[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 815
  • Last Modified:

Exchange 2007 OWA external access restriction

We just installed Exchange 2007 and so far all works flawless. I have asked a few people so far and have not gotten a solid answer yet on OWA external access restriction so here goes:

Our company wants to allow OWA access internally and externally for salaried employees. We DO NOT want to allow EXTERNAL access for hourly employees, only internal.

I realize I can restrict OWA access for individuals through EMC, but from all of my test it will disable OWA in and out.....which is not what I want.

So, does anyone know of a way to allow certain employees to access OWA internally, but NOT externally?
0
EHRNOG
Asked:
EHRNOG
  • 3
  • 2
1 Solution
 
KOTiSCommented:
You can publish OWA through an ISA server and then disable access to ISA Server for those users. This is the only possible way i can think of...
0
 
EHRNOGAuthor Commented:
Thanks KOTiS, that is all I have come up with at the moment too. Unfortunately we do not have a ISA sever yet.

the seconday solution is to publish through Citrix and only allow certain individuals citrix access. (current setup).
0
 
KOTiSCommented:
Publishing OWA through Citrix is an expensive and complex solution, but if you already have Citrix installed then it's acceptable i suppose...

You can also make OWA available externally through VPN connected users only. Then you can give VPN Access only to the accounts you want... It's easy to setup a VPN connrection on any online PC and you don't need to install the ICA Client to use OWA
0
 
EHRNOGAuthor Commented:
I agree KOTiS. But we do currently run Citrix and do make it available that way. What we\I am trying to do is to not require someone to connect to Citrix just to check email.

You're right, VPN is a solution, but we try not to push anyone towards that (management decision). We only give VPN to certain individuals.

thanks for all of your input so far.
0
 
KOTiSCommented:
I have another idea... I believe you can configure the OWA Web site to require a client certificate. Then you can deploy certificates to all internal clients and allow only certain remote users to request a certificate. If a user has no Certificate then IIS won't allow access.
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now