Category
stayInformed
Severity
normal
Major change
False
Last modified
2026-05-21 20:28:39
Summary source
Azure OpenAI (gpt-4.1)
Action by (Graph)
—
Action by (AI)
2026-05-20 00:00:00
Services
Exchange Online
Tags
Updated message, User impact, Admin impact
Master tags
User, Admin, Security
Roadmap IDs
518287
One-line summary
New Outlook for Windows now supports LDAP directories for S/MIME certificate lookup, allowing admins and users to configure LDAP sources for secure email encryption with external partners.
Similar updates
More like thisMC1105021 Intune policy to determine SMIME cert lookup priority
Intune policy to determine SMIME cert lookup priority New Intune policy lets admins set SMIME certificate lookup order in Outlook mobile, enhancing control over certificate selection from multiple sources. We're introducing a new Intune policy that allows admins to define the priority order for SMIME certificate lookup in Outlook mobile. This.
MC1147392 Microsoft Outlook: Set up classic Outlook accounts and settings in new Outlook for Windows automatically
Microsoft Outlook: Set up classic Outlook accounts and settings in new Outlook for Windows automatically Starting October 2025, Outlook will auto-configure classic Outlook accounts in new Outlook for Windows if conditions are met, enabling seamless transition without user setup. Introduction To simplify the transition experience, starting in.
MC1202974 Microsoft Outlook: Customizable oversharing dialog for DLP in New Outlook
Microsoft Outlook: Customizable oversharing dialog for DLP in New Outlook New Outlook for Windows adds customizable oversharing dialogs for DLP, letting admins tailor end-user prompts when oversharing is detected; feature is off by default unless configured. [Introduction] New Outlook for Windows will now support the ability to show a.
MC1198702 Microsoft Outlook: Wait on Send for Data loss Prevention
Microsoft Outlook: Wait on Send for Data loss Prevention New Outlook for Windows adds Wait on Send for DLP, letting admins block email sending until policy evaluation completes; feature is off by default and configurable via Exchange mailbox settings. This message is associated with Microsoft 365 Roadmap ID 498920. [When this will happen] .
MC927963 (Updated) New Microsoft Outlook for Windows: People Hub improvements
(Updated) New Microsoft Outlook for Windows: People Hub improvements New Outlook for Windows will get an updated People Hub with unified, enriched contacts, duplicate auto-hiding, and improved profile management, rolling out worldwide from mid-October 2025. ... Coming soon for new Outlook for Windows: an updated People Hub with a modern contact.
MC1104315 (Updated) New Microsoft Outlook for Windows: Drag and drop files between accounts as attachments
(Updated) New Microsoft Outlook for Windows: Drag and drop files between accounts as attachments New Outlook for Windows adds drag-and-drop to move emails/files between accounts as attachments, available mid-October 2025 for GA; feature depends on ItemsToOtherAccountsEnabled policy. Updated July 23, 2025: We have updated the timeline. We're.
Details
RoadmapIds
518287
Summary
New Outlook for Windows supports LDAP directories for S/MIME certificate lookup, enabling secure encrypted email with external partners. Admins configure LDAP via Exchange Online PowerShell; users add directories in Outlook settings. Rollout starts late May 2026 worldwide, early June in GCC. Feature enabled by default, no authentication supported.
Platforms
Desktop
Body (from Message Center)
Updated May 21, 2026: We have updated the content. Thank you for your patience.
[Introduction]
New Outlook for Windows now supports Lightweight Directory Access Protocol (LDAP) directories for S/MIME certificate lookup. This enables tenants to configure LDAP directories for their organization as well as enabling users to configure LDAP directories themselves. Once configured, users can find recipients’ public encryption certificates from the directories when sending encrypted email, improving secure collaboration with external partners. This is especially valuable for tenants who collaborate with external partners and rely on public/partner LDAP directories to store public S/MIME certificates of users.
This message is associated with Microsoft 365 Roadmap ID 518287.
[When this will happen:]
- General Availability (Worldwide): We will begin rolling out in late May 2026 and expect to complete by late May 2026.
- General Availability (GCC): We will begin rolling out in early June 2026 and expect to complete by late June 2026.
[How this affects your organization:]
Who is affected:
- Organizations that use S/MIME encryption with external recipients whose public certificates are hosted in third-party LDAP directories
- Admins managing Exchange Online
What will happen:
- Admins can configure LDAP directories using Exchange Online PowerShell.
- Users can add LDAP directories in Settings > Mail > S/MIME in new Outlook.
- When composing an S/MIME encrypted email, users can select recipients from the LDAP directory via the To field. This will directly enable Outlook to retrieve the certificate from the selected LDAP directory. If users add a recipient directly to the 'To list', Outlook will scan all available certificate sources, including the configured LDAP directories.
- LDAP endpoints must not require authentication, as authentication is not currently supported.
- Feature is enabled by default once available.
- No impact to:
- Classic Outlook for Windows users
- Organizations not using LDAP for S/MIME certificate discovery
Screenshot: “Add LDAP directory” option in Settings > Mail > S/MIME and LDAP recipient picker in the To field during message composition:
[What you can do to prepare:]
- No action is required to enable this feature
- If your organization uses LDAP for S/MIME certificates:
- Identify LDAP directory endpoints used by your organization
- Run the Add-LdapDirectory cmdlet to register a new directory:
Add-LdapDirectory -Organization "contoso.com" -Id "corp-ldap" -Host "ldap.corp.com" -Port 636 -UseSsl - Configure directories using Exchange Online PowerShell (Add-LdapDirectory).
- Ensure LDAP endpoints do not require authentication.
- Communicate guidance to users transitioning to new Outlook: Set up Outlook to use S/MIME encryption | Microsoft Support.
Learn more: Configure S/MIME in Exchange Online | Microsoft Learn (will be updated before we complete rollout)
[Compliance considerations:]
No compliance considerations identified, review as appropriate for your organization.
Raw JSON (for debugging)
Expand/collapse the full payload below.
Show/hide raw
{
"snapshot_item": {
"action_required_by": null,
"ai_action_required_by": "2026-05-20T00:00:00Z",
"ai_actions": [
"Identify relevant LDAP endpoints",
"Register LDAP directories via Exchange Online PowerShell",
"Ensure LDAP endpoints do not require authentication",
"Inform users about LDAP S/MIME setup in new Outlook"
],
"ai_master_tags": [
"User",
"Admin",
"Security"
],
"ai_model": "gpt-4.1",
"ai_summary": "New Outlook for Windows now supports LDAP directories for S/MIME certificate lookup, allowing admins and users to configure LDAP sources for secure email encryption with external partners.",
"ai_topics": [
"Exchange",
"Outlook"
],
"category": "stayInformed",
"details_map": {
"Platforms": "Desktop",
"RoadmapIds": "518287",
"Summary": "New Outlook for Windows supports LDAP directories for S/MIME certificate lookup, enabling secure encrypted email with external partners. Admins configure LDAP via Exchange Online PowerShell; users add directories in Outlook settings. Rollout starts late May 2026 worldwide, early June in GCC. Feature enabled by default, no authentication supported."
},
"id": "MC1310680",
"importance": 3,
"is_major_change": false,
"last_modified": "2026-05-21T20:28:39Z",
"ms_products": [
"Exchange"
],
"platforms": "Desktop",
"roadmap_ids": [
"518287"
],
"services": [
"Exchange Online"
],
"severity": "normal",
"tags": [
"Updated message",
"User impact",
"Admin impact"
],
"title": "(Updated) New Outlook for Windows: LDAP support for S/MIME certificate lookup"
}
}