• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3649
  • Last Modified:

How to block external users to access OWA and Enable for internal users to access owa in Exchange 2010

Hi
I want to disable owa Access from External users and enable for internal users .
How can i achive this goel.
0
Atul1974
Asked:
Atul1974
2 Solutions
 
SterlingMcClungCommented:
Do you mean that you want block certain users from OWA or do you want to block everyone's access to OWA when they are outside the network?
0
 
Dustin99352Commented:
Just don't put OWA in your external DNS, and don't add an external URL for it in EMC.
0
 
Atul1974Author Commented:
sorry for Half information.

I. Everyboday can access OWA from internally.
2. Only few users will access owa from externally.
We have exchagne 2003, 2007 and 2010 SErver
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
ChiefoftheChissCommented:
I am not sure you can split OWA access like that from what I see, any change in another new OWA impacts straight DEFAULT OWA, consequently cause the blockage of these users when they access the DEFAULT OWA (when they access OWA internally

This post has a claim from someone that says they did it:
http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/82b28fdd-fa6d-4f4b-aead-a986fecfbf3f/
search near bottom for post from Leandro Casc√£o


WORKAROUND:

to most easily accomplish this I'd follow the lines of Dustin99352's comment

create your DNS record to point to the OWA site and only distribute the dns name to the users that need it... not ideal
0
 
SterlingMcClungCommented:
You could also create a custom login page that verifies a group membership for external access.  I am not exactly sure how to do this, but in the Remote Web Workplace portion of Small Business Server, they have a login page for the RWW.  From there you can click on a link to view your email.  This opens OWA in a separate window without having to login again.  I have always suspected that the first login page does a Windows integrated authentication/login and that this authentication is passed to the new window to authenticate automatically with OWA, but I have never tested this.  The only problem with this approach is that OWA will still be published to all external users and if they can find the regular login page, they can just use that.
0
 
SterlingMcClungCommented:
0
 
Atul1974Author Commented:
Ok, Is it posible to use TMG to control this ?
If Yes
How can i do that
0
 
Keith AlabasterEnterprise ArchitectCommented:
If you have set it up correctly in the first place you will have a publishing rule for each of the Exchange servers made available via FTMG.
If you don't want to allow external access to OWA then simply disable that publishing rule by right-clicking it and selecting disable.
If you want to limit to a selection of internal users to access when external then change the Users tab of the OWA publishing rule from all users to an appropriate AD group naming the selected users.

1
 
Atul1974Author Commented:
...
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now