robw24
asked on
How to block Outlook Anywhere but still allow Outlook Web Access?
We use Exchange 2003/Windows 2003 in a front-end/back-end configuration. We have users who have their Outlook client configured to use "Outlook Anywhere", which is RPC over SSL. This enables them to get their corporate email without needing a VPN connection when working remotely. We also have some users that use "Outlook Web Access", which allows them to get their corporate email in a web browser, also using SSL. We now want to stop users from using Outlook Anywhere but still allow them to use Outlook Web Access. We do not use client certificates.
Is this possible to accomplish? If so, how?
Is this possible to accomplish? If so, how?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Change the Front-End server settings and set it to only allow access from itself (by IP).
ASKER
Thanks, that makes sense. May I ask though, why not just disable RPC altogether on the front-end server?
There are many ways to skin a cat!
That would be another option - more difficult and less easily reversed, but doable.
That would be another option - more difficult and less easily reversed, but doable.
ASKER
I assume not, but this should not affect smart phones from using active-sync against the front-end server, correct?
Correct. Different methods of communication, so shouldn't be an issue.
ASKER