How to block Outlook Anywhere but still allow Outlook Web Access?

We use Exchange 2003/Windows 2003 in a front-end/back-end configuration. We have users who have their Outlook client configured to use "Outlook Anywhere", which is RPC over SSL. This enables them to get their corporate email without needing a VPN connection when working remotely. We also have some users that use "Outlook Web Access", which allows them to get their corporate email in a web browser, also using SSL. We now want to stop users from using Outlook Anywhere but still allow them to use Outlook Web Access. We do not use client certificates.

Is this possible to accomplish? If so, how?
LVL 1
robw24Asked:
Who is Participating?
 
Alan HardistyConnect With a Mentor Co-OwnerCommented:
The simplest way is to restrict access in IIS to the RPC virtual directory by IP address and only allow access from the Server's internal IP address.
0
 
robw24Author Commented:
I'm confused a little with your answer because we have the front-end and back-end servers, and I don't know which ones you refer to.
0
 
Alan HardistyCo-OwnerCommented:
Change the Front-End server settings and set it to only allow access from itself (by IP).
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
robw24Author Commented:
Thanks, that makes sense. May I ask though, why not just disable RPC altogether on the front-end server?
0
 
Alan HardistyCo-OwnerCommented:
There are many ways to skin a cat!

That would be another option - more difficult and less easily reversed, but doable.
0
 
robw24Author Commented:
I assume not, but this should not affect smart phones from using active-sync against the front-end server, correct?
0
 
Alan HardistyCo-OwnerCommented:
Correct.  Different methods of communication, so shouldn't be an issue.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.