How to Disable OWA for New Users?

Recently I with this scenario where I need to disable OWA for all the users. I can quickly solve this problem manually from ECP by doing MassEditing.

Now Come to The Problem

By default, you can see new users can easily access OWA. So can you solve this problem? I tried to find the solution on google, but I could not find the perfect solution. So I decided to work on my lab.

Solution

To solve this problem, you can follow these steps.
Note – These steps perfectly work in my lab

Step 1 – First of all, you need to create a new txt file into the directory: C:\Program Files\Microsoft\Exchange Server\V14\Bin\CmdletExtensionAgents

Step 2 – Now, I am adding code you need to past to the Text document below.

<?xml version="1.0" encoding="utf-8" ?>
<Configuration version="1.0">
 <Feature Name="MailboxProvisioning" Cmdlets="enable-mailbox">
  <ApiCall Name="OnComplete">
   if($succeeded)
    {
    $user = (Get-User $provisioningHandler.UserSpecifiedParameters["Identity"]).distinguishedName
    Set-CASMailbox $user -owaEnabled $false
    }
  </ApiCall>
 </Feature>
 <Feature Name="MailboxProvisioning" Cmdlets="new-mailbox">
  <ApiCall Name="OnComplete">
   if($succeeded)
   {
   $user = (Get-User $provisioningHandler.UserSpecifiedParameters["Name"]).distinguishedName
   Set-CASMailbox $user -owaEnabled $false
   }
  </ApiCall>
 </Feature>
</Configuration>

Step 3 – Now you need to rename the file to ScriptingAgentConfig.xml

Step 4 – The final step. Here you need to run the following Exchange shell command. Enable-CmdletExtensionAgent “Scripting Agent”

I hope its work for you.

Now let’s discuss do and don’ts while executing the above steps or a few other considerable points.

  • For new users, you can disable from this command – Set-CASMailbox -Identity xxx@domain.com -ActivesyncEnabled:$false -owaenabled:$false
  • If you are using Exchange Online, look at Client Access Rules. But I won’t recommend this because anything gets wrong, you could lock yourself out of Exchange
  • In some cases, you need to enable POP3 and IMAP enable for the new mailbox. In this case, you need to disable the script by running the following command disable-CmdletExtensionAgent “Scripting Agent.”

Conclusion

I hope you like this article, and it’s able to solve your problem. Did you enjoy this article? You may also like How To Export Users Mailbox Size from Exchange Online into CSV File?. Don’t forget to share this article.

Amit Singh

Amit Singh

I am a dynamic Tech Enthusiast, specializing in various Microsoft technologies, including Office 365, Exchange, PowerShell, and Active Directory. I loved to helped customers worldwide design, implement, migrate, and secure Exchange and Office 365 through various roles for different employers, and more recently, as an independent consultant.