20 November 2012

Enabling and disabling Outlook Anywhere Per User

RPC/HTTPS was the first name when outlook anywhere access was introduced with Exchange Server 2003. Exchange 2003 did not provide a very granular control on it though. With increase in productivity it also brought a concern with it. It could allow configuring user’s mailbox on any outlook client even if the user was not supposed to do it.
Result, people could make unauthorized copies of their mailboxes on their home PCs and laptops.
Exchange 2007 SP1 and later has a great feature of disabling outlook anywhere access per user basis.

It is a very simple process of running few commands in powershell and the administrator is done with the configuration. Lets take a look:

To enable outlook anywhere for a single user:
Get-Mailbox –Identity "username" | Set-CASMailbox -MAPIBlockOutlookRpcHttp:$False

To disable outlook anywhere for a single user:
Get-Mailbox –Identity "username" | Set-CASMailbox -MAPIBlockOutlookRpcHttp:$True

To enable it for all users:
Get-Mailbox –ResultSize Unlimited | Set-CASMailbox -MAPIBlockOutlookRpcHttp:$False

To disable it for all users:
Get-Mailbox –ResultSize Unlimited | Set-CASMailbox -MAPIBlockOutlookRpcHttp:$True

To enable it for multiple users only:
  • Identify the user who need to be blocked access to Outlook Anywhere.
  • Make a list of all such user’s user accounts.
  • Put it in a simple text file as below:
User1
User2
User3
  • Now save this text file to any location you want with name Mailboxes.txt. For example D:Mailboxes.txt
  • Simply run the script below.
$Mailboxes = Get-Content D:Mailboxes.txt
Foreach ($Mailbox in $Mailboxes)
{
Set-CASMailbox -Identity $Mailbox -MAPIBlockOutlookRpcHttp:$false -Verbose
}


To disable it for multiple users only:
  • Identify the user who need to be blocked access to Outlook Anywhere.
  • Make a list of all such user’s user accounts.
  • Put it in a simple text file as below:
User1
User2
User3
  • Now save this text file to any location you want with name Mailboxes.txt. In my case it is D:Mailboxes.txt
  • Simply run the script below.
$Mailboxes = Get-Content D:Mailboxes.txt
Foreach ($Mailbox in $Mailboxes)
{
Set-CASMailbox -Identity $Mailbox -MAPIBlockOutlookRpcHttp:$true -Verbose
}


Source

No comments:

Post a Comment