Andy Andy
asked on
limit mailbox access to owa for a group of internal people
Hello Team,
Please suggest,
how to configure mailboxes for a set of users to have it only allowed to be opened via OWA. No outlook access should be provided for the same for Exchange on premises
we have exchange 2013
Thanks,
andy
Please suggest,
how to configure mailboxes for a set of users to have it only allowed to be opened via OWA. No outlook access should be provided for the same for Exchange on premises
we have exchange 2013
Thanks,
andy
ASKER
thanks for reply
can you recheck the question. i want to set for certain users to access owa but not outlook
can you recheck the question. i want to set for certain users to access owa but not outlook
Hi,
You have to disable unwanted features. Keep only OWA feature enabled.
https://technet.microsoft.com/en-us/library/bb124497(v=exchg.150).aspx
https://technet.microsoft.com/en-us/library/bb676481%28v=exchg.150%29.aspx?f=255&MSPPError=-2147217396
https://technet.microsoft.com/en-us/library/bb691018(v=exchg.150).aspx
https://technet.microsoft.com/en-us/library/aa996414(v=exchg.141).aspx
You have to disable unwanted features. Keep only OWA feature enabled.
https://technet.microsoft.com/en-us/library/bb124497(v=exchg.150).aspx
https://technet.microsoft.com/en-us/library/bb676481%28v=exchg.150%29.aspx?f=255&MSPPError=-2147217396
https://technet.microsoft.com/en-us/library/bb691018(v=exchg.150).aspx
https://technet.microsoft.com/en-us/library/aa996414(v=exchg.141).aspx
Hi,
The solutions I responded with are all to disable OWA, not outlook hence the command
"-owaenabled:$false"
Each mailbox has the option of OWA enabled or disabled
The same can be done via the EAC to enable or disable Outlook Web App for individual users:
1. In the EAC, navigate to Recipients > Mailboxes.
2. In the list of user mailboxes, click the mailbox that you want to enable or disable Outlook Web App for, and then click Edit Edit icon.
3. On the mailbox properties page, click Mailbox Features.
4. Under Email Connectivity, do one of the following:
To disable Outlook Web App, under Outlook Web App: Enabled, click Disable.
To enable Outlook Web App, under Outlook Web App: Disabled, click Enable.
Click Save
As well as the powershell scripts, you can also use Outlook Web App mailbox policies as described in the following technet article:
https://technet.microsoft.com/en-us/library/dd335142(v=exchg.150).aspx
The solutions I responded with are all to disable OWA, not outlook hence the command
"-owaenabled:$false"
Each mailbox has the option of OWA enabled or disabled
The same can be done via the EAC to enable or disable Outlook Web App for individual users:
1. In the EAC, navigate to Recipients > Mailboxes.
2. In the list of user mailboxes, click the mailbox that you want to enable or disable Outlook Web App for, and then click Edit Edit icon.
3. On the mailbox properties page, click Mailbox Features.
4. Under Email Connectivity, do one of the following:
To disable Outlook Web App, under Outlook Web App: Enabled, click Disable.
To enable Outlook Web App, under Outlook Web App: Disabled, click Enable.
Click Save
As well as the powershell scripts, you can also use Outlook Web App mailbox policies as described in the following technet article:
https://technet.microsoft.com/en-us/library/dd335142(v=exchg.150).aspx
ASKER
Hello,
I dont want to disable OWA, only outlook need to be restrict .
so will mapi disable in Mapi features in EAC, will work for this request
Thanks,
Andy
I dont want to disable OWA, only outlook need to be restrict .
so will mapi disable in Mapi features in EAC, will work for this request
Thanks,
Andy
You will have to stop MAPI, POP, IMAP for outlook to stop working.
Attached reference in my previous post.
Attached reference in my previous post.
ASKER
ok i will get back to you both.. thanks
let me know more suggestions
let me know more suggestions
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
can we configure this asper policy for a certain group on mailbox provisioning ? eg if he is on a group or if he is on a a distribution list
Please suggest, if we can apply as per policy and assign to users
Please suggest, if we can apply as per policy and assign to users
ASKER
i mean to disable this mapi feature on mailboxes, can we create a policy and applied on certain group or DL
if yes , can you suggest steps for the policy creation or any article that suggesting this
if yes , can you suggest steps for the policy creation or any article that suggesting this
I don't believe there is a way to manage features based on groups or DL.
Only thing I can think of is to have a MAPI disabled Mailbox Store so you can have one for enabled MAPI users and one for disabled MAPI users so you could try this on a mailbox store you wish to disable MAPI:
Get-Mailbox | Where {$_.Database -eq "EXCHSRV\SG1\MBX1"} | Set-CASMailbox -mapienabled:$false
Only thing I can think of is to have a MAPI disabled Mailbox Store so you can have one for enabled MAPI users and one for disabled MAPI users so you could try this on a mailbox store you wish to disable MAPI:
Get-Mailbox | Where {$_.Database -eq "EXCHSRV\SG1\MBX1"} | Set-CASMailbox -mapienabled:$false
ASKER
i mean, can we create any policy in exchange and get that applied on DL or Group
for mailbox features-mapi disable, might be there is some policy ??
for mailbox features-mapi disable, might be there is some policy ??
No, I don't believe that is possible.
ASKER
i think there would be any mailbox policy to achieve this. ?
we just simply need to disable the MAPI feature through Policy and get that applied on Group
we just simply need to disable the MAPI feature through Policy and get that applied on Group
No, as I said I don't believe this is possible. However, the following article may also help with setting defaults in addition to my suggested scripts (bear in mind this is for Exchange 2010, should be the same but check for Exchange 2013):
https://www.experts-exchange.com/questions/27287937/Exchange-2010-Disable-Mailbox-Features-by-default.html
https://www.experts-exchange.com/questions/27287937/Exchange-2010-Disable-Mailbox-Features-by-default.html
ASKER
Thanks
If you need to disable OWA access to all user In your organization In one go or In bulk you can use Exchange Poweshell, here are a few examples.
To disable OWA open EMS and type:
Get-Mailbox -ResultSize unlimited |Set-CASMailbox -OWAEnabled $false
To enable it back to all users type:
Get-Mailbox -ResultSize unlimited |Set-CASMailbox -OWAEnabled $true
Or in bulk you could use something like:
Import-CSV c:\temp\users.csv | Foreach-Object
{
Write-host -NoNewLine "Disabling OWA for $_.samaccountname"
Set-CASMailbox -SamAccountName $_.samaccountname -OWAEnabled $False
}
Test the script first to ensure correct output/names using:
Import-CSV c:\temp\users.csv | Foreach-Object
{
Write-host -NoNewLine "Disabling OWA for $_.samaccountname"
}
You could also set a mailbox store with OWA disabled using and use a particular store only for enabled users:
Get-Mailbox | Where {$_.Database -eq "EXCHSRV\SG1\MBX1"} | Set-CASMailbox -owaenabled:$false
As always, test any changes on a couple of users first.