Exchange 2007 is pretty nice. They made Outlook Anywhere (RPC over HTTPS) pretty darn easy to setup – assuming you have an SSL certificate. Unfortunately (or fortunately depending on how you look at things) a lot of the commands must be performed using the command line PowerShell application. Good thing the PowerShell and Exchange 2007 allows for more granular permissions with Outlook Anywhere.
One such command is to allow/disallow Outlook Anywhere per user. By default Exchange allows all authenticated users to connect via Outlook Anywhere. There’s no nice way using the GUI to disable access – like there is for POP3/IMAP/MAPI/etc – so you’ll have to fire up the PowerShell.
Want to check the current settings of your user?
get-mailbox USERNAME | get-casmailbox | fl
That will fully list the CAS settings for that mailbox. Look under MAPIBLOCKOUTLOOKRPCHTTP. It’s probably set to “false”. If you want to block that user from accessing Outlook Anywhere:
get-mailbox USERNAME | set-casmailbox -mapiblockoutlookrpchttp $true
That’s it.