How to set up organization-wide Outlook 365 (OWA) signature with PowerShell

How to set up organization-wide Outlook 365 (OWA) signature with PowerShell

Company-wide email signatures in OWA with PowerShell

[Update]: We’ve added a way to fix the PowerShell method for your tenant, without the need to contact Microsoft support.

If your company uses Microsoft 365, you can use PowerShell to add a unified email signature for everyone in your organization. I’ll show you a script which adds a unified personalized email signature to every mailbox. This way, everyone who uses Outlook on the web will have an email signature automatically added to their mailbox settings.

Reasons for unifying email signatures

Email signatures are tricky. They can be a single line with your name only or a compact design with the most important contact info. They can also be a cringe-worthy “Sent from my <insert_device_name>” or a monstrosity with multiple banners, a two-page disclaimer and broken layout, to top it all.

The fact is, an email signature is added (and usually expected) in every single email. A signature (or a footer) is a message in itself. It tells, among other things, whether:

  • you care about details,
  • you treat your job seriously,
  • the company cares about its image,
  • the company wants to be reached.

Every single employee is a brand ambassador. Tendency to generalize is in human nature – when an employee lacks professionalism in a conversation, recipients will often think it’s not only this single person. That’s why, with every bad signature, your brand gets a punch in its face.

Don’t get me wrong, I don’t think the world ends as soon as a bad signature is sent. It’s usually a much slower and sadder process when the brand and the company gradually lose trust. You can either unify email signatures and send a strong message that helps the brand, promotes your offers and supports you, or get a hit with every message sent. I’m only showing one of the methods to unify email signatures.

How it works

Before you run the script to set up email signatures with PowerShell, it is crucial to understand how the method works.

The script gets user information from Entra ID (Azure Active Directory, or AAD) and adds an HTML code of a signature (with those details included) to mailbox settings. At the moment, only Outlook on the web (OWA) can benefit from that. It means that when a user sends an email from Outlook for Mac, “classic” Outlook for Windows, or any client apart from Outlook on the web or the new Outlook for Windows – the signature you set up using this method will not show up.

Also, if your Microsoft 365 user database information is not updated, or is incomplete, the final result will not be attractive or helpful.

There are other methods of unifying email signatures in a company which will work for all email clients. See the video below to learn more:

Required permissions

Using PowerShell to set up Outlook on the web email signatures is possible in every Microsoft 365 organization. However, to execute the script that sets up those signatures, you need to be an admin and have at least some basic grasp of how PowerShell works.

There are a few permissions that you need to have to successfully run the PowerShell script:

  1. Your account needs to be PowerShell-enabled. It means that a global admin might use a simple cmdlet to grant access to a certain user (Set-User -Identity <certain user> -RemotePowerShellEnabled $true)
  2. You need to have User Options and Mail Recipients admin roles assigned.

Get HTML email signature template

Before running the script, you need the HTML code of the email signature template you’ll be using.

The best way to do this is to use the free email signature generator.

  1. Select Microsoft 365 as your email platform
Signature generator - Microsoft 365 email signature
  1. Choose a signature template. You can use the generator to change images and elements which will be the same for every user, like Company name, disclaimer and so on.
Pick email signature template for Outlook on the web
  1. Click Replace user data with Active Directory placeholders and Apply your signature. The first button replaces personal data with placeholders normally used in mail flow rules to automatically personalize users’ data in signatures. Placeholders don’t work this way when setting up OWA signature with PowerShell. The script will change placeholders to Entra ID (Azure Active Directory) data.
Signature generator - Replace user data with placeholders
  1. Generate the HTML signature, copy it and paste into a txt file. I’ve created it in C:\signature.txt for easy access. You can freely modify the HTML code, just remember it’s best to leave the %%AAD placeholders%% intact. The script relies on a certain format of those placeholders to enter relevant user information.
Signature generator - Generate and copy HTML

Set up an HTML email signature for everyone (PowerShell)

In the past, we’ve used Get-AzureAdUser to get user data from Microsoft 365. But since Azure AD module is deprecated, we needed to change it to Microsoft Graph PowerShell SDK.

The cmdlet that’s responsible for setting up signatures (Set-MailboxMessageConfiguration -Signature HTML) has been broken as a result of the signature cloud settings (aka roaming signatures) feature. For some time, the only way to get the script to work was to contact Microsoft support and ask them to disable roaming signatures for your Microsoft 365 tenant. Fortunately, now, Microsoft allows you to disable roaming signatures on your own, with PowerShell:

Set-OrganizationConfig -PostponeRoamingSignaturesUntilLater $true

Learn more about disabling roaming signatures for your organization

Before you run the script, you need to connect to Exchange Online using Connect-ExchangeOnline. If you run into any problems, see this article to learn how to make it work.

You can copy & paste the rest of the script into your PowerShell console:

$users = (Get-AzureADUser | select GivenName, Surname, Title, TelephoneNumber, Mobile, Mail, CompanyName, StreetAddress, City, PostalCode, State, Country) <# Gets all users' data from Entra ID (Azure AD) and saves selected information to an array. If you want to, you can get less or more data or modify the users’ scope. #>

$HTMLsig = Get-Content "C:\signature.txt" <# Saves HTML code of a signature from the signature generator to a variable. Change the path to the location of your file. #>

foreach($user in $users){

$HTMLSigX = ""; <# temporary variable with HTML code of a personalized signature #>

$HTMLSigX = $HTMLsig.replace('%%FirstName%%', $user.GivenName).replace('%%LastName%%', $user.Surname).replace('%%Title%%', $user.Title).replace('%%PhoneNumber%%', $user.TelephoneNumber).replace('%%MobileNumber%%', $user.Mobile).replace('%%Email%%', $user.Mail).replace('%%Company%%', $user.CompanyName).replace('%%Street%%', $user.StreetAddress).replace('%%City%%', $user.City).replace('%%ZipCode%%', $user.PostalCode).replace('%%State%%', $user.State).replace('%%Country%%', $user.Country) <# Replacing placeholders with personal user data #>

Set-MailboxMessageConfiguration $user.Mail -SignatureHTML $HTMLSigX -AutoAddSignature $true -AutoAddSignatureOnReply $true <# Saves the personalized email signature in mailbox settings. It should be available in Outlook on the web right away. The -AutoAddSignature parameter sets the signature as default for new messages and -AutoAddSignatureOnReply does the same for replies. Changing $true parameters to $false prevents the new signatures from being applied automatically. #>

After running the script, all users should get their personalized email signature in their Outlook on the web settings:

Outlook on the web personalized email signature

Limitations of PowerShell email signatures

Although useful, the Set-MailboxMessageConfiguration cmdlet is not perfect for managing email signatures – here are some of the reasons why:

  • First and foremost, changing mailbox settings works only on Outlook on the web (OWA) and the new Outlook for Windows. You can use VBScript to handle the older, (yet still the most popular) Outlook for Windows, but this way you’ll need to use two different methods to handle each signature update. Furthermore, you’d still only have some of the possible email clients handled.
  • You can’t use embedded images. Which means that in most cases, your recipients will need to intentionally click a dedicated button to see the graphics you so carefully designed for your email signature. Otherwise – images will be blocked.
  • It’s a bad idea if your Entra ID (Azure AD) is outdated. There’s no way to let users update their AAD properties (unless you want to give them administrative access; but I don’t think you do).
  • There’s no way to dynamically change the signature if, for example, a certain personal information is missing. It usually ends up with some users having the “Mobile:“ phrase in their signature and nothing next to it.
  • Each change or update requires you to operate on HTML code, there’s no editor you can use to work on the template’s design.
  • There’s no easy way to schedule email signature campaigns or use different designs for different recipients.

If you want to be able to manage email signatures for an entire Microsoft 365 organization without those limitations, there’s an easier alternative. CodeTwo Email Signatures 365 lets you manage signatures for all users without any scripting. Signatures are added to emails sent from all email clients and devices. Try it out for free

2 thoughts on “How to set up organization-wide Outlook 365 (OWA) signature with PowerShell

  1. Janak Khadka


    This is Janak Khadka. The solution is good for the fresh email or fresh email signature but i’m trying to edit email signature with this similar option but can’t able to do. Can you please help me to edit/update existing email signture “Outlook Web Signature” through powershell ?

    Actually it shows the changed email signature in powrershell but not in the user’s profile.

    1. Kamil Glaser Post author

      Try deleting the HTML using PowerShell and launch the script then. If it doesn’t help, it might be a bug. Outlook on the web has recently gotten an option to set up more than one signature. Unfortunately, as far as I know, there weren’t any changes to the cmdlet that would allow you to set up multiple different signatures. The only solution that fixes all email signature problems is CodeTwo Email Signatures for Office 365.


Leave a Reply

Your email address will not be published. Required fields are marked *