What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!
Course Of The Month
4 days, 16 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Prevent Outlook from connecting if RPC encryption is not enabled.
Posted on 2015-01-05
I would like to prevent Outlook 2010 and 2013 clients from connecting if RPC encryption is disabled/unchecked. I'm using a Exchange 2010 server and I've configured a setting that should accomplish this (unless I'm missing something).
Set‐MailboxServer <ServerName> ‐MapiEncryptionRequired:$t
I've also check the following command and "EncryptionRequired" is set to true.
Get‐RpcClientAccess | fl Server,EncryptionRequired
However, when I run Outlook with the RPC encryption feature unchecked, I'm still able to connect to the exchange server, and send messages. One thing I noticed is the address book is no longer works, so I think I'm on the right track. Is there anything I'm missing? Thank you for your time.
Set‐MailboxServer <ServerName> ‐MapiEncryptionRequired:$t
I've also check the following command and "EncryptionRequired" is set to true.
Get‐RpcClientAccess | fl Server,EncryptionRequired
However, when I run Outlook with the RPC encryption feature unchecked, I'm still able to connect to the exchange server, and send messages. One thing I noticed is the address book is no longer works, so I think I'm on the right track. Is there anything I'm missing? Thank you for your time.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
6-
5
12 Comments
Active today
From what you have illustrated above it appears correct. Does this happen with all clients?
Take a look at the technet below to ensure that you have done all of the steps accordingly, and haven't missed anything.
Technet for Encrypted Connections
Will.
Take a look at the technet below to ensure that you have done all of the steps accordingly, and haven't missed anything.
Technet for Encrypted Connections
Will.
Active today
How many CAS servers you have in your environment. As you need to run this on all CAS servers.
Active today
Amit: I've have on exchange 2010 server that's in production. I also have a exchange 2013 server install, but I haven't migrated any mailboxes to the new server. But I did apply the configuration to both servers.
Will: This Technet link is what I used to configure and verify RPC encryption.
Will: This Technet link is what I used to configure and verify RPC encryption.
Active today
So here is a twist. I am sure you know, how clients now connect to Exchange 2013. Everything is now http. How you installed Exchange 2013, multi-role or you separated the roles?
Also, you need to tell your Exchange design, how many servers in total, how many sites they are spread out.
Also, you need to tell your Exchange design, how many servers in total, how many sites they are spread out.
Active today
When I installed Exchange 2013, I installed both CAS and mailbox, since we will be decommissioning exchange 2010 server at some point. I only have 1 active exchange 2010 server. The exchange 2013 server is not being used at this time until we're ready to move mailboxes. Both servers are on the same network.
Active today
I've shutdown the Exchange 2013 server, and test Outlook 2010 and 2013 without using RPC encryption. Unfortunately, I'm still able to connect to the server and send messages.
Active today
Ok Restart RPC Client Access services on your Exchange 2010 server and test again. Suggest you to check this as well
http://www.msexchange.org/articles-tutorials/exchange-server-2007/planning-architecture/uncovering-new-rpc-client-access-service-exchange-2010-part2.html
http://www.msexchange.org/articles-tutorials/exchange-server-2007/planning-architecture/uncovering-new-rpc-client-access-service-exchange-2010-part2.html
Active today
I've restarted the RPC Client Access service. But I'm still able to connect to the exchange server, and send messages. I'm reviewing the MSExchange,org article now.
Active today
I haven't been able to prevent outlook clients from connecting to the exchange server. For now, I've downloaded the office 2010 and 2013 admin templates and created a group policy that enforces RPC encryption (or prevents the user from disabling the setting).
Featured Post
Managing Active Directory can get complicated. Often, the native tools for managing AD are just not up to the task. The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Suggested Solutions
| Title | # Comments | Views | Activity |
|---|---|---|---|
| Address lists in Exchange 2010 Hybrid setup with 365 | 4 | 21 | |
| Intune and ActiveSync | 2 | 22 | |
| Missing Office 2016 GUI when connected via Remote Desktop | 24 | 49 | |
| Restricting message delivery to all domain users plus one external address | 12 | 35 |
This article explains how to install and use the NTBackup utility that comes with Windows Server.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
The viewer will learn how to create a slide that will launch other presentations in Microsoft PowerPoint.
In the finished slide, each item launches a new PowerPoint presentation and when each is finished it automatically comes back to this slide:
…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses
Course of the Month4 days, 16 hours left to enroll
739 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.