Enable or disable Outlook Anywhere (RPC-HTTP/MAPI-HTTP) in Exchange Server.

By MAS MVE Exchange Server, Windows Server, Active Directory, Virtu alization, Skype for Business Expert.
This article will help to do the below tasks.
1. Disable Outlook Anywhere for single mailbox.
2. Disable Outlook Anywhere for all mailboxes in the organization.
3. Enable Outlook Anywhere for single mailbox.
4. Enable Outlook Anywhere for all mailboxes in the organization.

 

Outlook Anywhere History

When Exchange 2007 released with Outlook Anywhere it was Technically called RPC over HTTP (RPC/HTTP). Till that time, we used TCP/MAPI even both internal and external(VPN). Even though Exchange 2003 supports RPC/HTTP, it was completely a full reconfiguration of RPC components and configuration of certificate etc. In short, if you configure Outlook Anywhere all the users inside and outside the network can connect to the server without using a VPN. There is also a security risk on the same configuration if a client OS is compromised or a user’s account has been compromised, then a copy can be downloaded to a PC on a remote PC.

In Exchange 2013 and higher versions, Outlook Anwhere (RPC/HTTP) is the default Protocol used to connect to the server even from an internal network. So if you disable RPC/HTTP Outlook will not connect to the server and shows disconnect. To allow internal access and block external access you should set -MAPIBlockOutlookExternalConnectivity to True.

In Exchange 2007 and higher versions, you can enable and disable Outlook Anywhere per mailbox, per database and the whole organization both internally and externally.

1. Disable Outlook Anywhere for single mailbox both internally and externally.

You can disable Outlook Anywhere on a single mailbox using the command shown below. This will disable both internal connectivity and external connectivity.

1.a What if you want to enable Outlook Anywhere internally and block Outlook Anywhere access externally. i.e. External to your the Exchange server network.?

You can achieve that with the following command.

 

2. Disable Outlook Anywhere for all mailboxes in the organization.
You can disable Outlook Anywhere for your organization by running the following command. This will disable Outlook Anywhere for all of the mailboxes in your organization.

Note: In Exchange 2013 and higher versions, this command will disable Outlook from the internal network as well.

If you wish to disable Outlook Anywhere for the internet in Exchange 2013 or higher, just clear the external hostname and keep it blank.
3. Enable Outlook Anywhere for single mailbox.

You can enable Outlook Anywhere on a single mailbox using the following command.This will enable both internal and external connectivity. 

3.a. What if you enabled Outlook Anywhere and block Outlook Anywhere access externally. I.e. External to your Exchange server network?

Outlook will work only from the internal network. To make it available from the external network for that user, you have to ensure the external block is not set to True. Run the following command to check the external block.

If it is set to True, run the following command to set the external block to False.

4. Enable Outlook Anywhere for all mailboxes in the organization.
In case you disabled Outlook Anywhere to all of the mailboxes in your organization, you can enable Outlook Anywhere for all the mailboxes by running the following command.

I hope this will help you to enable and disable Outlook Anwhere for your Exchange Organization.

Your comments are highly appreciated.
Cheers :))  MAS

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*