Outlook anywhere - Restricting Personal laptops and devices

alabkrishnan
alabkrishnan used Ask the Experts™
on
Hello Experts,

My requirement is to restrict Outlook anywhere(OA) from Personal PC's. we have Exchange 2010 SP3. As of now we haven'r published the OA to internet.
Questions:
1. How to we restrict (by native or any Third party solution) personal PC's or any other devices.
2. If we can restrict only to Domain joined PC's, how we can achieve it?
Any suggestions are appreciated
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
View Solution Only
Commented:
You don't mention your versions.

You should look at the ADFS / WAP / Device Registration / Workplace join solution included in Server 2012R2.

This allows you to identify devices, and tailor access based on multiple factors.

This article explains how it works for Office365, but it is the same principal for your own domain
https://technet.microsoft.com/en-us/library/hh526961(v=ws.10).aspx

Here is one on how to restrict to an OU
http://stackoverflow.com/questions/15352332/restricting-adfs-2-0-to-use-a-specific-ou-instead-of-domain-level-access

These use ADFS 2.0, It is all easier with ADFS 3.0
alabkrishnan

Author

Commented:
Thank you for the valuable suggestions.
Windows 2008 R2. Exchange version as 2010 SP3 RU7 Enterprise. All are multi role servers.
Carol Chisholm

Commented:
You should be OK with that.

https://en.wikipedia.org/wiki/Active_Directory_Federation_Services

But you should look for a Microsoft partner to help you, it will save you a lot of time.
alabkrishnan

Author

Commented:
Thanks for sharing the information!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial