Solved

How to block external users to access OWA and Enable for internal users to access owa in Exchange 2010

Posted on 2011-02-10
9
3,386 Views
Last Modified: 2012-05-11
Hi
I want to disable owa Access from External users and enable for internal users .
How can i achive this goel.
0
Comment
Question by:Atul1974
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 7

Expert Comment

by:SterlingMcClung
ID: 34868380
Do you mean that you want block certain users from OWA or do you want to block everyone's access to OWA when they are outside the network?
0
 
LVL 6

Expert Comment

by:Dustin99352
ID: 34868511
Just don't put OWA in your external DNS, and don't add an external URL for it in EMC.
0
 

Author Comment

by:Atul1974
ID: 34868526
sorry for Half information.

I. Everyboday can access OWA from internally.
2. Only few users will access owa from externally.
We have exchagne 2003, 2007 and 2010 SErver
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 6

Accepted Solution

by:
ChiefoftheChiss earned 250 total points
ID: 34869748
I am not sure you can split OWA access like that from what I see, any change in another new OWA impacts straight DEFAULT OWA, consequently cause the blockage of these users when they access the DEFAULT OWA (when they access OWA internally

This post has a claim from someone that says they did it:
http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/82b28fdd-fa6d-4f4b-aead-a986fecfbf3f/
search near bottom for post from Leandro Cascão


WORKAROUND:

to most easily accomplish this I'd follow the lines of Dustin99352's comment

create your DNS record to point to the OWA site and only distribute the dns name to the users that need it... not ideal
0
 
LVL 7

Expert Comment

by:SterlingMcClung
ID: 34872976
You could also create a custom login page that verifies a group membership for external access.  I am not exactly sure how to do this, but in the Remote Web Workplace portion of Small Business Server, they have a login page for the RWW.  From there you can click on a link to view your email.  This opens OWA in a separate window without having to login again.  I have always suspected that the first login page does a Windows integrated authentication/login and that this authentication is passed to the new window to authenticate automatically with OWA, but I have never tested this.  The only problem with this approach is that OWA will still be published to all external users and if they can find the regular login page, they can just use that.
0
 
LVL 7

Expert Comment

by:SterlingMcClung
ID: 34873097
0
 

Author Comment

by:Atul1974
ID: 34879668
Ok, Is it posible to use TMG to control this ?
If Yes
How can i do that
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 250 total points
ID: 34879709
If you have set it up correctly in the first place you will have a publishing rule for each of the Exchange servers made available via FTMG.
If you don't want to allow external access to OWA then simply disable that publishing rule by right-clicking it and selecting disable.
If you want to limit to a selection of internal users to access when external then change the Users tab of the OWA publishing rule from all users to an appropriate AD group naming the selected users.

1
 

Author Closing Comment

by:Atul1974
ID: 34940666
...
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question