Restrict Recover Deleted Items from Users

Help!  Quick!

   I'm running Exchange Server 5.5 on NT 4.0 and we use Outlooki 2000 for user access to email.  I need to restrict the users from purging & recovering their deleted items and I want to only make this feature available to their department supervisor or to the network administrators.  So far the only way I can recover deleted items is if I am signed on as that user.
    The current situation involves an abuse of system priviledges by an employee so I need an answer ASAP!

    Your help is greatly appreciated!!!!

Regards,
   MindSailor
MindSailorAsked:
Who is Participating?
 
jhanaCommented:
No matter what you will have to log on directly to the user's mailbox. But, you can do it under your network log on. You need to give yourself the "Mailbox Owner" right at the site container level on the Exch. server. With that set all you need do is create a new mail profile on your client computer for a given user and log on using that profile. I have my Outlook set to prompt for a profile name. Alternately you can create a shortcut using the profile/ command line switch.

Good luck,
Jhana
0
 
slink9Commented:
As far as recovering deleted items goes, you can set the deleted item recovery time on your Exchange Server to 0 and then whatever is deleted is gone for good.
I don't know that you can restrict the deleted items on Outlook2000.
0
 
MindSailorAuthor Commented:
  My deleted item recovery time is set to 180 days.  I WANT to be able to recover deleted items.  But as the systems administrator, I want to be able to recover deleted items from any user's mailbox without having to sign on to the system with that user's USERID and PASSWORD.  I also want to be able to assign this task to each user's department supervisor.

Regards,
   MindSailor
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
slink9Commented:
I don't know how you can do this.  Maybe someone else can help you out on that.
0
 
jhanaCommented:
P.S. you can do this for the supervisor's by adding the rights to an individual's mailbox.

The above only addresses the part about wanting access, not about restricting access. I am not aware of any way to do that directly. However if your issue is that user(s) are permanently deleting emails they should not you may want to consider implementing journaling on the Exch. server.

In my organization we had some abuse going on and the solution for us was to publish a company policy that email would be monitored & enable message journaling at the site level (you can do it per recipient if preferred) for both in and outbound email.

Journaling gives you the ability to route copies of emails to another container. Say you have a particular user a supervisor wants to monitor... you can enable message journaling for that specific recipient only and a copy of all in & outbound emails to/from that user will be dropped into the mailbox you specify.

At our company we have everything dump into a single mailbox and an individual was assigned the job of reviewing these emails. Whenever an issue arises the email in question is brought to the attention of the supervisor.

Hope this helps...
-Jhana
0
 
hstilesCommented:
It might be better fro you to investigate an e-mail archival solution like EAS.  This would allow you to move mail items from your mailstore to a seperate database and, where necessary restrict delete/recover rights to a subset of administrators.  EAS also includes updates to Outlook that enable you to observe or manage archived mail items from your mail client.

http://www.pythagoras.co.uk/eas_eas.htm
0
 
MindSailorAuthor Commented:
  I have accepted jhana's comment above as the answer.  I set up the admin as the mailbox owner and created profiles on the outlook client for each individual that needs to be monitored.  
   I have also implemented journaling...something that I have been meaning to do for several months anyway.  I plan on archiving all the mail from the journaling account to CD on a monthly basis by exporting to a PST file.
   As far a preventing the user from permanently deleting the items from the server I have not found a solution as of yet.  I think I may be able to do this using system policies or possibly by using something in the O2K resource kit.  I will investigate further.

MindSailor
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.