I was asked for a list of all Exchange accounts that have OWA access enabled for an audit.  One of the findings in the report is that all of our "Room Mailboxes" have OWA Enabled = true on.  Is there any reason why this is and can this attribute safely be disabled for these types of "service accounts" ?

Our organization is very strict when it comes to who has access from outside the network.

Hi 

This is the default settings of  Exchange.

By default when we create a mailbox it enables the option to use owa for that mailbox.(no matter it is a usermailbox or room mailbox)

Even though it is going to be enabled for a room mailbox it wouldn't be accessible since the user account created would be in a disabled state . So this is not going to be an issue 

You can run this command to disable this value

Set-CASmailbox user@domain.com -owaenabled $false

Thank you, excellent explanation.  Have a great weekend!

You are most welcome :)