Disable Access to Service (protocol ) by using PowerShell | Office 365 5/5 (2) 11 min read

In the current article, we review of to use the PowerShell cmdletsSet-CASMailbox that is used for disabling (or enable) access to specific types of mail client or mail client that uses a specific protocol to Exchange mailboxes.

PowerShell | Help & additional information

Running PowerShell commands in Office 365 based environment
To be able to run the PowerShell commands specified in the current article, you will need to create a remote PowerShell with Azure Active Directory or Exchange Online. In case that you need help with the process of creating a Remote PowerShell session, you can use the links on the bottom of the Article.

One of the most conspicuous advantages of Exchange server is, his ability to “expose” the Exchange mailbox to a various type mail client and to various mail protocols.

By default, Exchange server is configured to allow Exchange clients to use all the available mail protocols using all the supported mail clients.

In some scenarios, we as Exchange Administrator, need to “prevent” Exchange client from using a specific protocol or a specific mail client.

For example, in a scenario in which our client experiences strange problems such as mail that disappear or other problems.
To be able to locate the specific mail client that is causing this problem, we can implement a troubleshooting method in which we disable all the available mail protocol beside one protocol such as – OWA mail client, and then verify if the problem still occurs.
The rest of the process is implemented by enabling each time additional mail client until we locate the not functioning or problematic mail client.

The following table includes a summary of the mail protocol and mail client that we review in the current article:

Web Base Based client
Disable OWA clients access-OWAEnabled $False
Mobile Based mail client
Disable ActiveSync mail client access to Exchange mailbox-ActiveSyncEnabled $False
Disable OWA for mobile device mail client access to Exchange mailbox-OWAforDevicesEnabled $False
Outlook mail client
Disable Outlook mail client access to Exchange mailbox-MAPIEnabled $False
Disable Outlook mail client access to Exchange WEB services (EWS)-EwsAllowOutlook $False
Exchange Web Services client
Disable ALL mail client access to Exchange WEB services (EWS)-EwsEnabled $False
“Internet” mail clients – POP3 and IMAP4
Disable POP3 mail client access to Exchange mailbox-PopEnabled $False
Disable IMAP4 mail client access to Exchange mailbox-ImapEnabled $False
Exchange MAC client
Disable Microsoft Entourage mail client access to Exchange mailbox-EwsAllowEntourage $False
Disable MicrosoftOutlook for Mac mail client access to Exchange mailbox-EwsAllowMacOutlook $False
Disable Access to Remote PowerShell
Disable Exchange client access to Exchange using Remote PowerShell-RemotePowerShellEnabled $False

Note – I have added a reference to a scenario in which we want to disable the option of Exchange client to create a Remote PowerShell session.

Disable Exchange recipient mailbox access | Various protocols and mail clients

Disable OWA clients access to Exchange mailbox

The OWAEnabled parameter enables or disables access to the mailbox by using Outlook on the web. The default value is $True.

To disable Exchange Online recipient access to OWA protocol, we set the OWAEnabled value to $False

Disable OWA clients access to Exchange mailbox | Single mailbox

PowerShell command syntax

PowerShell command Example

Disable OWA clients access to Exchange mailbox | Bulk – All Exchange recipient with mailbox except Exchange Administrator

PowerShell command Example

Disable to ActiveSync (Mobile client) clients access to Exchange mailbox

The ActiveSyncEnabled parameter enables or disables Exchange ActiveSync for the mailbox.
The default value is $True.

To disable Exchange Online recipient access to ActiveSync protocol, we set the ActiveSyncEnabled value to $False

Disable ActiveSync (Mobile client) access to Exchange mailbox | Single mailbox

PowerShell command syntax

PowerShell command Example

Disable ActiveSync (Mobile client) access to Exchange mailbox | Bulk – All Exchange recipient with mailbox except Exchange Administrator

PowerShell command Example

Disable Outlook clients (MAPI clients) access to Exchange mailbox

The MAPIEnabled parameter enables or disables access to the mailbox by using MAPI clients (for example, MicrosoftOutlook). The default value is $True.

To disable Outlook (MAPI clients) protocol, we set the MAPIEnabled value to $False

Disable Outlook clients (MAPI client) access to Exchange mailbox | Single mailbox

PowerShell command syntax

PowerShell command Example

Disable Outlook clients (MAPI client) access to Exchange mailbox | Bulk – All Exchange recipient with mailbox except Exchange Administrator

PowerShell command Example

Disable Exchange Web Services clients access to Exchange mailbox

The EwsEnabled parameter enables or disables access to the mailbox by using Exchange Web Services clients. The default value is $True.

To disable Exchange Web Services clients protocol, we set the EwsEnabled value to $False

Disable Exchange Web Services client access to Exchange mailbox | Single mailbox

PowerShell command syntax

PowerShell command Example

Disable Exchange Web Services client access to Exchange mailbox | Bulk – All Exchange recipient with mailbox except Exchange Administrator

PowerShell command Example

Disable POP3 clients access to Exchange mailbox

The PopEnabled parameter enables or disables access to the mailbox by using POP3 clients. The default value is $True.

To disable Exchange Online recipient access to POP3 protocol, we set the PopEnabled value to $False

Disable POP3 client access to Exchange mailbox | Single mailbox

PowerShell command syntax

PowerShell command Example

Disable POP3 client access to Exchange mailbox | Bulk – All Exchange recipient with mailbox except Exchange Administrator

PowerShell command Example

Disable IMAP4 clients access to Exchange mailbox

The ImapEnabled parameter enables or disables access to the mailbox by using IMAP4 clients. The default value is $True.

To disable Exchange Online recipient access to IMAP4 protocol, we set the ImapEnabled value to $False

Disable IMAP4 client access to Exchange mailbox | Single mailbox

PowerShell command syntax

PowerShell command Example

Disable IMAP4 client access to Exchange mailbox | Bulk – All Exchange recipient with mailbox except Exchange Administrator

PowerShell command Example

Disable Microsoft Outlook client EWS access to Exchange mailbox

The EwsAllowOutlook parameter enables or disables access to the mailbox by MicrosoftOutlook clients that use Exchange Web Services. Outlook uses Exchange Web Services for free/busy, out-of-office settings, and calendar sharing.

The default value is $True.

To disable Exchange Microsoft Outlook client EWS access, we set the EwsAllowOutlook value to $False

Disable Microsoft Outlook client EWS access to Exchange mailbox | Single mailbox

PowerShell command syntax

PowerShell command Example

Disable Microsoft Outlook client EWS access to Exchange mailbox | Bulk – All Exchange recipient with mailbox except Exchange Administrator

PowerShell command Example

Disable Microsoft Entourage clients (Mac client) access to Exchange mailbox

The EwsAllowEntourage parameter enables or disables access to the mailbox by Microsoft Entourage clients that use Exchange Web Services (for example, Entourage 2008 for Mac, Web Services Edition).

The default value is $True.

To disable Exchange Online Mac recipient access to Entourage protocol, we set the EwsAllowEntourage value to $False

Disable Microsoft Entourage clients (Mac client) client access to Exchange mailbox | Single mailbox

PowerShell command syntax

PowerShell command Example

Disable Microsoft Entourage clients (Mac client) client access to Exchange mailbox | Bulk – All Exchange recipient with mailbox except Exchange Administrator

PowerShell command Example

Disable MicrosoftOutlook for Mac clients access to Exchange mailbox

The EwsAllowMacOutlook parameter enables or disables access to the mailbox by MicrosoftOutlook for Mac clients that use Exchange Web Services (for example, Outlook for Mac 2011 or later). The default value is $True.

To disable Exchange Online Mac recipient access Microsoft Outlook for Mac protocol, we set the EwsAllowMacOutlook value to $False

Disable MicrosoftOutlook for Mac client access to Exchange mailbox | Single mailbox

PowerShell command syntax

PowerShell command Example

Disable MicrosoftOutlook for Mac client access to Exchange mailbox | Bulk – All Exchange recipient with mailbox except Exchange Administrator

PowerShell command Example

Disable OWA for mobile device clients access to Exchange mailbox

The OWAforDevicesEnabled parameter enables or disables access to the mailbox by using Outlook on the web for devices. The default value is $True.

To disable Exchange Online recipient access to Outlook on the web for devices protocol, we set the OWAforDevicesEnabled value to $False

Disable OWA for mobile device client access to Exchange mailbox | Single mailbox

PowerShell command syntax

PowerShell command Example

Disable OWA for mobile device client access to Exchange mailbox | Bulk – All Exchange recipient with mailbox except Exchange Administrator

PowerShell command Example

Disable Access to Remote PowerShell

The RemotePowerShellEnabled parameter enables or disables access to Exchange Online using Remote PowerShell session. The default value is $True.

To disable Remote PowerShell, we set the RemotePowerShellEnabled value to $False

Display information about mailbox access protocols

View the standard access protocol settings | Single mailbox

PowerShell command syntax

PowerShell command Example

View the MAC client access protocol settings | Single mailbox

PowerShell command syntax

PowerShell command Example

View Remote PowerShell access settings | Single mailbox

PowerShell command syntax

PowerShell command Example

View (display) information about standard access protocol settings | All Exchange USERS mailboxes

PowerShell command Example

View (display) about standard access protocol settings | All Exchange USERS mailboxes

PowerShell command Example

View (display) information about Exchange recipient which their OWA access is Disabled

PowerShell command Example

View (display) information about Exchange recipient which their ActiveSync access is Disabled

PowerShell command Example

View (display) information about Exchange recipient which their Outlook (MAPI) access is Disabled

PowerShell command Example



Disable Access to Service (protocol ) by using PowerShell

PowerShell menu script that will help you to Disable or Enable mail access protocols such as -OWA, Outlook AnyWhere, ActiveSync and more for a single Exchange Online mailbox.

You can read more detailed information about the PowerShell commands that are used in the script in the article: Disable Access to Service by using  PowerShell

Disable Access to a service (Protocol) using PowerShell


Getting started with Office 365 PowerShell

PowerShell Naming Conventions & general information
Get more information about the Naming Conventions that are used in the PowerShell articles – Help and additional information – o365info.com PowerShell articles
Creating a remote PowerShell session to Exchange Online 
To get more information about the required remote PowerShell commands that you need to use for connecting to Exchange Online, read the following article:
Connect to Exchange Online by using Remote PowerShell
Creating a remote PowerShell session to Azure Active Directory
To get more information about the required software component + the remote PowerShell commands that you need to use for connecting Azure Active Directory, read the following article: Part 2: Connect to Office 365 by using Remote PowerShell
Basic introduction to PowerShell in Office 365 based environment
If you are new in the PowerShell world, you can read more information about how to start working with PowerShell in Office 365 based environment in the following article series:  Getting started with Office 365 PowerShell – Part 1, Part 2, Part 3.
Running and using o365info PowerShell scripts
In case that you need more information about how to use the o365info PowerShell scripts that I add to the PowerShell articles, you can read the article – How to run and use o365info PowerShell menu script

Now it’s Your Turn!
It is important for us to know your opinion on this article

PowerShell command syntax – Office 365 | Article series index

Summary
Disable Access to Service (protocol ) by using PowerShell | Office 365
Article Name
Disable Access to Service (protocol ) by using PowerShell | Office 365
Description
In the current article, we will review how to use the PowerShell commands for disabling a specific access protocol in Exchange Online environment.
Author
Publisher Name
o365info.com
Publisher Logo

Related Post

Please rate this

Eyal Doron on EmailEyal Doron on FacebookEyal Doron on GoogleEyal Doron on LinkedinEyal Doron on PinterestEyal Doron on RssEyal Doron on TwitterEyal Doron on WordpressEyal Doron on Youtube
Eyal Doron
Share your knowledge.
It’s a way to achieve immortality.
Dalai Lama

2 Responses to “Disable Access to Service (protocol ) by using PowerShell | Office 365”

Leave a Reply

Your email address will not be published. Required fields are marked *