How to troubleshoot issues with signatures not added to emails in Office 365
Signatures created with CodeTwo Email Signatures for Office 365 are not added to emails.
There might be several reasons why your messages do not receive signatures. Some reasons will be different for every signature mode in which CodeTwo Email Signatures for Office 365 works (server-side, client-side or combo), while other are common to all the modes. The most common issues and recommended solutions are described below.
Issues specific to all modes:
- An Office 365 tenant is not registered in CodeTwo services
- Incorrect signature mode selected
- Free trial period or subscription expired
- Number of licenses exceeded
- Initial synchronization/configuration of the program is not complete
- OAuth 2.0 access tokens expired
- Users recently added to a distribution group do not get signatures
- Unsupported message type
- Missing signature template formats (HTML, Plain Text)
- A message does not meet conditions/exceptions of a signature rule
Server-side mode specific issues:
Client-side mode specific issues:
- Unsupported Outlook version
- CodeTwo Signatures Add-in for Outlook is not installed or used incorrectly
- Outlook not restarted
- Missing or inactive client-side rules in the signature management app
Combo mode specific issues:
- Identifying problems with server-side and client-side signatures
- Add-in installed by unauthorized users
Issues specific to all modes
Tenant registration is required for CodeTwo Email Signatures for Office 365 to operate in any of the modes. If signatures are not added to messages sent by any user, make sure that your tenant has not been deregistered or that it has not been blocked for any reason.
To check the status of your tenant, open the CodeTwo Admin Panel and go to the Dashboard or Tenants and see if your tenant is visible (Fig. 1.). If not, you need to register it. To do so, click the Add new tenant button and follow the instructions, as described here.
There are three signature modes available: server-side, client-side and combo. When CodeTwo Email Signatures for Office 365 operates in server-side mode, client-side signatures will not work (and vice versa). However, both types of signatures work in combo mode. If your signatures are not added to emails as expected, make sure you have selected the correct signature mode. To learn more about signature modes read this article.
To see which mode is currently selected, open the Dashboard or Tenants tab of the CodeTwo Admin Panel and look at the Signature mode field on your tenant card (Fig. 2.).
If you want to change the signature mode, click the Manage tenant () button next to the name of your tenant. Click Signature Modes in the left menu and select the mode you need. Make sure to click Apply at the bottom of the page for the changes to be saved. Some additional configuration steps may be required when changing signature modes and the program will inform you what to do next.
If your free trial version or your paid subscription plan expires, no email signatures will be added to your emails. You need to buy/renew your subscription. To learn how to check the status of your subscription and how to buy/renew a subscription, visit the Licensing section of the user's manual.
If some of your users get signatures in their emails while others don’t, you might have exceeded the number of available licenses. This situation occurs in server-side mode when you have configured the program's connectors incorrectly and the scope of senders is too wide - it covers more users than the number of licenses you purchased.
Every sender whose email travels through the CodeTwo Email Azure Service uses one license from your license pool, no matter if this user is defined in any signature rule. Additionally, every user who signs-in to the CodeTwo Signatures Add-in for Outlook also consumes one license, as long as the same user has not yet been assigned a license by having messages processed by the CodeTwo Email Azure Service. Keep in mind that a single user will not consume more than one license. Learn more.
If CodeTwo Email Signatures for Office 365 is working in client-side mode and the number of licenses is exceeded, every user who has no license so far and tries to sign in to the CodeTwo Signatures Add-in for Outlook will receive an error message (Fig. 4.) informing that a license cannot be assigned at that time and the user will not be able to sign in.
To solve the problem of excessive license consumption, you need to narrow down the scope of senders so that only the users who require email signatures are included. This allows you to avoid excessive usage of licenses.
In server-side mode, you can reconfigure the connectors and specify the scope of users who will receive signatures. To do so, open the Admin Panel's Dashboard or Tenants tab and click the Manage tenant () button next to the name of your tenant. Select Exchange Online connectors in the left menu and click Configure connectors. Then, follow the steps described in the user's manual. If necessary, you can also reconfigure the connectors manually.
To avoid exceeding the number of assigned licenses in the case of using client-side mode, it is best to centrally deploy the CodeTwo Signatures Add-in for Outlook during the initial configuration of our software. Read this article to learn more. This allows you to limit license consumption to users you actually intend to receive client-side signatures in their emails. Additionally, this allows you to centrally remove the add-in, if you decide a user no longer needs it.
If users have already manually installed the add-in and signed in, you should inform them that they need to sign out and uninstall it from their Outlook desktop app.
In combo mode, you should use the method for resolving the issue in server-side mode as well as the method for client-side mode to reduce the number of consumed licenses.
You can check the number of used licenses and which accounts are using them on the Manage tenant page in CodeTwo Admin Panel. See this article for details.
After reconfiguring connectors or making sure that the users who were required to do so removed the add-in from their Outlook as per the steps above, you need to reset the license count on the Manage tenant page in the CodeTwo Admin Panel by selecting Subscription in the left menu and then clicking Reset license count (Fig. 5.).
If you narrowed down the scope of users who can get email signatures and reset the license count, but the problem persists, it is possible that your subscription requires additional licenses. Please contact our Support Team to consult this.
If you configure the program for the first time for your tenant, remember that some of your emails might not get signatures until the initial synchronization is over. The application needs to save the required AD attributes of your users in an internal cache called the Azure AD cache (read more in this article). The service holds a local copy of your Office 365 (Azure) Active Directory properties to instantly add AD placeholders to email signatures, without the need to constantly query your Active Directory. The first syncing process might take a while. You can check the status of initial synchronization in CodeTwo Admin Panel: enter the management pages of your tenant by clicking the Manage tenant () button next to the tenant's name, then select User AD attributes from the left menu. If you can see the date of the Last cache update (as shown in Fig. 6.), this means that the syncing is finished.
If the AD attribute synchronization is still in progress, you will see no date or the following information: The first synchronization is in progress (see Fig. 7.). Until the process is completed, your users might not get email signatures.
Azure access tokens are used to read organization's AD data. These tokens are set to not expire under normal circumstances but may do so in certain circumstances (see the user's manual for details) and need to be refreshed. If the access tokens expire and you modify your Active Directory without refreshing them, our software is not able to recognize your changes. For example, if your tokens are not valid and you add a new user to an AD group that is also defined (on the Senders tab in the signature management app) as the group of senders who trigger your signature rule, then this change will not be applied and this user will not get any signature. To fix this, refresh the tokens (Fig. 8.), as explained in our user's manual.
If you recently added new users to a distribution group/list that contains people in your organization whose emails receive signatures, these new users might not be able to get their signatures immediately. This may happen in the case of server-side, client-side and combo modes.
Remember that each time you modify a distribution group (e.g. add new users), it can take from a few minutes to a few hours for the changes to propagate in your Office 365. Email signatures created in the program might not be added to messages sent from new users during that time.
Certain email types are currently not supported by the program and will not receive signatures. See the user's manual to learn about the unsupported message types.
By default, the built-in signature editor opens on the HTML tab (Fig. 9.) that allows you to design a signature for most email clients. However, messages can also be sent in Plain Text (e.g. emails from mobile devices). Always prepare your signature templates in all available formats to make sure that signatures are always be added. Learn more
If you prefer to add HTML signatures also to emails sent in Plain Text, you can force the program to convert Plain Text emails to HTML. Learn more.
When you create a signature rule, you define various conditions that need to be fulfilled on the Senders, Recipients and Keywords tabs. By default, all of these conditions have to be fulfilled to trigger a rule and add a corresponding signature. In other words, if at least one condition is not fulfilled, an email will not receive a signature.
If your signatures are not added to your email, please review the Senders, Recipients and Keywords conditions to make sure that the message fulfills all of them.
As for the exceptions defined in the program, remember that a signature rule is suppressed for each exception individually. Learn more about conditions and exceptions.
Client-side signatures only use the Senders rules and conditions.
Server-side mode specific issues
Inbound and outbound connectors must be configured if you want to use CodeTwo Email Signatures for Office 365 in server-side or combo mode.
To check the status of your connectors, go to Admin Panel > Tenants. If your tenant card displays the message Connectors configuration required, you need to configure the connectors. You can do it manually or via the connectors configuration wizard. To launch the wizard, open the CodeTwo Admin Panel, go to the Dashboard or Tenants tab and click the Manage tenant () button next to the name of your tenant. Then, select Exchange Online connectors from the left menu and click Configure connectors (Fig. 10.). Next, then follow the steps described in the user's manual.
This problem occurs when there is a mismatch between the senders you defined for the program's outbound connector and the senders you indicated in a signature rule.
During the configuration of Exchange Online connectors for your tenant, you specify users (senders) whose emails should travel through the CodeTwo Email Azure Service. This setup step (Fig. 11.) concerns the program's outbound connector and the associated transport rule. In the example below, only the outgoing (external) emails from specified senders (e.g. the Executives in the figure below) will be routed through the CodeTwo Email Azure Service.
Remember that if you want to have signatures added to your internal emails, you need to additionally select Apply signatures also to internal messages (sent between the users of this tenant) in the 3rd step of the connectors wizard, as shown in Fig. 11. below. Without this setting, no internal message will receive a signature.
When the users you specified send messages, the CodeTwo Email Azure Service checks them against your signature rules and adds signatures only to emails that match the conditions defined in these rules. If you create a signature rule with the Senders condition (Fig. 12.) defined for users who are not included in the outbound connector, their emails will not receive any signatures.
Such mismatch is shown in the figures above: the rule adds signatures only to users from the Sales Team group (Fig. 12.), but only emails of users from the Executives are forwarded to the CodeTwo Email Azure Service to get signatures (Fig. 11.).
To solve this problem, you need to reconfigure the connectors to extend the scope of senders. You can do it manually or via the connectors configuration wizard. To launch the wizard, open the Admin Panel's Dashboard or Tenants tab and click the Manage tenant () button next to the name of your tenant. Select Exchange Online connectors from the left menu and click Configure connectors, then follow the steps described in the user's manual.
If you would like learn more about manually adding and removing groups and users, read this article.
Client-side mode specific issues
Client-side signatures will only be added to emails sent from the Outlook desktop app for Windows, version 2013 or newer. Make sure that users in your organization are using supported versions of Outlook.
If CodeTwo signatures are not available for users in Outlook, make sure that these have the CodeTwo Signatures Add-in for Outlook (Fig. 13.) installed on their machine and they correctly use it.
The add-in can be installed individually by users as a click-once app that they download when instructed by the mail administrator. It is also possible for the admin to deploy the add-in centrally (for the whole organization, selected security groups or organizational units) using Group Policy Object (GPO) or with Microsoft Intune (all users or AAD groups).
To do so, verify that all affected users:
- Have the add-in installed (Learn how to quickly check installed software list with PowerShell)
- Signed in to the add-in using their credentials.
- Restarted Outlook when prompted to do so by the add-in
Once the add-in is installed and the user signs in, they should not sign out from the add-in. If the user signs out, client-side signatures will not be added correctly to their email messages. Also, if the admin makes any changes to the signatures, they will not be synchronized.
If the user signed out from the add-in after signatures were added to their Outlook apps, it is possible that client-side signatures will still be added to emails. This may also result in emails receiving double signatures if combo mode is used.
Restarting Outlook when prompted is very important. It is required after the first login and later, whenever the admin sets a new default signature, makes any changes to it or removes it. If a user changes the default signature in Outlook to a different one or modifies it in any way, the add-in will prompt to be restarted so that the signature set by the admin is restored as the default one.
Failure to restart Outlook when prompted may result in client-side signatures not being added or being added incorrectly.
The add-in will display error messages in its pane and the green status icon on the ribbon will disappear whenever a restart is required (Fig. 14. and Fig. 15.). Make sure the users follow these prompts and restart Outlook when requested.
If you want the client-side email signatures to work correctly, you need to set up client-side signature rules in the signature management app before the users begin using the CodeTwo Signatures Add-in for Outlook. If these rules are not configured, signatures will not be added.
When you prepare signature rules, make sure that they are turned on (Fig. 16., item 1), and that you click the Save button (Fig. 16., item 2) to submit your changes to CodeTwo Azure servers.
Make sure to define users on the Senders tab that you want to have access to the client-side signature applied by the given rule. You may include individual users or distribution groups, in which case all members of the group will be affected by the rule. Remember that if you recently added users to a group, this change may take some time to propagate.
Also keep in mind that server-side and client-side signature rules are separate from one another. Even if a user would have been affected by a server-side rule existing in an earlier configuration, new rules need to be prepared when configuring CodeTwo Email Signatures for Office 365 to operate in client-side mode. It is also particularly important to be aware of this when using combo-mode. To read about copying signature templates between client-side and server-side signature rules, click here.
Combo mode combines the features of server-side and client-side signature modes, which means that to troubleshoot a problem with adding signatures you should first establish whether it is a server-side or a client-side signature that is causing an issue. Remember that any user or shared mailbox may be subject to client-side and server-side rules.
The add-in can be installed individually by users as a ClickOnce app that they download when instructed by the mail administrator. It is also possible for the admin to deploy the add-in centrally using a GPO or Microsoft Intune.
It may happen that if you chose the individual deployment path, an Outlook user to whom only server-side rules apply installs the CodeTwo Signatures Add-in for Outlook (the ClickOnce version) and signs in. The add-in will inform the user that there are no signatures prepared for them (Fig. 17.) and that it will not add any client-side email signatures. However, as long as the user is signed-in to the add-in, no server-side signatures will be added to emails sent from Outlook. Make sure that users who should not receive client-side signatures do not install CodeTwo Signatures Add-in for Outlook.
To avoid such problems, you can choose the GPO or Intune deployment path - as it gives the admin more control over who has the add-in installed. It also helps prevent the users from installing the program unnecessarily and causing issues with both server-side and client-side signatures.