Note: Settings enabled/configured at the organization level are overridden by those at the mailbox level. The two commands used: set-organizationconfig Thankfully Microsoft heard the feedback loud and clear, and beginning with Exchange 2010 SP1, this is highly manageable via new block and allow settings and lists that can be applied at an organizational or mailbox level! Your solution with Exchange 2007 - not much, other than block it completely at the firewall with TMG or ASA or something that could look for the path in the URL. With that in mind, it quickly became obvious that this access was hard to control and manage, as most of the endpoints received no policy whatsoever from the Enterprise AD or Exchange server. At least the later versions of Blackberry used EWS, instead of their older versions which actually performed a type of screen-scraping of the OWA GUI. Some of the most common examples are Microsoft's horrendous Entourage client for the Mac, which was followed by Apple's conversion to use EWS in the Apple Mail client baked into OSX 10.6+ (Mountain Lion), and also by Blackberry OS via the "Outlook Web Access" option. At the same time, at Microsoft's recommendation, third parties were encouraged to perform all of their Exchange activities using these web services. Unfortunately, when they created the magical black box that is EWS, they also didn't give much in the way of Administrator documentation or good ways to control this within Exchange itself. With that - Exchange Web Services (EWS) was born. In doing so, most of the new components were re-written to take advantage of standard web-based protocols which were much easier to support and get through firewalls and the like. Beginning with Exchange 2007, Microsoft slowly started segregating all of these components to a new more segmented and supportable architecture. This included access for all email, calender, free/busy (availability), address books, etc. Originally all Microsoft "Corporate" email clients - Outlook primarily - used the MAPI protocol for all access to Exchange. A common request we get from customers it how they can block many problematic or unauthorized (and uncontrolled) email clients connecting to their Exchange servers via Exchange Web Services.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |