Forum Discussion

Cirrus

Jan 23, 2017

EAC Restrict Access does not work for Exchange 2016 via iApp

URL: */ecp/?ExchClientVer=15 does not match URI Check: /ecp/default.aspx My testing shows that this allows external access for Admins.

application delivery

BIG-IP Access Policy Manager (APM)

iApps

Joshua_Bines_12

Cirrus

Jan 23, 2017

Disable external access to the ECP for Admins who are members of the Exchange Organization Management Security Group?

as per ms "organizations may want to restrict access to the EAC for client connections from the Internet"

https://technet.microsoft.com/en-us/library/jj218639%28v=exchg.160%29.aspx?f=255&MSPPError=-2147217396

Should BIG-IP APM restrict EAC access to members of the Exchange Organization Management Security Group? Yes, restrict EAC access by group membership

seems to me this is around the wrong way around and doesn't match anyway. or am i missing something?

So in theory this is meant to block ecp to users who might change personal details, members of groups they own or wipe their own phone which got stolen. Where as we allow admins full access to change smtp routing, any policy they want, disable access to all other admins...

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)