What’s new for IT professionals in Office 2013

Office 2013 provides new features and improvements that help IT administrators configure, validate, deploy, and protect their Office installations. This article describes some changes in these areas.
In this article:

  • Active Directory-Based activation
  • Apps for Office
  • Click-to-Run
  • Click-to-Run customization
  • Co-Authoring
  • Access 2013: new application model
  • New Group Policy and OCT settings
  • Office Telemetry Dashboard and Office Telemetry Log
  • Office Web Apps
  • Office Web Apps Server
  • Security changes
  • Sign-in IDs
  • Downloadable proofing tool packages

Active Directory-Based activation

Volume activation establishes a relationship between the Volume License (VL) product key and a particular installation of the VL software on a device. Microsoft policy requires you to activate VL editions of Office 2010 and Office 2013 that run on both physical computers and virtual machines.
When Office 2013 runs on Windows 8 or Windows Server 2012, a new volume activation method is available: Active Directory-based activation.
Active Directory-Based activation uses your existing Active Directory infrastructure to activate all Office 2013 VL clients through their connection to the domain. To set up Active Directory-Based activation for Office 2013, configure Active Directory Domain Services (AD DS) from either a Windows 8 VL edition computer or a Windows Server 2012 computer. The Office 2013 VL clients can automatically activate against the domain as long as they are running on a Windows 8 or Windows Server 2012 client computer.

The two volume activation methods that were introduced in Office 2010: Key Management Service (KMS) and Multiple Activation Key (MAK), are still valid for Office 2013.

Apps for Office

Developers use apps for Office to create engaging new consumer and enterprise experiences that run within supported Office 2013 applications by using the power of the web and standard web technologies such as HTML5, XML, CSS3, JavaScript, and REST APIs.
An app for Office is basically a webpage that is hosted inside an Office client application. You can use an app for Office to extend the functionality of a document, email message, or appointment. The apps in apps for Office can run in multiple environments and clients. These include rich Office desktop clients, Office Web Apps, mobile browsers, and also on-premises and in the cloud. Developers can publish apps for Office to the Office Store or to an onsite catalog, where they can be available to users from their Office 2013 applications. As the IT Administrator of your organization, you can control how the apps for Office become available to users.


Office 2013 Click-to-Run is a technology that reduces the time that is required to download and use Office 2013 client products. Click-to-Run is based on core virtualization and streaming Microsoft Application Virtualization (App-V) technologies. The streaming technology lets you use a Click-to-Run program before the complete program is fully downloaded and installed on your computer.
Click-to-Run virtualization provides the following advantages:

  • Isolation of resources in a virtual environment allows for coexistence with earlier versions of Office, and improves cleanup and restore processes.
  • Extension points to the computer are published so Office is more integrated. This allows for add-ins to be written.
  • Streaming helps improve performance. The Office package is divided and is uncompressed over time, which optimizes network bandwidth and CPU usage.

Click-to-Run customization

Administrators can customize Click-to-Run product installations. Click-to-Run for Office 365 provides a downloadable Office Deployment Tool for Click-to-Run that enables administrators to download Click-to-Run for Office 365 product and language sources to an on-premises location. This is useful in scenarios where administrators want to minimize the demand on the network or want to prevent users from installing from the Internet because of corporate security requirements.
You can download the Office Deployment Tool from the Microsoft Download Center site. The download includes a sample Configuration.xml configuration file. To customize an installation, administrators run the Office Deployment Tool and provide a customized Configuration.xml file. The Office Deployment Tool performs the tasks that are specified by using the optional properties in the Configuration.xml configuration file.


Co-authoring simplifies collaboration by enabling multiple users to work productively on the same document without intruding on one another’s work or locking out other users. This capability requires no additional server setup and is the default status for documents that are stored in SharePoint 2013 document libraries.
Here are some changes in co-authoring for Office 2013.

  • Co-authoring is now supported in Visio Professional 2013, Word Web App, and PowerPoint Web App.
  • Seeing other editors who join the document to co-author is faster in Word 2013, Excel 2013, PowerPoint 2013, and Visio Professional 2013.
  • Updates are faster when multiple users co-author in the same OneNote page.
    Users who co-author also benefit from these changes in Office Web Apps, Office 2013, and SharePoint 2013.
  • Users can view, add, and reply to comments in Word Web App and PowerPoint Web App.
  • Users can open Word files that contain revision marks in Word Web App.
  • Users can easily set document permissions and send sharing notifications by using the Share with People feature in Office 2013 and SharePoint 2013.

Access 2013: new application model

The on-premises version of Access 2013 provides a new application model that uses SharePoint 2013 for hosting and SQL Server for data storage.

Access as a SharePoint app

Access 2013 is now an app for SharePoint, which means that you create Access web apps that run in the browser, and can manage Access as you would any SharePoint app, controlling everything centrally by using SharePoint tools. No additional passwords or logins are required because security is controlled through the same SharePoint infrastructure. Users can discover and share Access apps through the public SharePoint App Store or a private App Catalogue. They can use your app as long as they have a web browser and an Internet connection. Access does not have to be installed on users’ devices.
In addition, Access 2013 can open databases created in previous Access versions.
For more information about the new Access 2013 application model, see “New application model” in What’s new for Access 2013 developers.

SQL Server back end

If you create an app on a SharePoint Server that your company hosts on premises, Access creates the database in the SQL Server 2012 installation that is selected by the SharePoint administrator. This database stores all the objects and data that your application requires, such as tables, queries, macros, and forms. Whenever users visit the app, enter data, or change the design, they will be interacting with this database behind the scenes. The database created is specific to your app and is not shared with other apps.
SQL Server storage allows for speed, reliability, and scalability of the database long-term. In addition, advanced users can connect directly to the SQL Server database for advanced reporting and analysis with familiar tools such as Excel, Power View, and Crystal Reports.

More new features

Although these new features are not necessarily targeted to IT Professionals, you should be aware of them.

Access in Office 365

Access 2013 is also available in Office 365. If your Office 365 plan includes SharePoint, Microsoft can host your Access 2013 databases in the cloud. When you create an Access app in Office 365, your data is stored in a SQL Azure database.

New user features

Access 2013 provides new features that will help users perform tasks faster, and with more efficiency and flexibility.

New Group Policy and OCT settings

The Office 2013 Preview Administrative Template files (ADMX/ADML) and Office Customization Tool download package contains all Group Policy Administrative Template (ADMX/ADML) and Office Customization Tool (OPAX/OPAL) files for installations of Office 2013 (Windows installer-based) and Office 365 ProPlus (Click-to-Run).

Office Telemetry Dashboard and Office Telemetry Log

Office 2013 introduces a new application and document compatibility tool, known as Telemetry Dashboard. It replaces the Office 2010 compatibility tools Office Migration Planning Manager (OMPM), Office Code Compatibility Inspector (OCCI), and Office Environment Assessment Tool (OEAT). Telemetry Dashboard helps speed up Office 2013 deployments by reducing the overall time that is needed for migration planning and compatibility assessment. IT Professionals can use Telemetry Dashboard to identify typically used Office documents and solutions in their organizations and to view application events and crash data for select Office 2013 applications.
A companion tool for Telemetry Dashboard, known as Telemetry Log, is designed for developers and expert users who want to view event data for documents and solutions as they load, run, or raise errors in Office 2013. Telemetry Log shows local event data, whereas Telemetry Dashboard combines this event data for multiple client computers.

Office Web Apps

When used with SharePoint 2013 on-premises, Office Web Apps provides updated versions of Word Web App, Excel Web App, PowerPoint Web App, and OneNote Web App. Users can view and, depending on the current license, edit Office documents by using a supported web browser on computers and on different mobile devices, such as Windows Phones, iPhones, and iPads.
In addition to new features in Office Web Apps, the architecture and deployment methods have also changed. Office Web Apps is no longer tightly integrated with SharePoint. Instead, it is installed separately as part of Office Web Apps Server, a stand-alone Office server product. You no longer have to optimize the SharePoint infrastructure to support Office Web Apps, and you can apply updates to the servers that run Office Web Apps Server separately and at a different frequency than you update SharePoint.

Office Web Apps Server

Office Web Apps Server is an Office server product that provides browser-based file viewing and editing functionality for Office files. Office Web Apps Server works together with products and services that support WOPI, the Web app Open Platform Interface protocol. These products, known as hosts, include SharePoint 2013, Lync Server 2013, and Exchange Server 2013. Here are some features that Office Web Apps Server enables for these products:

  • SharePoint 2013 Users can access Office files from SharePoint document libraries by using Word Web App, Excel Web App, PowerPoint Web App, and OneNote Web App. There are many new features and capabilities, such as support for co-authoring in Word Web App and PowerPoint Web App.
  • Lync Server 2013 Users can broadcast PowerPoint presentations by using Lync 2013 and Lync Web App. Broadcasting is improved to support higher-resolution displays and a wider range of mobile devices than in earlier versions. Users who have the appropriate privileges can scroll through a PowerPoint presentation independent of the presentation itself.
  • Exchange Server 2013 In Outlook Web App, all attachments in an email message are displayed in a filmstrip that includes a thumbnail of each attachment. Users can preview attachments online in full fidelity.

An Office Web Apps Server farm can provide Office services to multiple on-premises hosts. You can scale out the farm from one server to multiple servers as your organization’s needs grow. Although Office Web Apps Server requires dedicated servers that run no other server applications, you can install Office Web Apps Server on virtual machine instances.
Deploying and managing Office Web Apps Server across an organization is easier now that it is a stand-alone product. You can apply updates to the Office Web Apps Server farm separately and at a different frequency than you can when you update SharePoint Server, Exchange Server, or Lync Server. Having a stand-alone Office Web Apps Server farm also means that users can view or edit Office files that are stored outside SharePoint 2013, such as those in shared folders or in document management products that support WOPI.

Security changes

Several new security features make it easier for users and IT professionals to use and trust Office 2013 applications and documents. These include the following:

  • Authentication in Office The days are over for providing a password multiple times as users conduct normal business, opening multiple Office files from different locations. Now users create a profile, sign in one time, and can seamlessly work on and access local and cloud Office files and not be required to re-identify themselves. Users can connect multiple services such as an organization’s SkyDrive or a user’s personal SkyDrive account, to their Office profiles and have instant access to all files and their associated storage. Users authenticate one time for all Office applications, including SkyDrive. This is true regardless of the identity provider (Microsoft account and the user ID that you use to access Office 365) or the authentication protocol that is used by the application (for example, OAuth, forms based, claims based, or Windows Integrated Authentication). From a user perspective, it all just works. From the IT perspective, these connected services can easily be managed. For more information, see Overview of Office 365 ProPlus.
  • File password escrow key Office 2013 includes new functionality that lets admins unlock password-protected Office files when, for example, the file owner either forgets the password or leaves the organization. By using a new Escrow Key Admin Tool, IT personnel can easily assign a new password to the file, or no password, and can save the file to the same location or a new location. You can download the Escrow Key Admin Tool from the Connect site.
  • Digital signature Several digital signature improvements were made for documents that were created by using Office 2013 applications.Plus, Office 2013 will verify signatures on ODF files that were created by using
    • other applications.
    • XAdES digital signatures in documents that are created by using Office 2013 applications are now easier to create. XAdES signed Office 2013 documents allow signers to add their addresses, titles, and to describe the intent of their signatures. Office 2013 will also evaluate -XL signatures by using the certificates and any revocation data that is contained in the file
  • Information Rights Management Office 2013 incorporates new Windows 2012 Active Directory Rights Management Services (AD RMS) features. Support for multiple user IDs for access to Office 365 and single sign-on means that choosing an identity and protecting content is much easier for users. Behind the scenes, this new functionality and automatic service discovery eliminate the need for registry configuration.
  • Enhancements to Office 2013 documents opened in “protected view” This is a feature that was introduced in Office 2010 and helps reduce exploits by opening files in a restricted sandboxed application container “lowbox” so that they can be examined before editing. New Windows 8 capabilities mean stronger process isolation and an application container that is blocked from network access.


IDs

In Office 365, users can sign in by using either of two types of credentials: Personal (Microsoft account) or Organization (the Office 365 user ID that is assigned by the organization). The user supplies these credentials within the user interface (UI) or they can be picked up from the operating system in certain cases.
You can enable one of four sign-in states by using the Block sign-in to Office setting in the Registry. This setting controls whether users can provide credentials to Office 2013 by using either their Microsoft account or the Office 365 user ID assigned by the organization.

The Registry key for this setting is as follows:


If you enable this setting, you can specify a particular sign-in option by setting one of the following values:

  • 0 Both IDs allowed
  • 1 Live ID only
  • 2 Org ID only
  • 3 None allowed

The following table shows what users can do when you set a particular sign-in option:

options and their effect

If you select this… This is what a user can do…
Both IDs allowed Sign in and access Office content by using either ID.
Live ID only Sign in only by using a Microsoft account.
Org ID only Sign in only by using the Office 365 user ID that is assigned by your organization.
None allowed Can’t sign in by using either ID.
If you disable, or do not configure, the Block sign-in to Office setting, the default setting is Both IDs allowed. Users can sign in by using either ID.
Office 2013 automatically bootstraps itself by using any Active Directory Domain Services (AD DS) account through which the user signed in to the operating system. If that Active Directory account is federated with Office 2013, the user automatically receives all benefits of signing into Office 2013 without having to perform any additional steps.

Downloadable proofing tool packages

Beginning in Office 2013, free downloadable proofing tool packages in 52 languages are available to all customers who have purchased the on-premises (MSI-installed) version of Office 2013, whether or not they are volume license customers. You can download these proofing tool packages in 32-bit or 64-bit versions from Office Proofing Tools.