?
Solved

Prevent Users From Adding Exchaneg Account From Home PC's

Posted on 2014-03-18
4
Medium Priority
?
168 Views
Last Modified: 2014-04-10
Hello team,
   we have a policy of not allowing users to add emails on to their home PC.
But if any user is even a little computer literate i don't see anyway i can stop any user from adding exchange account on their Home PC's
Is there any way i can restrict any user not not add any additional machines that they already have within the network.

by the way half of our employees have to have company laptops to out on the road so can't restrict outlook anyware and autodiscover
Thanks
0
Comment
Question by:Sabi Goraya
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 42

Accepted Solution

by:
Adam Brown earned 1000 total points
ID: 39938611
The only way you could restrict this the way you want to is to implement certificate based authentication, and even that may not fully restrict someone with enough savvy about handling certificates. http://blogs.technet.com/b/exchange/archive/2012/11/28/configure-certificate-based-authentication-for-exchange-activesync.aspx has some information on how it works and some instructions for implementation. Essentially you would control access to Exchange by issuing Certificates to devices. Any device with an authorized certificate could authenticate against Exchange, but devices without could not. The tricky part is deploying certificates to people. Other than that, there isn't much you can do to limit access to users' personal computers without disabling autodiscover and outlook anywhere externally.
0
 
LVL 10

Assisted Solution

by:Scott Thomson
Scott Thomson earned 1000 total points
ID: 39938751
There are a few options depending on what you are willing to spend ^_^

You could always cut access to outlook externally and then run it through citrix so that users can still access via a web portal. then close the access off via a security group??

You could use VPN so only internal ip addresses get Outlook and therefore the users would need a GRAS/RSA token?

you could always kill outlook and use OWA?

let me know how far you are willing to go with this and i can suggest some more solutions and maybe specifics.. Are you willing to change much about your current setup?
How large is your company?
0
 
LVL 4

Author Comment

by:Sabi Goraya
ID: 39960494
Thanks for the information guys
So in short, as it is now..its not possible .

to get this done we have to look or another solution but the way its setup now...we can't restrict users?
0
 
LVL 42

Expert Comment

by:Adam Brown
ID: 39960504
Yeah, pretty much.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses
Course of the Month9 days, 15 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question