Applies to: Exchange Server 2013

Topic Last Modified: 2013-02-20

For security purposes, some organizations may want to restrict access to the Exchange admin center (EAC) for users coming from the Internet. This procedure shows you how to turn off access to the EAC. This procedure doesn’t prevent users from accessing the Options in Outlook Web App.

The procedure applies only to on-premises deployments of Exchange Server 2013.

What do you need to know before you begin?

  • Estimated time to complete: 5 minutes.

  • You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the "Exchange admin center connectivity" entry in the Exchange and Shell Infrastructure Permissions topic.

  • You can’t use the EAC to perform this procedure. You must use the Shell.

  • For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard Shortcuts in the Exchange Admin Center.

Having problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection

Use the Shell to turn off Internet access to the EAC

This example turns off the access to the EAC on server CAS01.

Copy Code
Set-ECPVirtualDirectory -Identity "CAS01\ecp (default web site)" -AdminEnabled $false

For detailed syntax and parameter information, see Set-EcpVirtualDirectory.

How do you know this worked?

To verify that you have successfully turned off access to the EAC, do the following:

  1. Using your Internet browser, type your organization’s internal or external URL for accessing Outlook Web App but replace the /owa identifier with /ecp. For example, if your external URL for accessing Outlook Web App is, use

  2. If access is turned off, you’ll receive a 404 – website not found error.