• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Restrict user access to exchange mailbox from internet

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2007] >> Mobility >> Restrict user access to exchange mailbox from internet Page: [1]
Login
Message << Older Topic   Newer Topic >>
Restrict user access to exchange mailbox from internet - 19.Jun.2013 12:54:24 AM   
Osaid.Suliebi

 

Posts: 8
Joined: 12.Jun.2013
Status: offline
Dears,
we want to enable access from internet(i.e from smartphone) to exchange mailbox for some users not all,we have firewall and the exchange server is behind of this firewall,are there way(or software) to restrict users that can access to his mail pox from internet(from any IP).

please advice us..

Regards
Post #: 1
RE: Restrict user access to exchange mailbox from internet - 19.Jun.2013 1:06:37 AM   
Gulab

 

Posts: 646
Joined: 31.Jul.2008
From: India
Status: offline
Are you talking about accessing mailbox using OWA or Outlook Anywhere?
If you are talking about OWA, then you can simply disable the OWA for the user on the mailbox.

http://anandthearchitect.wordpress.com/2012/06/13/exchange-2010-disable-outlook-anywhere-feature-for-specific-mailboxes/

_____________________________

Gulab Prasad,
Technology Consultant
Exchange Ranger
Check out CodeTwo’s tools for Exchange admins

(in reply to Osaid.Suliebi)
Post #: 2
RE: Restrict user access to exchange mailbox from internet - 19.Jun.2013 6:09:08 AM   
Osaid.Suliebi

 

Posts: 8
Joined: 12.Jun.2013
Status: offline
Because i am talking about access to mailbox from mobile, i need way to restrict access to some user from internet not for all,enable and disable OWA of the user will effect to internally access to OWA mailbox.

another question related to it: if i create server and put it in DMZ/VLAN ,can i enable this server to access to specific mailbox??

Regards

(in reply to Gulab)
Post #: 3
RE: Restrict user access to exchange mailbox from internet - 19.Jun.2013 7:24:33 AM   
Gulab

 

Posts: 646
Joined: 31.Jul.2008
From: India
Status: offline
another question related to it: if i create server and put it in DMZ/VLAN ,can i enable this server to access to specific mailbox??
NO....

You can disable the Active Sync on the mailbox.

_____________________________

Gulab Prasad,
Technology Consultant
Exchange Ranger
Check out CodeTwo’s tools for Exchange admins

(in reply to Osaid.Suliebi)
Post #: 4
RE: Restrict user access to exchange mailbox from internet - 19.Jun.2013 8:23:55 AM   
mohammed.yusuf

 

Posts: 96
Joined: 28.Sep.2011
From: Lancashire
Status: offline
You could make a group security group in AD to allow OWA and Active Sync access. If you have firewall like TMG or ISA you could create a rule to allow only that security group to allow access for OWA and ActiveSync.

(in reply to Osaid.Suliebi)
Post #: 5
RE: Restrict user access to exchange mailbox from internet - 20.Jun.2013 1:11:51 AM   
Osaid.Suliebi

 

Posts: 8
Joined: 12.Jun.2013
Status: offline
Thanks mohmmad,
we have fortinet firewall and the exchange is behind of this firewall,we don't have ISA or TMG,some of our external user access to OWA after connected SSL-VPN, and internal user access to OWA from internal network, how can enable access to mailbox from internet for specific user with this case.

Regards

(in reply to mohammed.yusuf)
Post #: 6
RE: Restrict user access to exchange mailbox from internet - 20.Jun.2013 1:20:17 AM   
mohammed.yusuf

 

Posts: 96
Joined: 28.Sep.2011
From: Lancashire
Status: offline
You coulda ran the command to disable both, owa and activesync, at the same time.

Get-Mailbox | Where {$_.Database -eq "EXCHSRV-01\SG-01\MBX-01"} | Set-CASMailbox -OWAEnabled:$false -ActiveSyncEnabled:$false

(in reply to Osaid.Suliebi)
Post #: 7
RE: Restrict user access to exchange mailbox from internet - 20.Jun.2013 2:11:53 AM   
Osaid.Suliebi

 

Posts: 8
Joined: 12.Jun.2013
Status: offline
but i want restrict the access to exchange not restrict access to activesync/OWA in exchange itself, please note previously we have Blackberry Enterprise server and in this server we can specified user that can access to his mailbox via blackberry service ,
we want something like this (because we suspend the BES services )

(in reply to mohammed.yusuf)
Post #: 8
RE: Restrict user access to exchange mailbox from internet - 20.Jun.2013 2:42:12 AM   
mohammed.yusuf

 

Posts: 96
Joined: 28.Sep.2011
From: Lancashire
Status: offline
So your users are using BIS to connect through OWA. BIS would still use 443 to connect from outside unless you are using a different port on your firewall. First thing you could test to disable on one user account and disable OWA or run a powershell command.
Get-Mailbox –Identity <username> | Set-CASMailbox -OWAEnabled $False
you could revert it back to if you change $False to $ True.

It is not a new set up in your organisation so It would take time to fix this issue.

If it does not work then there is a list of BIS IP addresse,s it would come handy if you want to block permanently or monitor the logs.

http://btsc.webapps.blackberry.com/btsc/viewdocument.do?externalId=KB11036&sliceId=2&cmd=displayKC&docType=kc&noCount=true&ViewedDocsListHelper=com.kanisa.apps.common.BaseViewedDocsListHelperImpl

(in reply to Osaid.Suliebi)
Post #: 9
RE: Restrict user access to exchange mailbox from internet - 20.Jun.2013 3:03:53 AM   
Osaid.Suliebi

 

Posts: 8
Joined: 12.Jun.2013
Status: offline
i not mean there are problem in our blackberry server (we determined to stop this service) but as i told you we need solution instead of BES that can specifies specific user that can access to mailbox,
i think with this solution and confirm me if applicable:
install new exchange server in server in separated VLAN,and forward (sync) mailbox for specific user to this new exchange,and allowed 443 port from internet to this server (server in VLAN).

(in reply to mohammed.yusuf)
Post #: 10

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2007] >> Mobility >> Restrict user access to exchange mailbox from internet Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter