Agent v7.0.0 and later includes a mail plugin for Microsoft Outlook. Some users have observed that after an installation or upgrade to v7.0.0 (or later), the first time it is possible to open Outlook, a prompt will appear with a dialog to Install the Reveal Agent Outlook plugin.

For example:

To avoid this message on each machine, it is necessary to add the NEXT DLP LIMITED code signing certificate as a Trusted Publisher.

Note: There are multiple versions of the code signing certificate, below are the options and the versions they reflect. It is worth mentioning that currently only the nextdlp-codesign.pem has a valid date range for the certificate.

• nextdlp-codesign.pem - For versions after 12.0.0.
• ava-codesign.pem- For versions 7.10.1 to 12.0.0.
• jazz-codesign.pem- For versions before 7.10.1.

Method 1: Group Policy Objects (GPO).

1. Copy the nextdlp-codesign.pem file (below) to a known location on the domain controller.
2. Open an appropriate Group Policy and navigate to Computer Configuration -> Policies -> Windows Settings -> Security Settings > Public Key Policies -> Trusted Publishers:
   
   
3. Under Trusted Publishers, select Import, using the nextdlp-codesign.pem file from step 1.
4. The certificate should be pushed to each machine at the next Group Policy update interval (usually a maximum of 90 minutes, or after a restart).

Method 2: Microsoft Endpoint Manager.

1. Sign in to the Microsoft Endpoint Manager admin center.
2. Select Devices -> Configuration profiles -> Create profile.
3. Enter the following properties:
1. Platform: Windows 10 and later.
2. Templates: Custom.
4. Select Create.
5. Use the following values for the fields in the custom profile:
1. Name: NextDLP Code signing (04/11/2024 - 04/11/2026).
2. Description: (Optional).
3. OMA-URI: ./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/
   33eea5b17261871e82d3571d228d4048fef6b16b/EncodedCertificate
4. Data type: String.
5. Value: Paste the contents of nextdlp-codesign-base64-endcoded.txt (below) into the Value field (the text file represents the certificate in base 64 encoded form).
                                                                          

6. Select Save.
7. Add scopes and assignments as necessary.

Note:

The steps above can only be used to verify agent versions after 12.0.0. To verify agent versions between 7.10.1 and 12.0.0 as well, repeat steps 1-5, but replace:

• Step 5(a) with Name: Ava Code signing (16/11/2021 - 15/11/2024).
• Step 5(c) with OMA-URI: ./Device/Vendor/MSFT/RootCATrustedCertificates/TrustedPublisher/
  8a54e969b497487ad68ba516e2409223d972d9c3/EncodedCertificate
• Step 5(e) with Value: Paste the contents of ava-codesign-base64-endcoded.txt (below) into the Value field (the text file represents the former certificate in base 64 encoded form).