Skip to main content


Showing posts from April, 2024

Block access to Exchange Admin center from external network

This is present by some time now but people usually forget about this security necessity. You can block access to on-prem Exchange admin center by using client access policy. New-ClientAccessRule - Name "Restrict EAC Access" - Action DenyAccess - AnyOfProtocols ExchangeAdminCenter - ExceptAnyOfClientIPAddressesOrRanges - ExceptUsernameMatchesAnyOfPatterns *something* Don't expect EAC to bi invisible when you connect to it because of policy. You can still connect to it but when you log in it shows the following screen...