How to troubleshoot issues with signatures not added to emails in Office 365
Signatures created with CodeTwo Email Signatures for Office 365 are not added to emails.
There might be several reasons why your messages do not receive signatures. Some reasons will be different for every signature mode in which CodeTwo Email Signatures for Office 365 works (server-side, client-side or combo), while other are common to all the modes. The most common issues and recommended solutions are described below.
Issues specific to all modes:
- An Office 365 tenant is not registered in CodeTwo services
- Incorrect signature mode selected
- Free trial period or subscription expired
- Number of licenses exceeded
- Initial synchronization/configuration of the program is not complete
- OAuth 2.0 access tokens expired
- Users recently added to a distribution group do not get signatures
- Unsupported message type
- Missing signature template formats (HTML, Plain Text)
- A message does not meet conditions/exceptions of a signature rule
Server-side mode specific issues:
Client-side mode specific issues:
- Unsupported Outlook version
- Modern CodeTwo Signatures Web Add-in for Outlook & OWA is not deployed correctly
- Classic CodeTwo Signatures Add-in for Outlook (COM Add-in) is not installed or used incorrectly
- Outlook has not been restarted (classic COM Add-in)
- Missing or inactive client-side rules in the signature management app
Combo mode specific issues:
- Identifying problems with server-side and client-side signatures
- Add-in installed by unauthorized users
Issues specific to all modes
Tenant registration is required for CodeTwo Email Signatures for Office 365 to operate in any of the modes. If signatures are not added to messages sent by any user, make sure that your tenant has not been deregistered or that it has not been blocked for any reason.
To check the status of your tenant, open the CodeTwo Admin Panel and go to the Dashboard or Tenants and see if your tenant is visible (Fig. 1.). If not, you need to register it. To do so, click the Add new tenant button and follow the instructions, as described here.
There are three signature modes available: server-side, client-side and combo. When CodeTwo Email Signatures for Office 365 operates in server-side mode, client-side signatures will not work (and vice versa). However, both types of signatures work in combo mode. If your signatures are not added to emails as expected, make sure you have selected the correct signature mode. To learn more about signature modes read this article.
To see which mode is currently selected, open the Dashboard or Tenants tab of the CodeTwo Admin Panel and look at the Signature mode field on your tenant card (Fig. 2.).
If you want to change the signature mode, click the Manage tenant () button next to the name of your tenant. Click Signature Modes in the left menu and select the mode you need. Make sure to click Apply at the bottom of the page for the changes to be saved. Some additional configuration steps may be required when changing signature modes and the program will inform you what to do next.
If your free trial version or your paid subscription plan expires, no email signatures will be added to your emails. You need to buy/renew your subscription. To learn how to check the status of your subscription and how to buy/renew a subscription, visit the Licensing section of the user's manual.
If some of your users get signatures in their emails while others don’t, you might have exceeded the number of available licenses. This situation occurs in server-side mode when you have configured the program's connectors incorrectly and the scope of senders is too wide - it covers more users than the number of licenses you purchased.
Every sender whose email travels through the CodeTwo Email Azure Service uses one license from your license pool, no matter if this user is defined in any signature rule. In the case of client-side signatures, licenses are consumed in a different way depending on which Outlook add-in is used. Learn more
If CodeTwo Email Signatures for Office 365 works in client-side mode and the number of licenses is exceeded, some of your users might not get any signatures and CodeTwo's signatures add-in for Outlook will show them a specific error message. In the case of the classic CodeTwo Signatures Add-in for Outlook (COM Add-in), some users will not be able to sign in to the add-in.
To solve the problem of excessive license consumption, you need to narrow down the scope of senders so that only the users who require email signatures are included:
- Server-side mode: reconfigure the connectors and specify the scope of users who will receive signatures. To do so, open the Admin Panel's Dashboard or Tenants tab and click the Manage tenant () button next to the name of your tenant. Select Exchange Online connectors in the left menu and click Configure connectors. Then, follow the steps described in the user's manual. If necessary, you can also reconfigure the connectors manually.
- Client-side mode: deploy an Outlook add-in for a selected group of users only. More information about the deployment can be found here (modern Web Add-in) or here (classic COM Add-in). This allows you to limit license consumption to users you actually intend to receive client-side signatures in their emails. If users have already manually installed the classic COM Add-in and signed in, you should inform them that they need to sign out and uninstall it from their Outlook desktop app.
- Combo mode: use the method for resolving the issue in server-side mode as well as the method for client-side mode to reduce the number of consumed licenses.
You can check the number of used licenses and which accounts are using them on the Manage tenant page in CodeTwo Admin Panel. See this article for details.
Once you perform the necessary steps, you need to reset the license count on the Manage tenant page in the CodeTwo Admin Panel. To do so, select Subscription in the left menu, go to the Signature licenses tab or the Autoresponder licenses tab, depending on which type of licenses you want to reset. Finally, click the Reset license count button (Fig. 4.).
If you narrowed down the scope of users who can get email signatures and reset the license count, but the problem persists, it is possible that your subscription requires additional licenses. Please contact our Support Team to consult this.
If you configure the program for the first time for your tenant, remember that some of your emails might not get signatures until the initial synchronization is over. The application needs to save the required AD attributes of your users in an internal cache called the Azure AD cache (read more in this article). The service holds a local copy of your Office 365 (Azure) Active Directory properties to instantly add AD placeholders to email signatures, without the need to constantly query your Active Directory. The first syncing process might take a while. You can check the status of initial synchronization in CodeTwo Admin Panel: enter the management pages of your tenant by clicking the Manage tenant () button next to the tenant's name, then select User AD attributes from the left menu. If you can see the date of the Last cache update (as shown in Fig. 5.), this means that the syncing is finished.
If the AD attribute synchronization is still in progress, you will see no date or the following information: The first synchronization is in progress (see Fig. 6.). Until the process is completed, your users might not get email signatures.
Azure access tokens are used to read organization's AD data. These tokens are set to not expire under normal circumstances but may do so in certain circumstances (see the user's manual for details) and need to be refreshed. If the access tokens expire and you modify your Active Directory without refreshing them, our software is not able to recognize your changes. For example, if your tokens are not valid and you add a new user to an AD group that is also defined (on the Senders tab in the signature management app) as the group of senders who trigger your signature rule, then this change will not be applied and this user will not get any signature. To fix this, refresh the tokens (Fig. 7.), as explained in our user's manual.
If you recently added new users to a distribution group/list that contains people in your organization whose emails receive signatures, these new users might not be able to get their signatures immediately. This may happen in the case of server-side, client-side and combo modes.
Remember that each time you modify a distribution group (e.g. add new users), it can take from a few minutes to a few hours for the changes to propagate in your Office 365. Email signatures created in the program might not be added to messages sent from new users during that time.
Certain email types are currently not supported by the program and will not receive signatures. See the user's manual to learn about the unsupported message types.
By default, the built-in signature editor opens on the HTML tab (Fig. 8.) that allows you to design a signature for most email clients. However, messages can also be sent in Plain Text (e.g. emails from mobile devices). Always prepare your signature templates in all available formats to make sure that signatures are always be added. Learn more
If you prefer to add HTML signatures also to emails sent in Plain Text, you can force the program to convert Plain Text emails to HTML. Learn more.
When you create a signature rule, you define various conditions that need to be fulfilled on the Senders, Recipients and Keywords tabs. By default, all of these conditions have to be fulfilled to trigger a rule and add a corresponding signature. In other words, if at least one condition is not fulfilled, an email will not receive a signature.
If your signatures are not added to your email, please review the Senders, Recipients and Keywords conditions to make sure that the message fulfills all of them.
As for the exceptions defined in the program, remember that a signature rule is suppressed for each exception individually. Learn more about conditions and exceptions.
Client-side signatures only use the Senders rules and conditions.
Server-side mode specific issues
Inbound and outbound connectors must be configured if you want to use CodeTwo Email Signatures for Office 365 in server-side or combo mode.
To check the status of your connectors, go to Admin Panel > Tenants. If your tenant card displays the message Connectors configuration required, you need to configure the connectors. You can do it manually or via the connectors configuration wizard. To launch the wizard, open the CodeTwo Admin Panel, go to the Dashboard or Tenants tab and click the Manage tenant () button next to the name of your tenant. Then, select Exchange Online connectors from the left menu and click Configure connectors (Fig. 9.). Next, then follow the steps described in the user's manual.
This problem occurs when there is a mismatch between the senders you defined for the program's outbound connector and the senders you indicated in a signature rule.
During the configuration of Exchange Online connectors for your tenant, you specify users (senders) whose emails should travel through the CodeTwo Email Azure Service. This setup step (Fig. 10.) concerns the program's outbound connector and the associated transport rule. In the example below, only the outgoing (external) emails from specified senders (e.g. the Executives in the figure below) will be routed through the CodeTwo Email Azure Service.
Remember that if you want to have signatures added to your internal emails, you need to additionally select Apply signatures also to internal messages (sent between the users of this tenant) in the 3rd step of the connectors wizard, as shown in Fig. 10. below. Without this setting, no internal message will receive a signature.
When the users you specified send messages, the CodeTwo Email Azure Service checks them against your signature rules and adds signatures only to emails that match the conditions defined in these rules. If you create a signature rule with the Senders condition (Fig. 11.) defined for users who are not included in the outbound connector, their emails will not receive any signatures.
Such mismatch is shown in the figures above: the rule adds signatures only to all users except from the members of the Sales and Marketing group (Fig. 11.). However, only emails of users from the Executives group (Fig. 10.) are forwarded to the CodeTwo Email Azure Service to get signatures.
To solve this problem, you need to reconfigure the connectors to extend the scope of senders. You can do it manually or via the connectors configuration wizard. To launch the wizard, open the Admin Panel's Dashboard or Tenants tab and click the Manage tenant () button next to the name of your tenant. Select Exchange Online connectors from the left menu and click Configure connectors, then follow the steps described in the user's manual.
If you would like to learn more about manually adding and removing groups and users, read this article.
Client-side mode specific issues
The modern CodeTwo Signatures Web Add-in for Outlook & OWA will work correctly only with supported versions of Outlook.
In the case of the classic CodeTwo Signatures Add-in for Outlook (COM Add-in), client-side signatures will only be added to emails sent from the Outlook desktop app for Windows, version 2013 or newer.
When you deploy the Web Add-in via the Microsoft 365 admin center, you need to define users who will get the add-in and, consequently, will be able to use client-side signatures. Make sure you’ve made the add-in available to the right people from your organization. Even though you’ve defined certain users as senders in a given rule, they may not get signatures simply because they were not included in the deployment.
Also, the central deployment via the Microsoft 365 admin center is recommended to ensure the optimum experience. Even though your users can install the add-in individually, they won’t be able to make use of the automatic signature insertion feature. Learn more
If CodeTwo signatures are not available for users in Outlook, make sure that these have the CodeTwo Signatures Add-in for Outlook (Fig. 12.) installed on their machine and they correctly use it.
The add-in can be installed individually by users as a click-once app that they download when instructed by the mail administrator. It is also possible for the admin to deploy the add-in centrally (for the whole organization, selected security groups or organizational units) using Group Policy Object (GPO) or with Microsoft Intune (all users or AAD groups).
To do so, verify that all affected users:
- Have the add-in installed (Learn how to quickly check installed software list with PowerShell)
- Signed in to the add-in using their credentials.
- Restarted Outlook when prompted to do so by the add-in
Once the add-in is installed and the user signs in, they should not sign out from the add-in. If the user signs out, client-side signatures will not be added correctly to their email messages. Also, if the admin makes any changes to the signatures, they will not be synchronized.
If the user signed out from the add-in after signatures were added to their Outlook apps, it is possible that client-side signatures will still be added to emails. This may also result in emails receiving double signatures if combo mode is used.
Restarting Outlook when prompted is very important. It is required after the first login to the classic COM Add-in and later, whenever the admin sets a new default signature, makes any changes to it or removes it. If a user changes the default signature in Outlook to a different one or modifies it in any way, the add-in will prompt to be restarted so that the signature set by the admin is restored as the default one.
Failure to restart Outlook when prompted may result in client-side signatures not being added or being added incorrectly.
The add-in will display error messages in its pane and the green status icon on the ribbon will disappear whenever a restart is required (Fig. 13. and Fig. 14.). Make sure the users follow these prompts and restart Outlook when requested.
If you want the client-side email signatures to work correctly, you need to set up client-side signature rules in the signature management app before the users begin using either of the two CodeTwo signatures add-ins for Outlook. If these rules are not configured, signatures will not be added.
When you prepare signature rules, make sure that they are turned on (Fig. 15., item 1), and that you click the Save button (Fig. 15., item 2) to submit your changes to CodeTwo Azure servers.
Make sure to define users on the Senders tab that you want to have access to the client-side signature applied by the given rule. You may include individual users or distribution groups, in which case all members of the group will be affected by the rule. Remember that if you recently added users to a group, this change may take some time to propagate.
Also keep in mind that server-side and client-side signature rules are separate from one another. Even if a user would have been affected by a server-side rule existing in an earlier configuration, new rules need to be prepared when configuring CodeTwo Email Signatures for Office 365 to operate in client-side mode. It is also particularly important to be aware of this when using combo-mode. To read about copying signature templates between client-side and server-side signature rules, click here.
Combo mode combines the features of server-side and client-side signature modes, which means that to troubleshoot a problem with adding signatures you should first establish whether it is a server-side or a client-side signature that is causing an issue. Remember that any user or shared mailbox may be subject to client-side and server-side rules.
The add-in can be installed individually by users as a ClickOnce app that they download when instructed by the mail administrator. It is also possible for the admin to deploy the add-in centrally using a GPO or Microsoft Intune.
It may happen that if you chose the individual deployment path, an Outlook user to whom only server-side rules apply installs the CodeTwo Signatures Add-in for Outlook (the ClickOnce version) and signs in. The add-in will inform the user that there are no signatures prepared for them (Fig. 16.) and that it will not add any client-side email signatures. However, as long as the user is signed-in to the add-in, no server-side signatures will be added to emails sent from Outlook. Make sure that users who should not receive client-side signatures do not install CodeTwo Signatures Add-in for Outlook.
To avoid such problems, you can choose the GPO or Intune deployment path - as it gives the admin more control over who has the add-in installed. It also helps prevent the users from installing the program unnecessarily and causing issues with both server-side and client-side signatures.