Article ID: 2835562 - View products that this article applies to.
You try to block users from accessing their mailboxes by disabling access to Outlook Web App in an on-premises Microsoft Exchange Server environment. For example, you use the Exchange Admin Center to disable Outlook Web App. Or, you run the following Exchange PowerShell cmdlet:
You expect the user to receive the following message when he or she tries to access his or her mailbox through Outlook Web App:
Set-CASMailbox <Identity> -OWAEnabled $False
However, currently, this setting isn't effective, and users can still access Outlook Web App. It's best to find an alternative method for limiting access to a user's mailbox.
Install Cumulative Update 2 (CU2) for Exchange Server 2013 in the on-premises Exchange Server environment. For more info about CU2 for Exchange 2013, see the following Microsoft Knowledge Base article:
(http://support.microsoft.com/kb/2859928/ )Description of Cumulative Update 2 for Exchange Server 2013
To work around this issue, use Active Directory Users and Computers to disable mailbox access by removing the user’s ability to log on to the Active Directory environment. To do this, follow these steps:
A common method to block a user's access to mailboxes is to disable the connection protocols, such as Outlook Web App, for that user. For example, administrators may want to do this in scenarios in which you want the user to have access to Exchange ActiveSync but not Outlook Web App.