Hi,
Using Exchange 2010 SP2 I want to restrict EWS Access - so a specific user can only use EWS if he sends the correct user-agent.
I did it this way using PS:
Set-CASMailbox -Identity 'useraccountname' –EWSApplicationAccessPolicy: EnforceAllowList –EWSAllowList: {“the useragent string of the app”}
Unfortunately this does not work, I still am able use EWS with this account with any user-agent
Even disabling EWS all-together for this user does not work (just for testing):
Set-CASMailbox -Identity 'useraccountname' –EWSEnabled $False
I can still access EWS with EWSEditor for example.
Attached are screenshots of Get-CASMailbox and a screenshot of EWSEditor accessing EWS without a problem although EWSEnabled is set to False for the User.
Edit: For testing I also set OWAEnabled to $False and the user was instantaneously unable to acces OWA.
Any help would be greatly appreciated!
Thanks!
Philipp
Get-CASMailbox (EwsEnabled = False, so no EWS Access should be permitted)
Image may be NSFW.
Clik here to view.
Logged in with this user using EWSEditor (I am impersonating another user, but I am logging in as the user that should not be able to log in):
Image may be NSFW.
Clik here to view.
