008 is installed.  
For more information, see the "Prepare a user computer for installation of Office 2008  
from a file server" section later in this topic.  
3. Users should drag the .mpkg file from the shared location to their desktops, open it,  
and then follow the Office Installer instructions. For information on how users can  
cutomize the installation, see "Install a customized version of Office 2008" section later  
in this topic.  
Important  
Installation under a volume license does not require that you enter a Product ID.  
4. At the end of the installation process, users can apply all available service and security  
releases and updates to the installation image by running Microsoft AutoUpdate for  
Mac.  
Users also can run AutoUpdate at any time by starting any Office application, and then  
on the Help menu, clicking Check for Updates. The other option is to download  
updates from the Downloads  
(www.microsoft.com/mac).  
page of the Microsoft Web site  
Note You can customize the AutoUpdate settings to schedule the installation of  
updates. For more information about how to customize these settings, see Configuring  
AutoUpdate for Office 2008 in the Office 2008 Deployment section.  
78  
Office 2008 Deployment  
Install a customized version of Office 2008  
1. Double-click the Office Installer.  
2. In the Select a Destination page, select the destination volume to install Office 2008.  
Important  
Installation under a volume license does not require that you enter a Product ID.  
3. Click Customize.  
4. Select or clear the check box next to each component that you want to include or not  
include in the installation.  
5. Click Install and follow the instructions to complete the installation process.  
Prepare a user computer for installation of Office 2008 from a file server  
1. If the computer is currently running the Classic environment (Mac OS 9), switch to Mac  
OS X, and then quit the Classic environment.  
To quit the Classic environment, on the Apple menu, click System Preferences, and  
then click Classic. On the Start/Stop tab, click Stop.  
2. Turn off virus protection software, and quit any applications that are running.  
3. Back up any existing Entourage identity folders from  
/Users/username/Documents/Microsoft User Data/Office<version>Identities/ in one of  
the following ways:  
Create and deploy a script for renaming the existing Entourage identities on each  
computer.  
If you are in a relatively small setup environment, you can instruct users to back up  
the Entourage identities that are stored in /Users/username/Documents/Microsoft  
User Data/Office<version> Identities/folderName and copy them to another  
location on their computers.  
Note After you have deployed the Office 2008 applications, users can import  
information from their previous identities. For information on how to import from  
identities, see Entourage 2008 Help.  
4. Remove any Dock icons for Office applications.  
79  
Office 2008 Deployment  
Installing Office 2008 for Mac updates in a corporate environment  
Microsoft regularly updates its software to improve performance, improve security, or update  
features. These updates are released either as an incremental release or a combo release.  
An incremental release includes only the files that differ from the last updated release. A combo  
release includes fixes from all the incremental releases since the last combo release.  
For example, the Office 2008 for Mac 12.1.3 Update combo release includes fixes from the  
previous incremental releases: Microsoft Office 2008 for Mac 12.1.1 Update and Microsoft Office  
2008 for Mac 12.1.2 Update. Therefore, a user who has Office 2008 SP1 Update will be able to  
directly install the Office 2008 for Mac 12.1.3 Update combo release.  
Note For Office 2008, a combo release includes updates only from Office 2008 SP1 Update.  
To deploy Office 2008 for Mac incremental release updates to client computers from a central  
location, create your own Office 2008 image with the latest updates installed. Then deploy this  
image to the users in the network.  
For more information about the different methods to deploy Office 2008 to your user  
environment, see Deployment methods for Office 2008 in the Office 2008 Planning section.  
The following steps provide guidance on how to create your own Office 2008 for Mac image with  
updates and deploy to client computers:  
1. Create a network installation point  
1. If the computer is currently running the Classic environment (Mac OS 9), switch to Mac  
OS X, and then quit the Classic environment.  
2. Verify that your computer meets minimum system requirements. For more information,  
see the Office 2008 system requirements in the Office 2008 Evaluation section.  
3. Turn off virus protection software, and quit any applications that are running.  
4. Log on to Mac OS X with a user account that has administrator access credentials.  
2. Install Office 2008 for Mac  
1. Insert the Office 2008 DVD into your DVD drive.  
2. Install Office 2008 for Mac by double-clicking the Office Installer icon and then follow  
the instructions in the Office installer.  
3. Next, follow the instructions in the Office Setup Assistant to complete the setup  
process.  
80  
   
Office 2008 Deployment  
3. Install the latest updates  
1. To install Office 2008 for Mac updates, on the Help menu, click Check for Updates.  
2. Under How would you like to check for software updates?, select Manually. You  
can now manually select the updates that you want.  
Note Microsoft AutoUpdate for Mac, which is included with Office, can keep Microsoft  
software up to date. When AutoUpdate is set to check for updates automatically on a daily,  
weekly, or monthly basis, you do not have to search for critical updates and information;  
AutoUpdate delivers them directly to your computer.  
4. Package the new image  
The following example uses PackageMaker (a tool that helps create installer packages) to create  
the new Office 2008 for Mac metapackage.  
Note PackageMaker is included in the Apple’s Developer Tools and is located in the  
/Developer/Applications folder. Depending on the version that you are using, the  
PackageMaker user interface will differ.  
1. To define your Office package’s payload (product files), locate the Office 2008 for Mac  
components to be included in the package and add them to the Contents pane in the  
project window of the PackageMaker. If you are using PackageMaker 3.0.3, we  
recommend that you include the Office folder, Additional Tools folder, Fonts folder,  
Automator, and the different applications as individual components before you create  
the metapackage. Including the whole Office 2008 for Mac folder as one component  
could cause PackageMaker to stop responding.  
Drag the following files and folders into the PackageMaker:  
/Applications/Microsoft Office 2008/Additional Tools  
/Applications/Microsoft Office 2008/Office  
/Applications/Microsoft Office 2008/Entourage.app  
/Applications/Microsoft Office 2008/Excel.app  
/Applications/Microsoft Office 2008/PowerPoint.app  
/Applications/Microsoft Office 2008/Word.app  
/Applications/Microsoft Office 2008/Messenger.app  
/Applications/Microsoft Office 2008/ReadMe.html  
/Library/Automator  
/Library/Application Support/Microsoft  
/Library/Fonts/Microsoft  
81  
Office 2008 Deployment  
2. In the Configuration tab, specify the following Install and Destination paths.  
Office 2008  
component  
Install  
Destination  
Additional Tools  
/Applications/Microsoft Office  
2008/Additional Tools  
/Applications/Microsoft  
Office 2008/Additional  
Tools  
Office folder  
/Applications/Microsoft Office  
2008/Office  
/Applications/Microsoft  
Office 2008/Office  
Microsoft  
Entourage  
/Applications/Microsoft Office  
2008/Entourage.app  
/Applications/Microsoft  
Office 2008/  
82  
Office 2008 Deployment  
Office 2008  
component  
Install  
Destination  
Microsoft Excel  
/Applications/Microsoft Office  
2008/Excel.app  
/Applications/Microsoft  
Office 2008/  
Microsoft  
PowerPoint  
/Applications/Microsoft Office  
2008/PowerPoint.app  
/Applications/Microsoft  
Office 2008/  
Microsoft Word  
/Applications/Microsoft Office  
2008/Word.app  
/Applications/Microsoft  
Office 2008/  
Microsoft  
Messenger  
/Applications/Microsoft Office  
2008/Messenger.app  
/Applications/Microsoft  
Office 2008/  
ReadMe.HTML  
/Applications/Microsoft Office  
2008/ReadMe.html  
/Applications/Microsoft  
Office 2008/  
Application  
Support  
/Library/Application  
Support/Microsoft  
/Library/Application  
Support/Microsoft  
Automator  
Fonts  
/Library/Automator  
/Library/Fonts  
/Library/Automator  
/Library/Fonts  
3. Save your project file and build it to create the metapackage for distribution.  
For more information about how to create installer packages by using the PackageMaker, see  
5. Copy the new image to a shared location  
After you create the .mpkg with all the updates for Office 2008 for Mac, copy it to a shared  
location on the network.  
6. Deploy the updated image of Office 2008  
You can now deploy Office 2008 applications to users from this installation point. For more  
information about how to deploy Office 2008, see the Office 2008 Deployment section.  
83  
Office 2008 Deployment  
Configuring and deploying Office 2008 preferences  
Configuring Office 2008 application preferences  
Configuring Word 2008 preferences  
You can standardize the settings for Word 2008 in your organization by configuring preferences  
for the application and then deploying these preferences to users on the network. Word-specific  
preferences are stored in the com.microsoft.Word.plist file. This preference (.plist) file is stored in  
/Users/username/Library/Preferences.  
Important  
Use the same administrator account each time that you customize settings so that all  
preferences are stored in the same folder on the computer. This is especially important if  
you will be using Workgroup Manager to manage preferences later. Workgroup Manager  
uses the preference files that are located in the home folder of the administrator who is  
currently logged in.  
To set preferences in Word, on the Word menu, click Preferences.  
The following sections provide examples of the different types of preferences that you can set in  
Word 2008.  
Setting the default font for new documents  
When you create a new document, Word uses the Normal template to determine the settings, such  
as fonts, margins of the document, and styles. If you change the settings in this template, all new  
documents that are based on this template will use the new settings. For example, if your company  
standard font is 11-point Times, or if you want all new documents to use a larger font size for  
easier readability, you can change the default font settings.  
Note For a list of items that can be defined in a template, see "How document settings are  
applied" in Word 2008 Help.  
1. On the Format menu, click Font.  
2. Select the options that you want to use for new documents.  
3. Click Default.  
4. When you are prompted to change the default font, click Yes.  
This changes the Normal template.  
84  
     
Office 2008 Deployment  
Setting default storage locations  
You can set the default storage locations for documents, templates, and other items that users  
create or use in Word 2008. By default, the documents are stored in /Users/username/Documents/  
on the user computer.  
Set default storage locations  
1. In the Word Preferences dialog box, under Personal Settings, click File Locations.  
2. Under File locations, in the list under File types, click the type of files that you want to  
view, and then click Modify.  
3. In the Choose a folder dialog box, click the name of the folder that you want to use as the  
default storage location.  
Setting default spelling and grammar options  
You can set the default options for the spelling and grammar checkers in Word. In the Word  
Preferences dialog box, click Spelling and Grammar, and then select the options that you want.  
Note The default location of custom dictionaries is  
/Users/username/Library/Preferences/Microsoft/Office 2008/. If you want to use a custom  
dictionary that is stored in another location, you must add it to the list of dictionaries in the  
Custom Dictionaries box.  
Using add-ins  
Add-ins created by using Microsoft Visual Basic do not work in Office 2008. However, if you want  
to retain the functionality of existing add-ins, you can convert them to a native Mac OS X scripting  
language such as AppleScript or Automator.  
Configuring Excel 2008 preferences  
You can standardize the settings for Excel 2008 in your organization by configuring preferences for  
the application and then deploying these preferences to users on the network. Excel-specific  
preferences are stored in the com.microsoft.Excel.plist file. This preference (.plist) file is stored in  
/Users/username/Library/Preferences.  
Important  
Use the same administrator account each time that you customize settings so that all  
preferences are stored in the same folder on the computer. This is especially important if  
you will be using Workgroup Manager to manage preferences later. Workgroup  
Manager uses the preference files that are located in the home folder of the  
administrator who is currently logged in.  
85  
Office 2008 Deployment  
To set preferences in Excel 2008, on the Excel menu, click Preferences.  
The following sections provide examples of the different types of preferences that you can set in  
Excel 2008.  
Setting default storage locations  
You can set the default location and search path for opening and saving Excel 2008 workbooks.  
For example, if your organization uses shared workbooks, you can specify the default file location  
in which the workbooks are saved. You also can specify the default folder that Excel uses to open  
workbooks at startup.  
Note If the shared workbook preference is set to use a network file server and the user opens  
Excel 2008 before connecting to that server, Excel does not prompt the user to connect to the  
file server. Also, if the user is not connected to the network file server and tries to view the  
default file location setting under Preferences, no file location is displayed.  
Set default storage locations  
1. In the Excel Preferences dialog box, under Authoring, click General.  
2. Next to the Preferred file location box, click Select.  
3. In the Choose a Folder dialog box, click the name of the folder that you want to use as the  
default storage location.  
Using add-ins  
Add-ins created by using Microsoft Visual Basic do not work in Office 2008. However, if you want  
to retain the functionality of existing add-ins, you can convert them to a native Mac OS X scripting  
language such as AppleScript or Automator.  
Configuring PowerPoint 2008 preferences  
You can standardize the settings for PowerPoint 2008 in your organization by configuring  
preferences for the application and then deploying these preferences to users on the network.  
PowerPoint-specific preferences are stored in the com.microsoft.PowerPoint.plist file. This  
preference (.plist) file is stored in /Users/username/Library/Preferences.  
Important  
Use the same administrator account each time that you customize settings so that all  
preferences are stored in the same folder on the computer. This is especially important if  
you will be using Workgroup Manager to manage preferences later. Workgroup  
Manager uses the preference files that are located in the home folder of the  
administrator who is currently logged in.  
86  
Office 2008 Deployment  
To set preferences in PowerPoint, on the PowerPoint menu, click Preferences.  
The following sections provide examples of the different types of preferences that you can set in  
PowerPoint 2008.  
Setting default storage locations  
You can set the default location and search path for opening and saving PowerPoint 2008  
presentations. You also can specify the default location for narration files. By default, the  
documents are stored in /Users/username/Documents/ on the user computer. If your organization  
uses shared presentations, you can specify the default file location for saving presentations.  
Note If the shared presentations preference is set to use a network file server and the user  
opens PowerPoint 2008 before connecting to that server, PowerPoint does not prompt the user  
to connect to the file server. Also, if the user is not connected to the network file server and  
tries to view the default file location setting in PowerPoint under Preferences, no file location  
is displayed.  
Set default storage locations  
1. In the Preferences dialog box, on the Toolbar, click Advanced.  
2. Do one or both of the following:  
For Default file location, click Select, and then click the name of the folder that  
you want to use as the default storage location.  
For Default narration file location, click Select, and then click the name of the  
folder that you want to use as the default storage location.  
Setting default spelling options  
You can set the default options for the spelling checker in PowerPoint 2008. In the Preferences  
dialog box, click Spelling, and then select the options that you want. Also, when you create a new  
custom dictionary in Word 2008, this new dictionary is available automatically in PowerPoint 2008  
as well.  
87  
Office 2008 Deployment  
Configuring Entourage 2008 preferences  
You can standardize the settings for Entourage 2008 in your organization by configuring  
preferences for the application and then deploying these preferences to users on the network.  
Important  
Use the same administrator account each time that you customize settings so that all  
preferences are stored in the same folder on the computer. This is especially important if  
you will be using Workgroup Manager to manage preferences later. Workgroup  
Manager uses the preference files that are located in the home folder of the  
administrator who is currently logged in.  
When you customize Entourage 2008, the information that you provide (such as preference  
settings and server names) is divided, in each of the following two locations:  
The Entourage 2008 identity database under the active identity name (in  
/Users/username/Documents/Microsoft User Data/Office 2008 Identities/Main Identity)  
The Entourage 2008 preference file, com.microsoft.Entourage.plist (in  
/Users/username/Library/Preferences)  
To deploy the customized information, you deploy both the preference files and the identity  
database. The default name of this identity database and of the folder that contains the database  
is "Main Identity."  
Note The Entourage 2008 identity stores mailing lists, rules, signatures, address books, tasks,  
calendars, account settings, Project Center information, and various preference settings. Before  
you deploy a new identity to a user's computer, you must do one of two things:  
Back up any existing Entourage identity databases on each user's computer by making  
a copy of the database or databases that exist on that computer and storing this copy  
in a different location on the computer.  
Rename the existing Entourage identities. You may want to create and deploy a script  
for renaming the existing identity or identities on each computer.  
After you have deployed the Office 2008 applications, users can import information from their  
previous identities. For more information, see Entourage 2008 Help.  
To set preferences in Entourage, on the Entourage menu, click Preferences.  
The following sections provide examples of the different types of preferences that you can set in  
Entourage 2008.  
88  
Office 2008 Deployment  
Setting calendar options  
Calendar preferences include settings for the first day of the week, for the work-week calendar, for  
work hours, and for the time zone for new events. In the Preferences dialog box, click Calendar,  
and then select your calendar preferences.  
Setting security options  
You can apply uniform security settings for all of your Entourage 2008 users. For example, you can  
configure Entourage 2008 to limit how applications that are external to Office use Entourage to  
silently send e-mail or access the address book. In the Preferences dialog box, click Security, and  
then select the options that you want.  
For more information about planning Entourage security, see the Office 2008 Planning section.  
Setting Spotlight options  
You can set a preference to include Entourage items in Spotlight search results. In the Preferences  
dialog box, click Spotlight, and then select the Include Entourage items in Spotlight search  
results check box.  
Configuring AutoUpdate for Office 2008  
By default, Microsoft AutoUpdate for Mac is set to look for updates to Office 2008 applications  
automatically once per week on a user's computer. However, you can modify the default setting to  
specify a different schedule.  
AutoUpdate preferences are stored in the com.microsoft.autoupdate2.plist file in  
/Users/username/Library/Preferences. When you are deploying AutoUpdate preferences from a  
central location, deploy this file.  
Note If a user is logged in with an administrator account, the user can run AutoUpdate by  
starting any Office 2008 application and then clicking Check for Updates on the Help menu.  
Set AutoUpdate preferences  
1. In /Users/username/Library/Application Support/Microsoft/MAU2.0/, double-click  
Microsoft AutoUpdate.app.  
2. Either click Manually, or click Automatically.  
If you are planning to deploy updates centrally, click Manually to prevent  
automatic updates on users' computers.  
If you click Automatically, on the Check for Updates pop-up menu, click the  
schedule that you want to use for installing updates on user computers.  
89  
   
Office 2008 Deployment  
Adding custom templates, themes, scripts, and ancillary files  
You can customize Microsoft Office 2008 installations by deploying custom templates, themes, and  
other files to user computers. You also can either create and deploy a separate .pkg file specifically  
for custom files or make custom files available to users on a file server.  
To add  
Do this  
Custom templates to  
Office  
Copy your custom Office 2008 templates to  
/Users/username/Library/Application Support/Microsoft/Office/User  
Templates/My Templates/.  
Custom themes to Office  
Copy your custom Office 2008 themes to  
/Users/username/Library/Application Support/Microsoft/Office/User  
Templates/My Themes/.  
If you have custom Theme Colors or Theme Fonts files, copy them to  
the corresponding subfolders under My Themes.  
Custom AppleScript  
scripts to a specific Office  
2008 application  
Copy your custom scripts to Users/username/Documents/Microsoft  
User Data/applicationName Script Menu Items/.  
Any of the following to  
Office:  
If information from the earlier versions of Office is found on the user  
computer, such as custom dictionaries, AutoCorrect lists, and  
proofing tool settings, the information is copied to Office 2008  
during the Office installation.  
Custom  
dictionaries  
AutoCorrect lists  
Proofing tools  
preferences  
90  
   
Office 2008 Deployment  
Office 2008 preference file locations for deployment  
The following table specifies where the various types of Office 2008 preference files are stored.  
Type of (.plist)  
preference file  
Location  
Preferences for  
Office 2008  
/Users/username/Library/Preferences.  
The application-specific preferences in this folder are stored in the  
com.microsoft.ApplicationName.plist file.  
Most Entourage 2008  
preference and user  
e-mail account settings  
The Entourage identity database, which is located in  
/Users/username/Documents/Microsoft User Data/Office 2008  
Identities/identityName for each identity.  
By default, a user has just one identity, "Main Identity."  
The preference file for  
Microsoft AutoUpdate  
/Users/username/Library/Preferences.  
The file name is com.microsoft.autoupdate2.plist.  
The preference file for  
Microsoft Error Reporting  
Protocol  
/Users/username/Library/Preferences.  
The file name is com.microsoft.error_reporting.plist.  
The supplementary  
In one of the following:  
Attachment Policy plist,  
if you have created one  
/Library/Preferences (to take effect for all users on the  
computer)  
/Users/username/Library/Preferences (to take effect for a  
single user)  
The file name is com.microsoft.entourage.AttachmentPolicy.plist.  
When you deploy Office 2008 preferences, deploy these folders and files:  
/Users/username/Library/Preferences/ and all the Microsoft preference files that it  
contains.  
Any other files as applicable from /Users/username/Library/Preferences folder and  
/Library/Preferences.  
If you are deploying Entourage 2008 preferences, also deploy  
/Users/username/Documents/Microsoft User Data/Office 2008 Identities/identityName  
and all the files that it contains.  
91  
   
Office 2008 Deployment  
Deploying Office 2008 preferences  
If you customize the Microsoft Office 2008 preferences, you can choose one of the methods that  
are described below to deploy the preferences to users on the network. Before you deploy the  
preferences, users must quit all Office applications. The preference setting changes are applied  
when the users restart their computers.  
Note You cannot redeploy an Entourage database after the user has begun to use Entourage  
2008  
Deploying preferences by using Workgroup Manager  
You can use Workgroup Manager to deploy preferences and define privileges by user, by group,  
or by computer and to perform a broad range of other workgroup management functions. It is  
well suited for deploying preferences either before or after users begin to work with Office 2008  
because you can manage individual preferences in a .plist file without disrupting other settings in  
the same file. Workgroup Manager does not deploy entire .plist files; instead, it updates .plist files  
on users' computers by writing individual key/value pair.  
When you customize preferences, the customized .plist files are stored in the home folder of the  
administrator account that you used to log in for that session. When you are ready to deploy these  
customized preferences, you must log in with that same administrator account because  
Workgroup Manager deploys the preference settings of the administrator who is currently  
logged in.  
There are some limitations in the way that Office 2008 works with Workgroup Manager:  
Office 2008 preferences and settings that are not stored in .plist files cannot be  
managed by using Workgroup Manager. In particular, Workgroup Manager cannot  
deploy many of the Entourage preferences because most of them are stored in the  
Entourage database for each identity instead of in .plist files.  
Office 2008 does not provide preference manifest (.manifest) files; therefore, it cannot  
use Workgroup Manager functionality that requires this type of file.  
For information about Workgroup Manager, see Client Management  
in the Mac OS X Server  
area of the Apple Web site (www.apple.com/server). For detailed information about managing  
preferences with Workgroup Manager, see the Mac OS X Server User Management  
documentation available for download from the Apple Web site  
(www.apple.com/server/documentation).  
92  
   
Office 2008 Deployment  
Deploying preferences using Apple Remote Desktop  
You can create a special .pkg file specifically for deploying preferences. You deploy this .pkg file to  
the home folders on users' computers by using Apple Remote Desktop or by making the file  
available for users to copy from a file server.  
For information about Apple Remote Desktop, see Apple Remote Desktop Administrator's  
on the Apple Web site at http://www.apple.com/remotedesktop.  
Caution  
When you deploy a preference file to a user's computer, the file overwrites all older files in  
the target location, including all preference settings in those files. This could change user  
preferences that you did not intend to standardize, and it could be disruptive to a user's  
work. Therefore, we recommend that you deploy customized preference files before users  
begin to work with Office 2008, or you should deploy only those .plist files that govern  
settings for which you want to retain control (for example, the preference files for CEIP,  
MERP, or AutoUpdate). On computers with multiple user accounts, you must deploy  
preferences to the home folder of each user who has a separate Mac OS X login account.  
Some settings, such as the mail server name, are stored in the Entourage 2008 database. You can  
make changes to many of the Entourage database settings by using AppleScript and then  
deploying the script to users. You deploy the script by using Apple Remote Desktop. To see the  
specific Entourage settings that can be modified by using AppleScript, in the Finder, drop the  
Entourage application icon that is located in the Office 2008 folder onto the Script Editor icon that  
is located in the /Applications/AppleScript folder.  
Note Some Entourage 2008 preferences cannot be changed by using a script. You also cannot  
change preference settings by deploying the database with new settings to an existing  
Entourage user identity, because the new database will override the existing local data for that  
user.  
Configuring Office 2008 applications  
Configuring Exchange accounts in Entourage 2008  
Users can set up a Microsoft Exchange Server account automatically by using the Account Setup  
Assistant, or they can set it up manually by typing in the account information. For users of  
Exchange 2007 Service Pack 1 ( SP1) and Entourage 2008 SP1, the Autodiscover service, which  
supports automatic discovery of account settings, makes it easier for users to configure Exchange  
accounts in Entourage 2008.  
93  
     
Office 2008 Deployment  
Preparing the infrastructure  
Before you provide your users with instructions to set up a Microsoft Exchange Server account, you  
must understand the different server and server roles that Entourage 2008 connects to in your  
organization's Exchange 2007 environment. For information about Exchange server requirements,  
section.  
When a user configures an account, the Entourage 2008 Account Setup Assistant  
queries the DNS server to locate a domain controller. Next, it finds the Exchange server  
that hosts the user's mailbox and then connects to the server to begin synchronization.  
The mailbox contains private data that belongs to an individual user and contains  
mailbox folders that are generated when a new mailbox is created for that user. For  
more information about the mailbox server, see the Exchange Server  
page on the  
Microsoft TechNet Web site (technet.microsoft.com).  
To perform the DNS Server query, the Account Setup Assistant uses a DNS server that is  
configured in Mac OS X under Network Preferences. It is important that the user's  
Network settings in System Preferences are properly configured with the appropriate  
search domains and DNS server because Entourage uses this information to find servers  
on a network.  
Entourage 2008 connects to the Public Folder server to access the public folders.  
Note Entourage 2004 connects to the Public Folder server to access both the public  
folders and the free/busy information. Entourage 2008 uses the Microsoft Exchange  
Server 2007 Availability service in Exchange 2007 to retrieve free/busy information for  
users.  
Entourage 2008 connects to an LDAP server, which in an Active Directory-based  
environment is the Global Catalog server. The Global Catalog server is a distributed data  
repository in an Active Directory environment that hosts the Global address list (GAL) of  
your Exchange organization.  
Entourage 2008 uses the Client Access server as the connection point to connect to the  
Exchange 2007. In addition to being the connection point for client applications, the  
Client Access server supports the following Exchange 2007 Web Services: Autodiscover  
service and Availability service. The Autodiscover service enables automatic detection of  
client profiles during the Microsoft Exchange account setup in Entourage 2008. The  
Availability service retrieves free/busy information as stated earlier.  
When connected to an Exchange 2007 SP1 Client Access server, Entourage 2008 also  
supports the delegate management service.  
94  
Office 2008 Deployment  
Note Entourage 2008 uses Port 80 (without SSL) or 443 (with SSL) depending on the  
related configuration of the Exchange 2007 Client Access server. For more information  
on the default port requirements for Entourage 2008, see Default ports for Entourage  
2008 in the Office 2008 Planning section.  
If you enable Secure Sockets Layer (SSL) in Entourage 2008 for a server that is  
associated with a Microsoft Exchange account, all Entourage 2008 communications with  
the SSL-enabled server are encrypted. For more information about how to enable SSL in  
Entourage 2008, see Enable Secure Sockets Layer in the Office 2008 Planning section.  
For more information about how to configure SSL on Exchange 2007, see the Exchange  
on the Microsoft TechNet Web site (technet.microsoft.com).  
Entourage 2008 supports Kerberos protocol as a method of authentication with  
Exchange Server and standalone LDAP accounts. For more information about Kerberos  
authentication in Entourage, see Using Entourage 2008 with Kerberos authentication in  
the Office 2008 Planning section.  
Configuring an Exchange account in Entourage  
Set up an Exchange account automatically  
Users can set up their Exchange account automatically by performing the following steps:  
Note To set up an Microsoft Exchange account automatically, users must know their Microsoft  
Exchange account e-mail address.  
1. Make sure that your computer is connected to your organization's network.  
2. On the Entourage menu, click Account Settings.  
3. Click the arrow next to New  
, and then click Exchange.  
If the New Account screen appears, click Setup Assistant.  
4. In the Account Setup Assistant, type your e-mail address in the E- mail address box,  
select the My account is on an Exchange server check box, and then click the right  
arrow to continue.  
5. Follow the instructions in the Account Setup Assistant.  
95  
Office 2008 Deployment  
Set up an Exchange account manually from inside your organization's network  
Users can set up their Exchange account manually from inside the organization's network by  
performing the following steps:  
Note To set up a Microsoft Exchange account manually, users must have the following  
information: their e-mail address, account ID, password, domain, the name of the Microsoft  
Exchange server, and the name of the organization's LDAP server that the Microsoft Exchange  
account uses for the Global address list (GAL). They may also need the name or address of your  
public folders server and other information about your organization's Microsoft Exchange  
server configuration. In addition, if your organization is using two-factor authentication, users  
may need to add a client certificate.  
1. Make sure that your computer is connected to your organization's network.  
2. On the Entourage menu, click Account Settings.  
3. Click the arrow next to New  
, and then click Exchange.  
If you see the Account Setup Assistant, click Configure Account Manually.  
4. On the Account Settings tab, in the Account name box, type the name that you want  
to use to refer to this account in Entourage.  
5. Under Personal Information, type the name and the e-mail address that you want to  
use.  
The name that you type appears in the "From" field of mail messages that you send  
from the account.  
6. Do one of the following:  
To set up an account that  
uses  
Do this  
An authentication  
method other than  
Kerberos  
Click Use my account information, and then enter  
your Account ID, domain, and password.  
Kerberos authentication  
Click Use Kerberos authentication, and then click a  
Kerberos ID.  
To create a new ID, click the Kerberos ID pop-up  
menu, and then click Create a new ID.  
96  
Office 2008 Deployment  
7. Under Server information, in the Exchange server box, type the name or address of  
your Microsoft Exchange server.  
8. Click the Advanced tab, and then under Public Folder Settings, in the Public folders  
server box, type the name or address of your public folders server.  
9. Under Directory Settings, in the LDAP server box, type the name or address of your  
directory service server.  
10. To add a client certificate for two-factor authentication, under Client Certificate- based  
Authentication, click Select.  
Note If your authentication certificate is located on a smart card, make sure to insert  
the card into the reader before clicking Select.  
11. To set digital signing and encryption options, click the Mail Security tab, and then  
choose the options that you want.  
Important  
Depending on how your account administrator has set up your account, you may be  
asked to enter your "Realm." This is another name for a "domain" If you are asked to  
enter your "Realm" to log on to a Microsoft Exchange account, you must enter the name  
in all uppercase letters, such as "ALPINESKIHOUSE.COM".  
Set up an Exchange account manually from outside your organization's network  
Users can set up their Exchange account manually from outside the organization's network by  
performing the following steps:  
Note To set up a Microsoft Exchange account from outside your organization's network, users  
must have the following information: their e-mail address, account ID, password, domain, the  
name of the organization's Outlook Web Access server. They may also need the name or  
address of your public folders server and other information about your organization's Microsoft  
Exchange server configuration. In addition, if your organization is using two-factor  
authentication, users may need to add a client certificate.  
1. On the Entourage menu, click Account Settings.  
2. Click the arrow next to New  
, and then click Exchange.  
If you see the Account Setup Assistant, click Configure Account Manually.  
3. On the Account Settings tab, in the Account name box, type the name that you want  
to use to refer to this account in Entourage.  
97  
Office 2008 Deployment  
4. Under Personal Information, type the name and the e-mail address that you want to  
use.  
The name that you type appears in the "From" field of mail messages that you send  
from the account.  
5. Click Use my account information, and then enter your Account ID, domain, and  
password.  
Note Kerberos authentication does not work if your computer is outside your  
organization's network.  
6. Under Server information, in the Exchange server box, type the address of the  
Outlook Web Access server, for example mail.example.com.  
If your organization uses Microsoft Exchange 2000 Server or Microsoft Exchange Server  
2003, paste in the Web page address that you use to access Outlook Web Access, for  
example http://mail.example.com/exchange.  
Note In most cases when you connect from outside your organization's network, you  
should check This DAV service requires a secure connection (SSL).  
7. To add a client certificate for two-factor authentication, click the Advanced tab, and  
then under Client Certificate- based Authentication, click Select.  
Note If your authentication certificate is located on a smart card, make sure to insert  
the card into the reader before clicking Select.  
8. To set digital signing and encryption options, click the Mail Security tab, and then  
choose the options that you want.  
Note To enter the address of your organization's public folders server or LDAP server,  
click the Advanced tab of the Edit Account dialog box. The public folders server is  
frequently the same address as the Exchange server, for example, mail.example.com.  
Configuring Office 2008 for multiple languages  
If users need to use a language other than English with Office 2008, they must configure their  
computers to recognize that language. If proofing tools are available for the language, these tools  
must be installed on the local computers before users will be able to check spelling and use the  
thesaurus in the language. The proofing tools for the different languages are stored in Microsoft  
Office 2008/Office/Shared Applications/Proofing Tools/. For a list of proofing tools in Office 2008,  
see "Proofing tools that are available for each language" in Word Help. For more information  
about multilingual features in Office 2008, see "Multilingual features in Office 2008" in Word Help.  
98  
   
Office 2008 Operations  
Enabling Japanese-specific formatting and editing features  
Users can enable Japanese features by using the Microsoft Language Register, which is located in  
Microsoft Office 2008/Additional Tools/. For information on how to enable Japanese features, see  
Office 2008 Help.  
Enabling European language features  
European language support is available when one or more keyboard layouts for the supported  
European languages are enabled. To enable European languages, on the Apple menu, click  
System Preferences, and then under Personal, click International and then click the Input Menu  
tab. To switch between languages, users can select the appropriate keyboard layout.  
Office 2008 Operations  
Maintaining Entourage 2008  
Verifying database integrity  
Use the Microsoft Database Utility to check the Microsoft Entourage 2008 for Mac database for  
corruption if users notice any of the following while trying to use Entourage:  
Entourage does not start, or it crashes.  
Entourage items, such as e-mail messages or calendar events, do not open.  
Blank lines appear in the Entourage message list.  
Some contacts are missing from the Contacts list.  
The Office Reminders window is blank.  
99  
       
Office 2008 Operations  
Verify the integrity of the Entourage database  
1. Quit all Office applications, including Entourage and Office Reminders.  
2. Do one of the following:  
Hold down the OPTION key and open Entourage.  
In the Microsoft Office 2008/Office folder, double-click the Database Utility  
application.  
3. Click the name of the database that you want to verify.  
4. In the Database Utility dialog box, click Verify database integrity, and then click  
Continue.  
5. Follow the instructions in the dialog box.  
If the database is corrupted, you can rebuild it. For information about how to do this, see  
Note To verify the disk integrity, you can run Apple Disk Utility, a diagnostics and repair  
application that is available in /Application/Utilities/. Apple Disk Utility functions also may be  
accessed from the Mac OS X command line by using the diskutil and hdiutil commands. For  
more information about identifying and repairing hard disk problems, see your Mac OS X  
documentation for the Apple Disk Utility application.  
Rebuilding the Entourage database  
If a Microsoft Entourage 2008 for Mac database is corrupted, you can repair it by rebuilding it.  
When you rebuild the database, Entourage 2008 scans the original database that is stored in  
/Users/username/Documents/Microsoft User Data/Office 2008 Identities/identityName. It then  
copies all of the valid data blocks from the original database into a new database. This new  
database becomes the active identity database that Entourage will use.  
After Entourage finishes rebuilding a new database, it creates a backup folder in  
/Users/username/Documents/Microsoft User Data/Office 2008 Identities. It copies all the files from  
the original identity folder, including the original database with its original content, into this  
backup identity folder. The name of the backup folder is the same as the original except for the  
timestamp it displays after the name. The timestamp indicates the date and the time when the  
backup folder was created.  
100  
   
Office 2008 Operations  
Caution  
To verify the disk integrity, you can run Apple Disk Utility, a diagnostics and repair  
application that is available in /Application/Utilities/. Apple Disk Utility functions also may  
be accessed from the Mac OS X command line by using the diskutil and hdiutil  
commands. For more information about identifying and repairing hard disk problems, see  
your Mac OS X documentation for the Apple Disk Utility application.  
Rebuild the Entourage database  
1. Quit all Office applications, including Entourage and Office Reminders.  
2. Do one of the following:  
In the Microsoft Office 2008/Office folder, double-click the Database Utility  
application.  
Hold down the OPTION key and open Entourage.  
3. Click the identity of the database that you want to rebuild.  
4. In the Database Utility dialog box, click Rebuild database, and then click Continue.  
5. Follow the instructions in the dialog box.  
If the computer does not have enough free disk space to store both the current  
database and the copy of the database, an out-of-memory error occurs.  
Compacting and backing up the Entourage database  
You can use the Microsoft Database Utility that is stored in Microsoft Office 2008/Office/ to  
compact and back up the Microsoft Entourage 2008 for Mac database.  
Important  
If an Microsoft Exchange account is used from both Entourage and Outlook, compacting  
or rebuilding the Entourage database could cause duplication of the user's messages. To  
avoid duplicating a user's messages, delete the Microsoft Exchange account in  
Entourage before you compact or rebuild the Entourage database. Then re-create the  
Microsoft Exchange account in Entourage after compacting or rebuilding of the  
database is complete.  
101  
   
Office 2008 Operations  
Compact and back up the database  
1. Quit all Office applications, including Entourage and Office Reminders.  
2. Do one of the following:  
In the Microsoft Office 2008/Office folder, double-click the Database Utility  
application.  
Hold down the OPTION key and open Entourage.  
3. In the Database Utility dialog box, click the name of the database that you want to  
compact and back up.  
4. Click Compact database, and then click Continue.  
5. Follow the instructions in the dialog box.  
When you compact the Entourage 2008 database, this process creates a backup copy of the  
database, just as the rebuilding process does.  
Managing Mac OS X system preferences  
You might want to centrally manage various Mac OS X settings that affect the operation of  
Microsoft Office 2008 or the security of users' computers. Some preferences are stored in the form  
of Mac OS X system preferences; other settings are in the form of mechanisms such as the  
Keychain Access application.  
The following table provides examples of system preference settings that it might be useful for you  
to manage centrally. These settings can be configured for the Internal Modem, Built-in Ethernet,  
and Built-in FireWire interfaces.  
System preference setting  
Description  
Search Domains on the TCP/IP  
tab  
Domain information for completing user-entered URLs that  
are not fully qualified  
DNS Servers on the TCP/IP tab  
Preferred Domain Name System servers  
Proxy server port settings  
The proxy settings on the  
Proxies tab  
102  
   
Office 2008 Operations  
To access these settings, on the Apple menu, click System Preferences, and then under Internet  
& Network, click Network. On the Show pop-up menu, click the interface that you are  
configuring.  
Several tools are available that can be used to set system preferences on users' computers:  
Apple Workgroup Manager  
Apple Remote Desktop command-line interface  
AppleScript written to control the Mac OS X Terminal utility and deployed by using  
Apple Remote Desktop. Terminal is located in /Applications/Utilities.  
For information about Workgroup Manager, see Client Management  
in the Mac OS X Server  
area of the Apple Web site (www.apple.com/server). For detailed information about managing  
preferences with Workgroup Manager, see the Mac OS X Server User Management  
documentation available for download from the Apple Web site  
(www.apple.com/server/documentation).  
For an introduction to Apple Remote Desktop, see Apple Remote Desktop 3  
site (www.apple.com/remotedesktop). For detailed information, see the Apple Remote Desktop  
Administrator's Guide documentation available for download from the Resources page in the  
on the Apple Web  
same area of the Apple Web site.  
For information about the Terminal utility, see Terminal Help.  
Distributing Office 2008 product updates  
You can configure Microsoft AutoUpdate for installing updates automatically at scheduled  
intervals from a central location. The changes that you make to AutoUpdate configuration is  
stored in /Users/username/Library/Preferences/com.microsoft.autoupdate2.plist. For information  
about planning your Office 2008 product updates, see Planning for Office 2008 product updates in  
the Office 2008 Planning section. For more information about configuring AutoUpdate  
preferences, see Configuring AutoUpdate for Office 2008 in the Office 2008 Deployment section.  
After you configure your preferences in the com.microsoft.autoupdate2.plist file, you can deploy  
your preferences to user computers by using Apple Remote Desktop or Workgroup Manager.  
Perform the following steps to distribute product updates.  
103  
   
Office 2008 Security  
Distribute Office 2008 product updates  
1. Configure the preferences for AutoUpdate. For more information, see Configuring  
AutoUpdate for Office 2008 in the Office 2008 Deployment section.  
2. Download updates and service packs for Office 2008 from the Downloads  
page of the  
Microsoft Web site (www.microsoft.com/mac) to a central location on your network.  
3. Use Apple Remote Desktop or the Workgroup Manager to distribute updates to user  
computers. For an introduction to Apple Remote Desktop, see Apple Remote  
Desktop 3  
on the Apple Web site (www.apple.com/remotedesktop). For detailed  
documentation  
available for download from the Resources page in the same area of the Apple Web site.  
For more information about Workgroup Manager, see Deploying Office 2008 preferences  
in the Office 2008 Deployment section.  
Office 2008 Security  
Planning for security in Office 2008  
Understanding security threats  
To establish a secure computing environment, you must make sure that your applications and data  
are not vulnerable to malicious attacks. By using the security options in Office 2008, you can  
establish a security-enhanced environment by limiting the possible avenues of attack.  
This guide presents many different methods to mitigate security threats that will help you limit  
direct attacks on data from external and internal sources. An important part of implementing these  
methods is training users about how to protect themselves and the company from attack. This  
training usually builds user awareness of security issues, and establishes ownership of the data that  
users want to protect. For example, you can educate your users to distinguish between low-risk  
files and high-risk files. Low risk files can be internal documents that may not contain malicious  
content, such as documents from colleagues or business partners. High-risk documents are  
documents from unknown people or documents that pass through an unsecured Internet  
connection. It is important that users evaluate risks and mitigate potential security threats. Users  
shouldn't treat both types of files the same way.  
104  
       
Office 2008 Security  
Caution  
There are no administrative settings that allow you to enforce security preferences that  
you specify. Even if you set and deploy security preferences, users can change these  
preferences at a later time. Therefore, if you are deploying security settings as part of your  
organization's policy, you must educate your users about the risks associated with  
changing default settings. Without proper training, users can expose an organization to  
unauthorized or malicious use of its data. Establishing a corporate policy for how files are  
distributed and handled helps mitigate security vulnerabilities caused by untrained users.  
Before you plan and implement a security-enhanced environment, it is important to understand  
the different types of security threats. The following sections of this topic list potential security  
threats in today’s computing environment. The rest of the Security chapter addresses how to plan  
for a secure computing environment and how you can configure the security options in Office  
2008 to help address security concerns.  
Privacy threats  
Many documents contain metadata that should be protected, including text marked as "hidden",  
author name, and changes tracked by Office 2008 revision tracking tools. This metadata is useful  
because it enables users track document property data. However, in some cases users might not  
want to expose the metadata when the document is distributed. By exposing the metadata, users  
become vulnerable to privacy threats. Privacy threats include any threat agent that discloses or  
reveals personal or private information without the user’s consent or knowledge. Word 2008, Excel  
2008, and PowerPoint 2008 allow users to strip out sensitive metadata when the file is saved. With  
Entourage 2008, you can use Internet-standard S/MIME security extensions; S/MIME allows users  
to digitally sign and encrypt e-mail messages and attachments to help protect them against  
tampering or eavesdropping.  
For more information about planning and configuring security options that mitigate privacy  
threats, see the following topics:  
Configure privacy options in Office 2008 in the Office 2008 Security section  
section  
105  
Office 2008 Security  
Document threats  
If your organization allows users to send and receive documents over the Internet, or if you believe  
there are potential risks to users' documents from any unauthorized source, you should take the  
necessary precautions against document threats. When intruders or attackers gain access to  
proprietary information, it might result in the loss of confidentiality or document data. Users can  
mitigate document threats if they use the password protection feature to encrypt documents in  
Excel 2008 and Word 2008.  
Note There are no administrative settings that enable you to force users to encrypt documents.  
For more information about configuring document protection settings that mitigate document  
threats, see Configure document protection settings in Office 2008 in the Office 2008 Security  
section.  
Code threats  
If you connect to the Internet or allow others to use your computer, it is important that you take  
the necessary steps to protect your system from harm, including attacks from malicious software.  
Code and application threats pose a potential risk if your organization allows users to:  
Run macros or add-ins.  
Receive e-mail attachments.  
Share documents across a public network, such as the Internet.  
Open documents from sources outside your organization, such as clients, vendors, or  
partners.  
Excel 2008, Word 2008, and Entourage 2008 allow the use of strong encryption to help protect the  
contents of documents so that they're unreadable by unauthorized people.  
For information about configuring security settings for macros, see Configure security settings for  
macros in Excel 2008 in the Office 2008 Security section.  
106  
Office 2008 Security  
External threats  
External threats can include threat agents such as hyperlinks, embedded objects in e-mails, and  
data connections that link a document to another document, database, or Web site across an  
intranet or public network.  
External threats are a risk if your organization:  
Provides users with unrestricted access to public networks, such as the Internet.  
Allows users to receive e-mail messages that contain embedded images and HTML.  
Allows users to use data connections in spreadsheets or other documents.  
For information about planning and configuring security settings that mitigate threats from  
external agents, see Configure external program access to Entourage 2008 in the Office 2008  
Planning section.  
Best practices for a security-enhanced environment  
The following table lists some best practices for enhancing the security of the computing  
environment in your organization.  
Best practice  
Consideration  
Educate and train  
users about the  
security settings that  
are available to  
protect their  
There are no administrative settings that allow you to enforce  
security preferences that you specify. Even if you set and  
deploy security preferences, users can change these  
preferences at a later time. Therefore, if you are deploying  
security settings as part of your organization's policy, you must  
educate your users about the risks associated with changing  
default settings.  
documents.  
Install all available  
updates.  
Turn on AutoUpdate to receive security patches or updates.  
For more information about how to use the automatic update  
feature in Office 2008, see Configuring AutoUpdate for Office  
2008 in the Office 2008 Deployment section.  
107  
   
Office 2008 Security  
Best practice  
Consideration  
Preset security  
preferences.  
You can preset security preferences and deploy these settings.  
For more information about the security preferences that you  
can configure, see the following topics in the Office 2008  
Security section:  
For more information about how to deploy your security  
Office 2008 Security section.  
Download files only  
from trusted sources.  
When you download a file from a Web site, make sure that you  
know the source. When in doubt, don't download the file.  
Install software only  
from authentic  
CDs/DVDs.  
For example, all Microsoft CDs/DVDs have holograms to prove  
their authenticity. In general, installing software from  
authentic, commercially distributed CDs/DVDs is the safest  
method.  
Back up your data  
regularly.  
If a virus erases or corrupts files on your hard disk, a recent  
backup might be the only way to recover your data. Back up  
important files, such as documents, pictures, favorite links,  
address books, and important e-mail messages.  
For information about how to back up your Entourage  
database in the Office 2008 Operations section.  
Don't open suspicious Even though the Entourage 2008 junk e-mail filter helps  
e-mail messages or  
files.  
protect your Inbox from spam and phishing messages, it is a  
good idea to avoid opening any attachment in a message that  
you did not expect to receive, especially if the message is from  
an unknown source.  
108  
Office 2008 Security  
Best practice  
Consideration  
Reduce the access of  
external network  
connections to open  
ports on your local  
network.  
Knowing which ports are open can help you assess the security  
of your system or troubleshoot any connection issues. You  
should close the ports that you do not use.  
For more information about the ports that are used by  
Entourage 2008, see Default ports for Entourage 2008 in the  
Office 2008 Planning section.  
Implement password-  
controlled access to  
the network.  
For more information about security in Mac OS X, see the  
following topics in the Office 2008 Security section:  
Use the password  
protection features in  
Office 2008 for  
Word 2008 and Excel 2008 provide password protection  
features.  
For more information about how to use the password  
protection features in Word 2008 and Excel 2008, see  
Office 2008 Security section.  
accessing documents.  
Use executable files  
with valid signatures.  
Executable files purchased from software manufacturers should  
always have a valid digital signature as part of a certificate  
obtained from a certification authority. If a product does not  
have a valid certificate of trust, we recommend that you do not  
install it. However, if that is not an option, evaluate the product  
before you distribute it to users to make sure that it performs  
only as expected and does not intentionally or unintentionally  
distribute a virus.  
109  
Office 2008 Security  
Configuring and deploying security settings for Office 2008  
Configure privacy options in Office 2008  
Preference settings can help you mitigate privacy threats and control the disclosure of personal  
information. For example, document metadata may contain the author's name and contact  
information. To help ensure a high level of privacy, we recommend that users edit or remove any  
author and contact information that is associated with documents.  
Important  
There are no administrative settings that allow you to enforce security preferences that  
you specify. Even if you set and deploy security preferences, users can change these  
preferences at a later time. Therefore, if you are deploying security settings as part of  
your organization's policy, you must educate your users about the risks associated with  
changing default settings.  
Configure privacy options as recommended in the following table:  
Privacy option  
Description  
Customer  
If you choose to participate in the Customer Experience Improvement  
Program (CEIP), which is a recommended best practice, Microsoft collects  
anonymous feedback including application usage patterns and the  
hardware configuration of the user's system. By default, users are not  
enrolled in CEIP and they are not required to participate in the program.  
Experience  
Improvement  
Program  
Note Microsoft does not collect your name, address, or any other  
personally identifiable information when you participate in CEIP.  
Document  
If users share copies of an Excel workbook or a Word document, they  
should review any personal and hidden information and decide whether it is  
appropriate to include. Users can configure personal information removal in  
the Office 2008 Preference settings.  
metadata that  
contains user  
information  
Note Removing personal information affects the following areas:  
Send to Mail Recipient.  
Word 2008 comments and tracked changes.  
110  
     
Office 2008 Security  
Maximize protection for private and personal information in the Office 2008  
release  
By default, users are not enrolled in the Customer Experience Improvement Program (CEIP). When  
you run Office Setup Assistant, the default selection in the CEIP page is No, I don't want to  
participate at this time. You can choose to leave the option selected as is. Your settings are  
stored in /Library/Preferences/com.microsoft.instantfeedback.plist. When you deploy your  
preferences, the settings that you specify are installed on the user computers. You can also specify  
the preference settings for CEIP from any one of the Office 2008 applications.  
Configure preference settings for CEIP  
1. Open Word 2008, Excel 2008, PowerPoint 2008, or Entourage 2008.  
2. On the Word, Excel, Powerpoint, or Entourage menu, click Preferences.  
3. Do one of the following:  
To  
Do this  
Word  
Under Personal Settings, click Feedback.  
Under Sharing and Privacy, click Feedback.  
Click Feedback.  
Excel  
PowerPoint  
Entourage  
UnderGeneral Preferences, click Feedback.  
4. Select No, I don't want to participate at this time.  
Maximize protection for private and personal information in Word 2008  
To help maintain the level of privacy that you want, you can edit or remove any of the author and  
contact information that is associated with Office documents. The author and contact information  
that you specify appears automatically in all of your Office documents, including those you share  
with others, unless you remove your personal information from a document.  
In Word 2008, you can also set options to receive warnings before printing, saving, or sending a  
file with tracked changes or comments.  
Set privacy options in Word 2008  
1. On the Word menu, click Preferences.  
2. Under Personal Settings, click Security.  
3. Under Privacy options, do any of the following:  
111  
Office 2008 Security  
To  
Do this  
Avoid unintentionally distributing  
information about the document author or  
the names associated with comments or  
tracked changes  
Select the Remove personal  
information from this file on save  
check box.  
Receive warnings before printing, saving, or  
sending a file that contains tracked changes  
or comments  
Select the Warn before printing,  
saving, or sending a file that  
contains tracked changes or  
comments check box.  
Maximize protection for private and personal information in Excel 2008  
To help maintain the level of privacy that you want, you can edit or remove any of the author and  
contact information that is associated with Office documents. The author and contact information  
that you specify appears automatically in all of your Office documents, including those you share  
with others, unless you remove your personal information from a document.  
Set privacy options in Excel 2008  
1. On the Excel menu, click Preferences.  
2. Under Sharing and Privacy, click Security.  
3. Under Privacy options, select the Remove personal information from this file on  
save check box.  
Maximize protection for private and personal information in  
PowerPoint 2008  
To help maintain the level of privacy that you want, you can edit or remove any of the author and  
contact information that is associated with Office documents. The author and contact information  
that you specify appears automatically in all of your Office documents, including those you share  
with others, unless you remove your personal information from a document.  
Set privacy options in PowerPoint 2008  
1. On the PowerPoint menu, click Preferences.  
2. Click Advanced, and then under User information, clear the Name field.  
112  
Office 2008 Security  
You should also clear the user information from the document properties.  
1. On the File menu, click Properties, and then click the Summary tab.  
2. Clear the fields that you do not want to share.  
Configure document protection settings in Office 2008  
You can restrict access to documents by using password protection features for Word and Excel.  
Review these features with users who send sensitive documents outside the organization or who  
want to manage document content in a collaborative environment.  
Here are some considerations for improving security in Word or Excel documents by using  
passwords.  
A user can require other users to enter a password to open or modify a document. A  
user who does not have permission to modify a document can save the document only  
by using a different file name.  
Passwords are case-sensitive, so users must type a password exactly as it was created by  
the document owner.  
Users can protect specific elements in a sheet, protect an entire sheet, or protect an  
entire workbook. They can also use passwords to restrict access to an entire workbook  
or to restrict users to read-only access to a workbook.  
Note Users should store Excel workbooks and sheets in locations that are available  
only to authorized users. Hidden or locked data is not encrypted in a workbook. Given  
sufficient time and knowledge, any user can obtain and modify any data in any  
workbook he or she has access to. To help prevent this, and to help protect  
confidential information, store workbooks and sheets in secure locations.  
When users prepare a document for review by using the Track Changes feature in  
Word, they can specify that others can change the document only by inserting  
comments, or by inserting comments and tracked changes with revision marks. For  
added security, users can assign a password to ensure that reviewers do not remove this  
type of protection.  
Configure password protection in Word  
1. Open the document that you want to protect.  
2. On the Word menu, click Preferences.  
3. Under Personal Settings, click Security.  
113  
   
Office 2008 Security  
4. Do any of the following:  
To  
Do this  
Configure passwords for opening or  
modifying the Word document  
In the Password to open box or the Password to  
modify box, type the password that you want.  
Configure password protection for  
specific document elements  
Click Protect Document, and then select the type  
of protection that you want.  
Configure password protection in Excel  
1. Open the workbook that you want to protect.  
2. On the Excel menu, click Preferences.  
3. Under Sharing and Privacy, click Security.  
4. Do any of the following:  
To  
Do this  
Configure passwords for opening or  
modifying the workbook  
In the Password to open box or the Password to  
modify box, type the password that you want.  
Configure password protection for  
specific sheet elements  
Click Protect Sheet, and then select the type of  
protection that you want.  
Note To learn more about the different options for protecting elements of a sheet, see  
Excel 2008 Help.  
Configure security settings for macros in Excel 2008  
Excel 2008 includes specific settings that help you control how users are notified of potentially  
unsafe macros. You cannot enable or disable macros or prevent encrypted macros from being  
scanned for viruses. You can only set notification options that will warn users about macros.  
After you configure notification options for macros in preferences, you can deploy the settings to  
user computers. However, you should warn users about the risks associated with changing any  
default security settings because their changes may override the settings that you have specified.  
114  
   
Office 2008 Security  
Configure security settings for macros  
You can use the following procedure to configure the default security setting for macros.  
1. On the Excel menu, click Preferences.  
2. Under Sharing and Privacy, click Security, and then select the Warn before opening a  
file that contains macros check box.  
Deploy Office 2008 security preferences  
You can deploy the privacy options, document protection settings, and security settings for macros  
by using Workgroup Manager or as part of a .pkg file. For more information about how to deploy  
security preferences, see Deploying Office 2008 preferences in the Office 2008 Deployment  
section.  
Important  
There are no administrative settings that allow you to enforce security preferences that  
you specify. Even if you set and deploy security preferences, users can change these  
preferences at a later time. Therefore, if you are deploying security settings as part of  
your organization's policy, you must educate your users about the risks associated with  
changing default settings.  
Mac OS X security  
Mac OS X passwords  
In order to ensure a more secure computing environment, it is important to secure your computer  
by choosing a good password for your user account. Mac OS X provides different types of  
passwords, such as User account passwords, Administrator passwords, master passwords, and the  
keychain passwords. For more information about Mac OS X passwords, see your server  
documentation.  
Mac OS X firewall  
You can configure the Mac OS X firewall to permit or deny incoming network communications. To  
use the Mac OS X services, such as file sharing, Windows Sharing, or File Transfer Protocol (FTP)  
access, you must open specific ports to enable network communication for that service. For more  
information about the Mac OS X firewall, see your server documentation.  
115  
         
Office 2008 Technical Reference  
Office 2008 Technical Reference  
Messaging reference  
About Project Center  
The Project Center helps users manage their projects by collecting all project information,  
including e-mail messages, calendar events, contacts, tasks, and documents, in a single  
consolidated view. Users can create a project, share it, and invite other Entourage users to  
subscribe to it.  
Project subscribers can add, remove, and modify project information. Subscribers can also invite  
others to subscribe. To modify information in a shared project, users must have permission to  
access both the shared project file and the location where it is stored. If the project folder is on a  
network file server, you must provide users access to the file server where the project information  
is shared. If users are invited to subscribe but do not have access to the file server, they will not be  
able to join the project.  
Users can use Project Center to save or archive a project by exporting it to a folder on their  
computer or on a file server. We recommend that you encourage users to archive their projects  
periodically to maintain a record of the items that are associated with a project, and the original  
locations of those items.  
Important  
Because projects can contain sensitive information, you should require secure login  
access to the network file server that is used to share and archive project information.  
About phishing detection in Entourage 2008  
Entourage 2008 helps protect users against issues created by phishing e-mail messages and  
deceptive domain names. By default, Entourage 2008 screens phishing e-mail messages (e-mail  
that appears to be legitimate but is designed to capture personal information, such as a user's  
bank account number and password). Entourage 2008 also helps prevent unwanted e-mail  
messages from deceptive users by warning about suspicious domain names in e-mail addresses.  
116  
         
Office 2008 Technical Reference  
The following list shows the various ways that Entourage 2008 identifies links as potentially  
dangerous and displays warnings in different situations.  
Displays a pop-up ScreenTip with the full URL of the link when users hover over links in  
e-mail messages.  
Warns users when they click a link from a message that is in the Junk Mail Folder.  
Warns users when they click links in HTML messages that have a domain name  
mismatch.  
Warns users when they click links in HTML messages that have mismatched protocols.  
Warns users when they click links in HTML messages that use non-standard URLs,  
including IP addresses, hexadecimal, octal, or DWORD representations.  
Warns users about clicking links in HTML messages that have login information as part  
of the URL.  
Entourage 2008 phishing detection capabilities are not configurable.  
About public folders  
Public folders are a Microsoft Exchange Server feature that provide an effective way to collect,  
organize, and share information with others in an organization. Public folders are synchronized  
regularly and updated even when users are not connected to their Microsoft Exchange accounts.  
Typically, project teams or user groups use public folders to share information about a common  
area of interest.  
When an Entourage 2008 user subscribes to an Exchange public folder, folders labeled Public  
Folders appear in the Entourage 2008 folder list under the Microsoft Exchange mail account.  
For more information about how users can subscribe to an Microsoft Exchange public folder, see  
"Subscribe to an Exchange public folder" in Entourage 2008 Help.  
Note Entourage 2008 does not support automatic mapping from subscribed public folders in  
Entourage to public folder favorites in Microsoft Office Outlook. That means that subscribed  
public folders in Entourage are not automatically designated as favorites in Outlook, and vice  
versa.  
117  
   
Office 2008 Technical Reference  
About delegation and sharing  
Users can share or delegate their Microsoft Exchange account calendars, address books, and e-mail  
folders.  
Important  
To use sharing and delegation, users must have mailboxes on a server running Microsoft  
Exchange Server.  
By using sharing, an account owner can give another user access to his or her Microsoft Exchange  
calendars, address books, or mail folders. The shared folder appears under a separate account in  
the designated user's mail folder list, and this user can read the other person's events, contacts, or  
mail messages. Users can also give permission for another user to create, edit, and delete items in  
the shared folder.  
By using delegation, a delegate can view mail messages that are sent to the account owner. With  
the account owner's permission, the delegate can send and reply to invitations and messages on  
his or her behalf. Both the owner's account name and the delegate's account name appear on the  
invitation or message.  
When users share a folder, they can set permission levels that define what each user sharing the  
folder can do:  
Permission  
level  
Activities that a sharing user can perform  
Owner  
Create, read, modify, and delete all calendar, address book, private and public  
folder, and mail folder items. As an owner, a user can change the permission  
levels others have for the folder.  
Publishing  
Editor  
Create, read, modify, and delete all items, and create subfolders.  
Editor  
Create, read, modify, and delete all items.  
Publishing  
Author  
Create and read items, create subfolders, and modify and delete items.  
Author  
Create and read items, and modify and delete items.  
Create and read items, and delete items.  
Nonediting  
Author  
118  
   
Office 2008 Technical Reference  
Permission  
level  
Activities that a sharing user can perform  
Read items only.  
Reviewer  
Contributor  
Custom  
Create items only.  
Perform activities defined by the folder owner.  
None  
Not perform any activity. The user remains on the permissions list but has no  
permission and cannot open the folder.  
When users add a delegate, they can give the delegate separate permission levels for calendar,  
inbox, and address book folders:  
Permission  
level  
Activities a delegate can perform  
Author  
Read and create items, and modify and delete items that he or she creates. For  
example, a delegate with Author permissions can create meeting requests  
directly in the account owner's calendar and respond to meeting requests on the  
account owner's behalf.  
Editor  
Do everything an author can do, plus modify and delete items that the account  
owner created.  
Reviewer  
Read items only. For example, the delegate can read messages in the account  
owner's inbox.  
About data synchronization  
Users can synchronize their Entourage data with other computers and devices by using different  
synchronization methods, including Sync Services, Live Sync, or automatic synchronization features  
in Microsoft Exchange Server. For example, by using Sync Services, users can synchronize their  
Entourage address book, calendar, tasks, and notes with MobileMe, iCal, the Macintosh Address  
Book, or with a handheld device such as a mobile phone or PDA.  
The following list shows the different synchronization methods users can use to synchronize their  
Entourage data with other applications and devices.  
119  
   
Office 2008 Technical Reference  
Sync Services  
Sync Services is a central database on the user's computer that keeps track of all the applications  
and devices that share information. Users can use Sync Services to synchronize Entourage calendar  
events, tasks, notes, and address book contacts with other applications, such as the Macintosh  
Address Book, iCal, and MobileMe.  
After users synchronize their Entourage contacts with the Macintosh Address Book and their  
Entourage events and tasks with iCal, users can use iSync, an application that is included with Mac  
OS X, to synchronize all of these items with an iSync-compatible mobile phone or PDA, or use  
iTunes to synchronize them with iPod.  
With a MobileMe account, users can use Sync Services to share Entourage items with others or  
with Entourage on another computer.  
Notes  
To use Sync Services, users must have Mac OS X version 10.4.3 or later.  
Only one Entourage identity can use Sync Services at a time.  
Entourage can synchronize only one calendar and one address book at a time.  
Fields that exist in other applications but not in Entourage are not synchronized.  
Users can use Sync Services to synchronize the following Entourage items with the following  
applications:  
Entourage item  
Events  
Other application  
iCal and MobileMe  
Tasks  
iCal and MobileMe  
Notes  
Entourage through MobileMe  
Macintosh Address Book and MobileMe  
Contacts  
Microsoft Exchange Server  
When they are using a Microsoft Exchange account in Entourage, users' e-mail messages, contacts,  
calendar items, and other Microsoft Exchange folders are synchronized automatically. User  
information is always up to date in Entourage and on the server running Microsoft Exchange  
Server. However, there are other Entourage items that are not automatically synchronized. The  
following sections list Entourage items that synchronize and do not synchronize with the Exchange  
server.  
120  
Office 2008 Technical Reference  
Entourage items that synchronize with the Exchange server  
Entourage  
item  
Exchange server  
Messages  
All Microsoft Exchange mail folders, including subfolders, can be accessed by using  
Entourage and are continually synchronized with the Exchange server  
automatically. Depending on the network, new messages either display  
automatically as they arrive or display after Entourage completes a check for new  
messages on the server once every minute.  
Address  
Book  
All Microsoft Exchange account address books and their contacts in Entourage are  
continually synchronized with the Exchange server automatically.  
contacts  
Calendar  
events  
All Microsoft Exchange account calendars and their events in Entourage are  
continually synchronized with the Exchange server automatically.  
Note Entourage 2008 does not support Microsoft Office Outlook counter-  
proposal invitations. If an Entourage user sends a meeting request to an  
Outlook user and the invitee makes a counter proposal, the counter proposal  
appears as text in the Entourage message body. The Entourage user must make  
any meeting time adjustments manually.  
To Do flags  
Messages and contacts that have been flagged as To Do Items are synchronized  
with the Exchange server, along with due dates, start dates, reminder dates, and  
completed dates.  
Entourage items that do not synchronize with the Exchange server  
Entourage  
item  
Exchange server  
Rules  
Although rules stored on the Exchange server will run, users cannot change or  
create new Exchange server-based rules by using Entourage.  
Notes  
Entourage notes are not synchronized with the Exchange server.  
Entourage tasks are not synchronized with the Exchange server.  
Tasks  
Categories  
Category information that users set in Entourage is not synchronized with the  
Exchange server.  
121  
Office 2008 Technical Reference  
User information is also available to any other applications that they use to connect to the  
Exchange server, such as Microsoft Outlook on a Windows-based computer. If users are using both  
Outlook and Entourage to access the same Microsoft Exchange account, they should be aware of  
some differences in how the two applications display information:  
Type of  
information  
Difference between Outlook and Entourage  
Contacts' e-  
In Entourage, users can store up to 13 e-mail addresses in a single contact. In  
mail addresses Outlook on a Windows-based computer, users can store up to three e-mail  
addresses. When contacts are synchronized, Entourage synchronizes the default  
e-mail address with the E-mail field in Outlook. The next two addresses listed in  
the Entourage contact are synchronized with the E-mail 2 and E-mail 3 fields in  
Outlook.  
Contacts'  
mailing  
addresses  
A contact created in Outlook can have a mailing address labeled "other." This  
label is unavailable in Entourage. When contacts are synchronized, Entourage  
displays an address labeled as "other" as the "work" address. If users edit this  
address in Entourage, then the next time contacts are synchronized, the address  
label in Outlook changes to "business."  
Contacts'  
children's  
names  
In Entourage, users can store up to 10 children's names for each contact. If a user  
has an Outlook contact with more than 10 children listed, you should advise  
them against editing this contact in Entourage or all but the first 10 names will  
be deleted when Entourage synchronizes the contact with the Exchange server.  
Travel time in  
The travel time in a calendar item created in Entourage does not appear in  
calendar items Outlook. For example, if a user schedules an item for 1:00 P.M. to 2:00 P.M. with  
a travel time of 15 minutes, the Outlook Calendar blocks out only the one-hour  
scheduled time and does not include the travel time.  
IMAP  
With IMAP accounts, there are two synchronization options: using Live Sync and creating schedules  
for subscribed folders. Users can use Live Sync to maintain the connection to the IMAP server and  
apply changes they make to the read, unread, or flagged status of messages on the server, but  
they can maintain the connection to only one folder at a time. Users can also create schedules that  
synchronize their subscribed folders in Entourage with the IMAP mail server.  
Users can use Live Sync and schedules to perform the following actions:  
122  
Office 2008 Technical Reference  
Use  
To  
Live Sync  
Live Sync  
Maintain connection to the IMAP server for one folder.  
Apply changes to the read, unread, and flagged message status of messages on the  
IMAP server.  
Schedules Receive new mail messages or news from the server at a set time.  
Schedules Send all messages at a set time.  
Schedules Delete mail messages from the Deleted Items folder or another folder at a set time  
when the messages are older than a set number of days.  
Schedules Delete junk e-mail at a set time.  
POP  
With a POP account, users can use schedules to set when they want Entourage to synchronize with  
the POP mail server by sending or receiving mail messages.  
Users can also set a POP account's server options to leave a copy of each message on the server,  
delete messages after a set number of days, or delete messages after they are deleted from  
Entourage.  
Users can use schedules or server options to perform the following actions:  
Use  
To  
Schedules  
Schedules  
Server options  
Server options  
Receive new mail messages at a time that the user sets.  
Send all messages at a time that the user sets.  
Leave a copy of each message on the server.  
Delete messages from the server after they are deleted in  
Entourage.  
Schedules and server  
options  
Delete mail messages that are older than a set number of days.  
123  
Office 2008 Technical Reference  
About Open XML Formats  
Open XML Formats are the new default file formats for Word 2008, Excel 2008, and PowerPoint  
2008. They are also the default file formats for the 2007 Microsoft Office system for the Windows  
operating system. The new formats create smaller files that take up less space than the previous  
formats, and they also make it easier to recover damaged files and share files.  
For more information about how to open a file that is in a different file format, see "Open a file  
that is in a different format" in Word 2008 Help. For more information about how to save a file to  
a different file format, see "Save a document in a different format" in Word 2008 Help.  
The default Open XML file name extensions for Office 2008 include the following:  
File Name  
Application  
File Type  
Extension  
.pptx  
Description  
PowerPoint  
2008  
PowerPoint  
Presentation  
The default, XML-based presentation format  
for PowerPoint 2008 for Mac and PowerPoint  
2007 for Windows. Cannot store VBA macro  
code.  
PowerPoint  
2008  
PowerPoint  
Template  
.potx  
.ppsx  
Saves the presentation as an XML-based  
template that you can use to start new  
presentations. Saves presentation settings such  
as fonts, color schemes, slide layouts, and  
graphics.Cannot store VBA macro code.  
PowerPoint  
2008  
PowerPoint  
Show  
Saves as an XML-based presentation that  
always opens in slide show view. Compatible  
with PowerPoint 2008 for Mac and PowerPoint  
2007 for Windows.  
PowerPoint  
2008  
PowerPoint  
Macro-Enabled  
Presentation  
.pptm  
.potm  
The XML-based presentation format that  
preserves VBA macro code. VBA macros do  
not run in PowerPoint 2008.  
PowerPoint  
2008  
PowerPoint  
Macro-Enabled  
Template  
Saves the presentation as an XML-based  
template that preserves VBA macro code.  
Saves presentation settings such as fonts, color  
schemes, slide layouts, and graphics.VBA  
macros do not run in PowerPoint 2008.  
124  
   
Office 2008 Technical Reference  
File Name  
Extension  
Application  
File Type  
Description  
PowerPoint  
2008  
PowerPoint  
Macro-Enabled  
Show  
.ppsm  
The XML-based presentation format that  
always opens in slide show view and preserves  
VBA macro code. VBA macros do not run in  
PowerPoint 2008.  
PowerPoint  
2008, Excel  
2008, Word  
2008  
Office Theme  
.thmx  
Saves the font, color scheme, and background  
of the file for you to use as a new theme.  
Excel 2008  
Excel Workbook .xlsx  
The default, XML-based workbook format for  
Microsoft Excel 2008 for Mac and Excel 2007  
for Windows. Cannot store VBA macro code or  
Excel 4.0 macro sheets.  
Excel 2008  
Excel Template  
.xltx  
Saves the workbook as an XML-based  
template that you can use to start new  
workbooks. Saves settings such as formatting,  
headings, formulas, and custom toolbars.  
Cannot store VBA macro code or Excel 4.0  
macro sheets.  
Excel 2008  
Excel 2008  
Excel 2008  
Excel Binary  
Workbook  
.xlsb  
.xlsm  
.xltm  
Stores data in binary format. Takes less time to  
save, and helps keep sensitive data more  
secure. Preserves VBA macro code and Excel  
4.0 macro sheets. VBA macros do not run in  
Excel 2008.  
Excel Macro-  
Enabled  
Workbook  
The XML-based workbook format for  
Microsoft Excel 2008 for Mac and Excel 2007  
for Windows that preserves VBA macro code  
and Excel 4.0 macro sheets. VBA macros do  
not run in Excel 2008.  
Excel Macro-  
Enabled  
Template  
Saves the workbook as an XML-based  
template that preserves VBA macro code and  
Excel 4.0 macro sheets. VBA macros do not run  
in Excel 2008.  
125  
Office 2008 Technical Reference  
File Name  
Extension  
Application  
Excel 2008  
File Type  
Description  
Excel Add-In  
.xlam  
Saves the active sheet as an XML-based add-  
in, a supplemental program that is designed to  
run additional code. Preserves VBA macro  
code and Excel 4.0 macro sheets. VBA macros  
do not run in Excel 2008.  
Word 2008  
Word 2008  
Word  
Document  
.docx  
.dotx  
The default, XML-based document format for  
Word 2008 for Mac and Word 2007 for  
Windows.  
Word Template  
Saves the document as an XML-based  
template that you can use to start new  
documents. Saves document content and  
settings such as styles, page layout, AutoText  
entries, custom keyboard shortcut  
assignments, and menus.  
Word 2008  
Word 2008  
Word Macro-  
Enabled  
Document  
.docm  
.dotm  
The XML-based document format that  
preserves VBA macro code. VBA macros do  
not run in Word 2008.  
Word Macro-  
Enabled  
Template  
Saves the document as an XML-based  
template that preserves VBA macro code. VBA  
macros do not run in Word 2008.  
Attachment file types in Entourage 2008  
Entourage 2008 does not allow users to receive attachments from certain file types that could  
potentially carry a virus to their computers. The default list of unsafe file types is located in the  
Attachment Policy property list (.plist) file. This file is located in Microsoft  
Entourage.pkg/Contents/Resources/.  
You can choose to edit the Attachment Policy .plist file to create a supplementary .plist file that  
overrides or extends the policy to block or allow file types that you specify. You then can deploy  
this file to users' computers. For more information about how to customize the attachment policy  
settings, see Customize Entourage 2008 attachment settings in the Office 2008 Planning section.  
126  
   
Office 2008 Technical Reference  
The following tables identify the file types that Entourage 2008 blocks.  
Mac OS file types  
Mac OS file type  
Description  
APPL  
Executable Application  
UDIF Raw Device Image  
Disk Copy 4.2 Disk Image  
NDIF Disk Image  
devr  
dImg  
dimg, hdcm, hdro, rohd  
DMdf, DMd0 - DMd7  
DART Disk Image  
dseg  
hdrv  
mpkg  
pkg1  
Plmg  
osas  
NDIF Disk Image Segment  
Raw Disk Image  
Installer Metapackage  
Installer Package  
DVD Master  
Compiled AppleScript  
Self-mounting Image  
PC Drive Container  
Safari Web Location  
oneb  
OPCD  
ilht  
127  
Office 2008 Technical Reference  
Mime content types  
Mime content types  
Description  
application/x-csh  
application/hta  
C Shell Script  
Hypertext Application  
JavaScript Source Code  
application/x-javascript,  
application/javascript  
text/javascript  
application/x-sh  
text/vbscript  
Shell Script  
VBScript Script File, Visual Basic for Applications Script  
File name extensions  
File name extension  
Description  
.ade  
.adp  
.app  
.asp  
Access Project Extension  
Access Project  
Executable Application  
Active Server Page  
BASIC Source Code  
Batch Processing  
.bas  
.bat  
.cer  
Certificate File  
.chm  
.cmd  
.com  
.command  
.cpl  
Compiled HTML Help  
Command Script File  
Command Script File  
Command Script File  
Windows Control Panel Extension  
Certificate File  
.crt  
128  
Office 2008 Technical Reference  
File name extension  
Description  
.csh  
C Shell Script  
.dart  
.dc42  
.der  
DART Disk Image  
Disk Copy 4.2 Disk Image  
DER Encoded X509 Certificate File  
Disk Copy 4.2 Disk Image  
Safari download File  
.diskcopy42  
.download  
.gadget  
.exe  
Windows Vista gadget  
Executable File  
.fxp  
FoxPro Compiled Source  
Windows Help File  
.hlp  
.hta  
Hypertext Application  
.img  
NDIF Disk Image  
.imgpart  
.inf  
NDIF Disk Image Segment  
Information or Setup File  
IIS Internet Communications Settings  
IIS Internet Service Provider Settings  
Internet Document Set, Internet Translation  
JavaScript Source Code  
JScript Encoded Script File  
All Keychain Items  
.ins  
.isp  
.its  
.js  
.jse  
.keychain  
.ksh  
UNIX Shell Script  
.lnk  
Windows Shortcut File  
129  
Office 2008 Technical Reference  
File name extension  
.mad  
Description  
Access Module Shortcut  
Access File  
.maf  
.mag  
Access Diagram Shortcut  
Access Macro Shortcut  
Access Query Shortcut  
Access Report Shortcut  
Access Stored Procedures  
Access Table Shortcut  
Media Attachment Unit  
Access View Shortcut  
Access Data Access Page  
.mam  
.maq  
.mar  
.mas  
.mat  
.mau  
.mav  
.maw  
.mda  
Access Add-in, MDA Access 2 Workgroup  
Access Application, MDB Access Database  
Access MDE Database File  
Access Add-in Data  
.mdb  
.mde  
.mdt  
.mdw  
.mdz  
Access Workgroup Information  
Access Wizard Template  
.mpkg  
.msc  
Installer Metapackage  
Microsoft Management Console Snap-in Control File  
Microsoft Shell  
.msh  
.msh1  
.msh1xml  
Microsoft Shell  
Microsoft Shell  
130  
Office 2008 Technical Reference  
File name extension  
Description  
msh2  
msh2xml  
mshxml  
.msi  
Microsoft Shell  
Microsoft Shell  
Microsoft Shell  
Windows Installer File  
Windows Installer Update  
.msp  
.mst  
Windows SDK Setup Transform Script  
NDIF Disk Image  
.ndif  
.ops  
Office Profile Settings File  
All keychain Items  
.p10  
.p12  
.pcd  
.pem  
.pfx  
All keychain Items  
Visual Test  
All keychain Items  
All keychain Items  
.pif  
Windows Program Information File  
Installer Package  
.pkg  
.pl  
Perl Script File  
.plg  
Developer Studio Build Log  
Windows System File  
Program File  
.prf  
.prg  
.ps1  
Windows PowerShell  
Windows PowerShell  
Windows PowerShell  
.ps1xml  
.ps2  
131  
Office 2008 Technical Reference  
File name extension  
Description  
.ps2xml  
.psc1  
.psc2  
.pst  
Windows PowerShell  
Windows PowerShell  
Windows PowerShell  
Microsoft Exchange Address Book File, Outlook Personal  
Folder File  
.reg  
Registration Information/Key for Windows 95/98, Registry  
Data File  
.scf  
Windows Explorer Command  
Compiled AppleScript  
.scpt  
.scr  
Windows Screen Saver  
Windows Script Component, Foxpro Screen  
Shell Script  
.sct  
.sh  
.shb  
.shs  
Windows Shortcut into a Document  
Shell Scrap Object File  
.smi  
.sparseimag  
.term  
.tmp  
.trm  
.udif  
.url  
Self-mounting Image  
Sparse Disk Image  
Windows Terminal Script File  
Temporary File/Folder  
Terminal Script File  
UIDF Disk Image  
Internet locator  
.vb  
VBScript File or Any Visual Basic Source  
VBScript Encoded Script File  
.vbe  
132  
Office 2008 Technical Reference  
File name extension  
Description  
.vbs  
VBScript Script File, Visual Basic for Applications Script  
Visual Studio .NET Binary-based Macro Project  
Visio Workspace File  
.vsmacros  
.vsw  
.webloc  
.ws  
Safari Web Location  
Windows Script File  
.wsc  
Windows Script Component  
Windows Script File  
.wsf  
.wsh  
Windows Script Host Settings File  
Exchange Public Folder Shortcut  
.xnk  
For information about the file types that are blocked by Microsoft Office Outlook 2007 for  
(office.microsoft.com).  
on the Microsoft Web site  
Play voice mail messages received from Exchange Server  
2007 Unified Messaging  
If users are unable to play voice mail messages received from Exchange 2007 Unified Messaging,  
do one of the following:  
Ask users to download the Windows Media Player 9 for Mac OS X from the Windows  
Media Player 9 for Mac OS X page on the Microsoft Web site (microsoft.com) and  
then play the voice mail message. The message will play in Windows Media Player  
instead of from within Entourage.  
133  
   
Office 2008 Known Issues  
Change the format of the audio codec on the Exchange 2007 Unified Messaging from  
.wma to .wav, and then play the voice mail message from within Entourage. Exchange  
2007 Unified Messaging can use any of the following three audio codecs to create and  
store voice messages: Windows Media Audio (WMA), Group System Mobile (GSM)  
06.10, or G.711 Pulse Code Modulation (PCM) Linear. The WMA audio codec creates  
.wma audio files and the GSM 06.10 and G.711 PCM Linear audio codecs produce .wav  
audio files. For more information about Exchange 2007 Unified Messaging audio  
on the Microsoft  
TechNet Web site (technet.microsoft.com). For more information on how to modify the  
audio codec on the Exchange 2007 Unified Messaging dial plan, see How to Change the  
(technet.microsoft.com).  
on the Microsoft TechNet Web site  
Office 2008 Known Issues  
Security issue in Office 2008 remote installation  
to Mac OS X v10.4 (Tiger)  
Issue  
When you deploy Office 2008 by using a remote connection, such as Apple Remote Desktop, to a  
client computer at a login window, a postflight script in the Office Installer causes the Dock  
application to open with root user privileges. Any applications subsequently opened from the  
Dock will also be run with root user privileges. Under these conditions, someone with physical  
access to the client computer can gain local elevation of privilege. This security issue can only  
occur when Office 2008 is deployed to computers that run Mac OS X v10.4.9 or a later version of  
Mac OS X v10.4 (Tiger). This is not an issue for computers that run Mac OS X v10.5 (Leopard). For  
more information about this security issue, see Apple KB304131: "Remote Desktop: Installing a  
. For information about how to install by using  
Apple Remote Desktop, see Installation by using Apple Remote Desktop.  
134  
     
Office 2008 Known Issues  
Solution  
Before you use the Office 2008 installer, delete the postflight script file from Office  
Installer.mpkg/Contents/Packages/Office2008_<language>_dock.pkg/Contents/Resources/. A  
prevents network deployment of Office 2008 Dock icons. However, a postflight  
script, which is in the package that attempts to install icons in the Dock, runs successfully. The  
postflight script causes the Dock application to close and then reopen. To delete the postflight  
script, perform the following steps:  
1. Copy Office Installer from the Office 2008 DVD to a writable volume.  
2. Hold down CONTROL and click the Office Installer icon.  
3. Click Show Package Contents.  
4. Double-click Contents, and then double-click Packages, and then locate  
Office2008_<language>_dock.pkg.  
Note Replace <language> with the relevant two-letter language code, such as en, ja,  
or fr.  
5. Hold down CONTROL and click Office2008_<language>_dock.pkg, and then click  
Show Package Contents.  
6. Double-click Contents, and then double-click Resources, and then delete postflight.  
Mitigations  
Mitigation refers to a setting, common configuration, or general best-practice, existing in a default  
state, which could reduce the severity of exploitation of vulnerability. The following mitigating  
factors may be helpful in your situation:  
Mac OS X v10.5 (Leopard) is not vulnerable to this issue.  
Restarting the client computers after the installation removes the vulnerability.  
If you use Apple Remote Desktop 3 or later to deploy Office 2008, choose the options  
to lock the screens during installation. If the screen is locked during installation, then  
this vulnerability is not exposed.  
Note For an introduction to Apple Remote Desktop, see Apple Remote Desktop 3  
Apple Web site (www.apple.com/remotedesktop). For detailed information, see the Apple  
Remote Desktop Administrator's Guide documentation available for download from the  
Resources page in the same area of the Apple Web site.  
on the  
135  
Office 2008 Known Issues  
I can't download the volume license version  
of Office 2008 for Mac by using Safari  
Cause: Downloading the volume license version of Microsoft Office 2008 for Mac is unsuccessful  
when you use the Safari browser.  
Solution: We recommend that you use the latest version of Mozilla Firefox Web browser  
http://www.mozilla.com) to download the volume license versions of the Microsoft  
Office 2008 for Mac suite or stand-alone applications.  
Restricted users might have unauthorized access  
to Office 2008 for Mac program files  
Cause: An installation issue in Office 2008 for Mac could allow unauthorized access to Office 2008  
program files.  
Solution: Change the ownership permissions for Office 2008 files after installation.  
Microsoft is aware of an issue with Office 2008 installation that could allow a local user that does  
not have administrator privileges to access Office 2008 program files. The issue grants ownership  
permissions to only the user account that is assigned user ID (uid) 502. This issue affects only  
computers that have more than one local user account, and primarily affects environments, such as  
public computer labs and workplace networks, where access to program files is restricted. This  
issue will be corrected in a future update to Office 2008.  
To fix this issue, a user with administrator privileges can manually adjust the ownership permissions  
of Office 2008 by using the following procedure.  
1. Log in to the computer by using a user account with administrator privileges.  
2. In /Applications/Utilities, open Terminal.  
3. In the Terminal window, type the following command on one line, and then press  
RETURN.  
/usr/bin/sudo /bin/chmod -R a-st "/Applications/Microsoft Office 2008"  
"/Library/Automator" "/Library/Fonts/Microsoft" "/Library/Application Support/Microsoft"  
4. When prompted, enter the password for the user account that you used to log in in  
step 1.  
136  
     
Office 2008 Known Issues  
5. In the Terminal window, type the following command on one line, and then press  
RETURN.  
/usr/bin/sudo /usr/sbin/chown -h -R root:admin "/Applications/Microsoft Office 2008"  
"/Library/Automator" "/Library/Fonts/Microsoft" "/Library/Application Support/Microsoft"  
6. If prompted, enter the password for the user account that you used to log in in step  
Known issues for installation and removal of Office 2008  
Last updated: July 2009  
Dock icons are not installed during a remote installation  
If you use Apple Remote Desktop to install Office 2008 on another computer on your network,  
Dock icons are not installed.  
Duplicate fonts are moved to the Fonts Disabled folder during installation  
Fonts that are replaced by Office Installer are moved to either the /Library/Fonts Disabled folder or  
the /Users/username/Library/Fonts Disabled folder so that you can save them or restore them, if it  
is necessary.  
Information in running applications might not be displayed correctly after  
Office 2008 is installed  
Office Installer makes changes to fonts, and if you have an earlier version of Office on your  
computer, the Office Installer replaces old Office fonts with new fonts. If any running application is  
using a font that is replaced by the Office Installer, that application could become unstable or  
display information incorrectly.  
If you encounter these issues, quit and then restart the application. If quitting and restarting the  
application does not resolve the issue, restart the computer.  
137  
   
Office 2008 Known Issues  
To change Office Installer settings so that Office Installer doesn't install new fonts, do the  
following:  
1. Insert the Office 2008 installation DVD in the DVD drive.  
2. On the desktop, double-click the Microsoft Office 2008 DVD.  
3. Double-click Office Installer, and then follow the instructions on the screen until you  
reach the Installation Type page.  
4. On the Installation Type page, click Customize.  
5. Clear the Office Fonts check box.  
6. Click Install, and then follow the instructions on the screen to complete the installation.  
For more information about how fonts are installed by Office 2008, see KB948736 - Information  
Office 2008 updates cannot be installed if the Microsoft Office 2008 folder  
was moved, renamed, or modified  
Office Installer installs Microsoft Office 2008 for Mac in the Applications folder. If you move the  
Microsoft Office 2008 folder to another location on your computer, or if you rename or modify  
any of the files in the Microsoft Office 2008 folder, you cannot install product updates. To correct  
this issue so that you can install product updates, drag the Microsoft Office 2008 folder to the  
Trash, and then reinstall Office 2008 from your original installation disk.  
Office 2008 cannot be installed with the Office 2008 for Mac Trial Edition  
If you currently have Office 2008 Trial Edition on your computer, you must remove it because this  
free version will interfere with the Office 2008 installation.  
Perform the following steps to remove Office 2008 Trial Edition:  
1. In the Finder, open the Microsoft Office folder.  
The default location of the Office folder is /Applications/Microsoft Office.  
Note If you saved any documents in the Microsoft Office folder, move them to  
another location.  
2. In the Microsoft Office folder, open Additional Tools/Remove Office, double-click  
Remove Office, and then follow the instructions on the screen.  
3. Open /Users/user_name/Library/Preferences/Microsoft/Office 2008, click Microsoft  
Office 2008 Settings.plist, and then on the File menu, click Move to Trash.  
138  
Office 2008 Known Issues  
Office Installer cannot find a version of Office to upgrade or remove  
If Office Installer does not find an upgrade-eligible version of Office, click Continue to skip the  
search process. You will be given another opportunity to browse to the folder or CD that contains  
the upgrade-eligible version of Office.  
Office Installer and Remove Office use Spotlight to locate versions of Office that are installed on  
your computer. If Spotlight is disabled or does not search folders where a version of Office is  
located, Office Installer and Remove Office cannot find versions of Office that are eligible for  
upgrade, or versions of Office that you might want to remove. Also, the search might take longer if  
your computer has a slower processor or a very large hard disk.  
Office Setup Assistant cannot import identities that were created in  
Office v. X, Office 2001, or Office 98  
Office Setup Assistant cannot import identities that were created in Office 98, Office 2001, or  
Office v. X. To import these identities after installation, open Entourage 2008, and then on the File  
menu, click Import.  
Remove Office cannot remove versions of Office that are installed on a  
network volume  
Remove Office does not remove versions of Office that are installed on a network volume. To  
remove these versions, drag the Microsoft Office 2008 folder to the Trash.  
Remove Office moves templates in the My Templates folder to the Rescued  
Items folder  
Remove Office moves user-created templates that are stored in the My Templates folder of any  
earlier version of Office to the Rescued Items folder on the desktop.  
See also  
139  
Office 2008 Troubleshooting  
Office Setup Assistant quits unexpectedly during  
installation of Office 2008 for Mac to network home folders  
Cause  
There is insufficient available disk space for the login account.  
Solution  
Before you install Office 2008, make sure that the login account for a network home folder has at  
least 20 MB of available disk space.  
When I deploy Office 2008 for Mac SP1, the update is not  
installed on client computers  
Cause  
When you use Apple Remote Desktop or the command line to deploy Office 2008 SP1 Update, a  
script error in the installation package prevents deployment. Although Apple Remote Desktop or  
the command line indicate that Office 2008 SP1 Update was deployed successfully, the update is  
not installed on client computers.  
Solution  
Download the updated Office2008-1210Update.dmg file again from the Downloads  
the Microsoft Web site (www.microsoft.com/mac).  
Office 2008 Troubleshooting  
Troubleshooting Entourage  
Calendar issues  
140  
         
Office 2008 Troubleshooting  
Connectivity issues  
Database issues  
Mail and other issues  
141  

Motorola DROID XYBOARD 82 User Manual
Mitsubishi Electronics Mitsubishi Digital Electronics Coffeemaker FX3U User Manual
Meridian Audio G08 User Manual
Kyocera VM1450 User Manual
Kompernass AUTOMATIC SHREDDER KH4407 User Manual
DeLonghi BAR 32 132151040 User Manual
Clarion DXZ448R User Manual
Capresso Impressa J5 User Manual
Bunn IMIX 4 User Manual
Addonics Technologies DCHDIEU User Manual