Disable OWA for External Site

Similar Messages

• Restrict OWA for external access by ADFS 3.0 after business hours

  Hello Everyone all right?
  I'm trying to block access to OWA for external users except for a group of AD users that will be allowed
  I used the article https://technet.microsoft.com/en-us/library/hh526961%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396 in scenario 4, but instead of allowing the User groups it locks and the other groups are allowed.
  I have in hybrid environment office 365 with Exchange 2007 + Exchange 2103 and installed ADFS 3.0 in the organization of my customer.
  Can anyone help?
  Regards,
  Leonardo Fogaça de Almeida

  another part
  I have Office 365 too.
  Regards,
  Leonardo Almeida

• Can I disable trash for external drives?

  Hello,
  Is it possible to disable the Trash for external drives so that files from external drives are completey deleted automatically, or else moved to the trash on my internal hard drive? The problem that I am trying to solve is, for example, when I download pictures from my camera, if I want to make more space available on the camera, I have to first delete the pictures from the camera, and then empty my trash, since deleting the pictures from the camera only moves them to a hidden folder called ".Trash". I would prefer if I didn't have to empty the trash every time I wanted to free up room on my camera external hard drive.
  Thanks very much,
  Adrian
  PowerBook G4   Mac OS X (10.4.1)  

  It isn't without its risks, but another option may be to ⌘-drag the files to the hard drive, which will simulate a "move" by copying the files to the hard drive then deleting them from the external. If something goes wrong during the transfer, it may be difficult in some situations to determine which files were being copied at the time - ie. which ones were potentially corrupted. It might be ok as a cleanup procedure after the files have been imported normally, but then you end up sitting through the process of copying them to the hard drive a second time - you might as well just toss them in the "Trash". Also, if a large number of files is involved, just don't accidentally drop them on the "Desktop" because the "Finder" can't handle it. Obviously, I'm not a fan of the method, but it's there as an option...

• CF10 enterprise - how to disable cfexecute for all sites (sandbox)

  Hello,
  I have a new CF10 server which I will be using as shared hosting for my clients.
  I would like to disable the following tags and functions globally:
  TAGS
  CFCONTENT
  CFFILE
  CFDIRECTORY
  CFEXECUTE
  CFOBJECT
  CFREGISTRY
  FUNCTIONS
  GetProfileString
  SetProfileString
  CreateObject
  I know in CF10 Standard I can block these for all sites using 'resource security', this will stop these tags from running at all.
  In CF10 Enterprise I have the option to create multiple sandboxes, but is it possible to create one global sandbox for all sites?
  My directory structure looks like:
  D:\sites\site1
  D:\sites\site2
  D:\sites\site3
  Can I create a sandbox disabling the above tags and functions just for D:\sites and all subfolders?
  I have tried but it does not seem to work - I have a sandbox setup for D:\sites with the above tags and functions disabled, but using a test script I can still use cfexecute in site1 to execute netstat.
  I do not wish to create a sandbox for each site as when new sites are added I would need to manually add a sandbox each time.
  If anyone has any ideas it would be most appreciated.
  Cheers
  Luke
  ( I have asked this in a different place on the CF forums as got no response, i think because I placed it in the wrong place. Sorry if this double post upsets anyone but I need some help!)

  D:\sites\site1
  D:\sites\site2
  D:\sites\site3
  If you define the sandbox to sites folder, then the settings also apply to sub-directories (as the sub directories will inherit the property from parent).
  It is working at my end perfectly fine.
  HTH
  Thanks
  VJ

• GT70 20C Kubuntu looking for bios option to disable optimus for external monitor

  I have a GT70 20C with Kubuntu installed looking for a bios option to disable optimus for linux to support an external monitor. Linux will not detect any connected monitor with or without the latest nvidia drivers.

  optimus and onboard GPU can't be disabled,
  they are need to be able to see anything on the screen.
  only dedicated nvidia card can be turned off

• Disable OWA for account completely

  Hi,
  We have Exchange 2013 running with OWA. Our accounts have mailboxes which we sometimes (succesfully) disable for webmail. However, it is possible to simply open webmail so that it asks for your credentials. If you enter
  [email protected] and a wrong password it will simply tell you password incorrect. If you enter the correct password it will log you in but give this 'error' (which it is supposed to since webmail is disabled for this
  account): Outlook Web App is currently disabled for user domain\account.
  My problem here is that even though behaviour is as expected this seems to be vulnarable for brute force attacks and such.
  So basically my question is: is there a way to disable OWA completely for these accounts in such a way, that it won't let you notice wether or not the password is entered correctly/incorrectly. Or is there another way to somehow work around this
  making webmail more secure?
  Best regards, J 

  Hi,
  If you don't want all the people in your organization to use OWA, you can remove OWA virtual directories. If you disable OWA feature for some specific users, the expected behavior is what you described, "If you enter
  [email protected] and a wrong password it will simply tell you password incorrect. If you enter the correct password it will log you in but give this 'error'".
  Hope this can be helpful to you.
  Best regards,
  Amy Wang
  TechNet Community Support

• Revert my allowing smtp sasl for external site

  Our version is 6.3
  Previously we've set the smtp relaying from outside if they could authenticate
  the tcp_auth channel was set as follows:
  tcp_auth smtp mx single_sys mustsaslserver missingrecipientpolicy 4
  and the tcp_local like this:
  tcp_local smtp mx single_sys remotehost inner switchchannel identnonenumeric sub
  dirs 20 maxjobs 7 pool SMTP_POOL maytlsserver maysaslserver saslswitchchannel
  tcp_auth missingrecipientpolicy 0 loopcheck
  Now we want to disable smtp connection from outside (to prevent mail relaying cos someone might
  guess the password of some users) even with authentication
  I tried to change the tcp_auth
  to look like this
  tcp_auth smtp mx single_sys nosasl nosaslserver missingrecipientpolicy 4
  But this didn't work for me ( I tried from outside site to send mail using smtp authentication
  and still I was allowed)
  Could someone enlighten me on how to take off smtp auth altogether
  (I could even take off for internal site as well)
  Thanks in advance

  You don't really want to "disable smtp connection from outside", do you? That would mean not receiving any mail from outside.
  If you just want to disable SMTP authentication from the outside, then remove "maysaslserver" and "saslswitchchannel tcp_auth" from the tcp_local channel. Those are how SMTP connections coming from outside are allowed to authenticate and then switched to be coming from the tcp_auth channel instead of tcp_local.
  You probably have the same issue with the tcp_submit channel, which would normally be messages coming in on port 587. But removing those from the tcp_submit channel would also mean your local users cannot authenticate. Alternatively, you could use your firewall to block connections to port 587 from outside or accomplish similar with the PORT_ACCESS mapping table.
  But I really question the wisdom of this whole line of thought. SMTP authentication is a good thing. It improves your overall security. Of course if users have easily guessable passwords, that is a password policy issue.

• How to use SMIME in OWA for External Recipeints

  Hello,
         I am using a hybrid on premises active directory with office 365 environment with AD synced to office 365 using DIRSYNC. We are trying to achieve being able to send encrypted emails to clients using SMIME in OWA. We have
  used certutil to import certificates for some internal users which seems to let you send an encrypted email to them. However when creating a contact in AD for the external user and successfully importing the cert (you can see it in the userCertificate and
  userSMIMECertificate attribute in the object)  we are unable to email the recipient with an encrypted email as OWA cannot find the certificate. Also the internal users certificates appear in theirs entries in the GAL however the external contacts
  do not have their certificate included.
  Could someone advise me how to use OWA to send SMIME encrypted emails to external recipients. You can't add a certificate to a contact in OWA as far as I can see.
  Many Thanks
  Paul

  Hi,
  Please refer to the following article :
  http://blogs.office.com/2014/02/26/smime-encryption-now-in-office-365/
  Using S/MIME in OWA
  In OWA, users can choose different options to encrypt the message and/or digitally sign it using S/MIME.
  Hope this helps!
  Thanks.
  Niko Cheng
  TechNet Community Support

• Disable spotlight for External Drives

  I have 5 macs, and several USB and Firewire drives.  Most of these external drives are plugged into different machines from time to time.  None sit permanantly in any machine (because most of my machines are laptops).
  I'd like to prevent Spotlight from indexing my External drives.
  I know I can (after plugging in a EXT drive), use the privacy function in the Spotlight Preferences.  But with a dozen or so external drives (HDD and Thumb) on 5 machines, that's too much work each time I plug a drive into a machine.
  I read that the existence of a ".metadata_never_index" file prevents Spotlight indexing.  I assume this works, but it's hard to tell for sure, because the moment I plug a drive in, my machine seems to start indexing faster than I can create this file.  So I wind up with a .Spotlight-V100 directory.  I was hoping that OSX would delete this for me after I set Privacy or add the ".metadata_never_index" file.  But it does not.   It may be that I have to delete it manually (probably because Privacy is a COMPUTER setting (not on HDD setting).
  QUESTIONS:
  Does the ".metadata_never_index" file supported by OSX (Mavericks and MtnLion).
  Can I delete the .Spotlight-V100 directory in my EXT Drives, without the risk of causing a problem?
  If I put a ".metadata_never_index" file in /Volume, will it effectively prevent indexing on any mounted drive, without affecting the Macintosh HD indexing?
  Is there an non-invisible equivilent to ".metadata_never_index"  (so it's more obvious when indexing is turned off).

  Glad you found that helpful.
  The Privacy listing for a given external only disappears when the external isn't attached; it reappears when it is attached so either a local record of "Don't Index" is only shown as necessary or, more likely, that record is on the external and is read as part of the mounting process when it's connected. While the process of putting each external on each Mac's Privacy list is a pain, it should only be necessary to do it once. Whether the Don't Index flag is Mac specific, so that Mac 1 doesn't want that external indexed but Mac 2 does, is another question.
  I do think the Don't Index flag or file is separate from the partition's logical name because, when I erase the partition in preparation for a new backup clone, I don't change the name of the partition, and the name of the device to be cloned doesn't change either. Rather, it may simply be a Spotlight related file that gets erased along with everything else.
  Fortunately, I don't have to worry about Spotlight; apart from the Privacy listing, I have all of the Search Results options unchecked, so there's very little to index on the boot partition. Spotlight can't be turned off altogether though because it interacts with the App Store regarding purchases and downloads. For finding things, I use EasyFind, which, while not able to find content in documents, looks inside of everything else, including Packages and hidden System files, and does it on demand without having to index anything. Another advantage of that is, by not tinkering with OS files, including those associated with Spotlight under the hood, when a new OS changes how things work, there's less risk of a deeply hidden self inflicted bug.

• Workflow for External Site Visitor?

  I am trying to find out what workflow is used when someone visits the external website AND starts their application process. I am not able to locate the correct workflow.
  Thanks, Al

  Unlike SSHR, iRecruitment does not use workflow for all of its transactions. Specifically, iRecruitment uses workflow for the following transactions:
  * Offers (sending, holding and applicant responses) - IRCOFFERWF
  * Vacancies (new and edit) - IRCWF
  * Ex-employee registration (IRCREGWF)
  I don't think iRecruitment has a workflow for internal or external applicants starting the application process, although I think there is a OTA workflow for any applicants that complete an Assessment during their application process.

• Get users using OWA for devices

  I would like to disable OWA for devices for all users except those currently using the OWA for iPhone/iPad app.  Is there a PowerShell cmdlet available to grab mailboxes that have OWA for devices accessing them?  I've been looking at get-activesyncdevices
  but this only returns actual devices using activesync.  I haven't seen how to pull the OWA for devices objects with PowerShell.  They are visible in EAC when viewing details under Mobile Devices, but that's not very helpful for the number of users
  would have to look through. 
  Exchange 2013 CU1 Enterprise

  I found it, I was looking for Get-MobileDevice. 

• Configure a sharepoint 2013 site for external and internal access

  I need to configure a local install of sharepoint 2013 so that users can access it internally and externally using windows/AD authentication. The internal and external addresses are different.
  I have bound an external ip to the domain for external access.
  I have created Alternate Access mapping, and bound the host header but I get a file not found message for external access.
  Have I missed something here? why the error and how can it be fixed. Step by step process would be appreciated.

  Hi Luis,
  According to your description, my understanding is that the error occurred when accessing the site externally.
  The most common cause for this is that the IIS host header is configured incorrectly. The 404 will appear because we are hitting a different IIS web site and not the one we are intended to.
  Here is a similar issue for you to take a look:
  http://stackoverflow.com/questions/14953322/sharepoint-2013-404-not-found-while-accessing-site-collection-from-outside
  More references:
  http://technet.microsoft.com/en-us/library/cc261814(v=office.15).aspx
  http://technet.microsoft.com/en-us/library/cc263208(v=office.15).aspx
  Best regards.
  Thanks
  Victoria Xia
  TechNet Community Support

• HW acceleration (direct2d) causes problems for my site , is there a script to disable it automatically?

  direct2d acceleration on FF4 causes really bad font rendering problems for my site.
  Text goes on to of each other and behind pictures making it impossible to read for some parts. Disabling HW acceleration fixes the problem. Is there a script that I could use to disable it automatically for my site?

  In fact updating my graphics was the cause of the problem. With the old drivers there were no problems. It depends on the system. So far I've tested on 6 Windows PC's. on 2 of them it worked fine. My site should be 100% W3C compliant. It works fine on 3.6, Chrome, IE and Opera

• How to disable PDF.js built in viewer for my site

  On my site PDF files are used for printing purposes. Starting with v19 visitors start start to claim that this functionality is not working any more. The cause of this is the new built in PDF viewer. It doesn't open print dialog after pdf file download if the the file is built to doing this. Also I’ve found that the quality of printing via the built in viewer is unacceptable. The content is distorted by the JPEG compression and additional headers and footers are present on the page. So for my site built in PDF viewer should be disabled at all. I've found no way to do this at the site level. I think that the instructions for disabling the new feature is too complex for ordinary users and it easier to ask them to use another browser.
  I think that should be an option at the site level to disable the built in PDF viewer. At least this option should force the browser to ask the user that for working properly with this site the built in PDF viewer should be disabled. And if user choose to disable it this should be done in one click.

  @john99,
  FF19 ignores your "Application preferences", described in [[https://support.mozilla.org/en-US/kb/change-firefox-behavior-when-open-file]]
  and
  [[https://support.mozilla.org/en-US/kb/view-pdf-files-firefox-without-downloading-them]]
  as long as pdf.js is enabled. This is counter-intuitive and user-unfriendly. One shouldn't have to override settings (disable pdf.js) in about:config for an option configurable in the regular GUI to work as expected.

• How to Restrict Search based on the Roles for External crawled sites

  I have a situation where the search results have to be restricted based on role
  When External sites are crawled, how can we restrict the search results based on roles,
  I know that we can restrict the search to a group or set of groups that can contain many users but if the group have different roles and if that group has given access to a web repository search, how can we restrict the document/search access based on roles for the same group?
  For Example an Index that has external site as data source and the permissions were set for a group and that group has 2 roles, lets say <b>"Admin" and "user"</b> and the external site have some documents when searched the documents should come up only for the "Admin" role during search, but should not come up for the "user" role
  Is it possible to achieve this? Is there a solution?
  Any advices are greatly appreciated and awarded
  Thanks,
  kk

  Is it possible to restrict on role based?
  Any suggestions are appreciated
  Thanks
  KK