RE: RPC over HTTPS

Thu, 07 Feb 2008 03:03:28 -0800 

Alternatively, implement RMS or similar to protect the actual messages, rather 
trying to arbitrate the machines that connect.

Cheers
Ken

From: Thomas W Shinder [mailto:[EMAIL PROTECTED]
Sent: Thursday, 7 February 2008 4:07 PM
To: NT System Admin Issues
Subject: RE: RPC over HTTPS


Of course you can control this.
IAG.

From: Michael B. Smith [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 06, 2008 7:36 PM
To: NT System Admin Issues
Subject: RE: RPC over HTTPS


It is a valid concern, and no - I'm not aware of any way to prevent it on a 
machine-by-machine basis.

Regards,

Michael B. Smith
MCSE/Exchange MVP
http://TheEssentialExchange.com

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 06, 2008 7:53 PM
To: NT System Admin Issues
Subject: RPC over HTTPS



We are getting ready to roll out RPC over HTTPS for email. For quite awhile we 
have had most of our users internal to the company and have just used the 
Outlook client to access Exchange natively. As we have brought remote offices 
online the VPN tunnels enabled similar access. Then we had a few roaming users 
that we gave VPN access to for their email. And of course everyone has OWA for 
access from home, and ActiveSync for access from their mobile devices.

There is one overwhelming concern we have with enabling RPC over HTTPS though, 
and I am wondering if anyone has any commentary on this, or suggestions. By 
allowing RPC over HTTPS we are enabling our staff to download all of their 
company email on a machine which may or may not be within our control. Sure, 
with OWA they can access their email from home and selectively grab a message 
here and there, but with RPC over HTTPS they can grab an entire mailbox and do 
whatever they want with it. This is definitely one of those areas that could 
come back to haunt us later.

For the short term we would only set it up on company laptops of course, 
however there is nothing stopping someone from copying those settings to their 
own personal machine. Or is there? Is there any solution that can be 
implemented so we control which computers can access our Exchange over RPC?

Thanks,
Jeff






























































~ Upgrade to Next Generation Antispam/Antivirus with Ninja!    ~
~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm>  ~

Reply via email to