Prevent users from accessing EAC

Hey Team

How do I prevent standard user accounts from logging onto https://mail.server.com/ecp ? I realize they cant do much but still is there a way to prevent them from accessing ECP from any location?

Thanks,

August 26th, 2015 9:51pm

Hi Robert,

You can do this with Set-CASMailbox cmdlet for individual users...

Set-CASMailbox UserName -ECPEnabled $false

Free Windows Admin Tool Kit Click here and download it now
August 26th, 2015 10:25pm

This commnand will disable EAC,

Set-EcpVirtualDirectory -AdminEnabled $false

Take note that administrator cannot access EAC on that CAS either. If you need it, you have to setup another CAS which is not accessible from user network. Probably block it using firewall rule.

https://technet.microsoft.com/en-us/library/jj218639(v=exchg.150).aspx

August 26th, 2015 10:29pm

Amit thanks for the response.

If I set ECP enable to false wont it also block the user from accessing their own ECP settings inside OWA?

Thanks,

Free Windows Admin Tool Kit Click here and download it now
August 26th, 2015 10:31pm

Nope. OWA options still work as per normal.

If you look at the parameter, it's -AdminEnabled not -EcpEnabled.

August 26th, 2015 10:46pm
Hi,

The ECPEnabled parameter under set-CASMailbox cmdlet enables or disables access to the Exchange admin center (EAC) for the specified user. But my test result told me that this command will also block user OWA options.

You can try what Li Zhen said.

Best Regards.
Free Windows Admin Tool Kit Click here and download it now
August 27th, 2015 10:01pm
Hi,

The ECPEnabled parameter under set-CASMailbox cmdlet enables or disables access to the Exchange admin center (EAC) for the specified user. But my test result told me that this command will also block user OWA options.

You can try what Li Zhen said.

Bes
August 27th, 2015 10:12pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics