Solved

Exchange rights to correct all users' wrongs

Posted on 2004-04-14
7
259 Views
Last Modified: 2010-03-05
Ok I've asked a similar question but didn't get the answer that I was looking for. It occurs to me that maybe I need to ask what I really want to be able to do. Its only after reflection that I believe that I understand myself.  I want to be able to be selective about what I delete from users' email in the domain. After all some users use their email more effectively than others in an organization than others. So what does that mean? I want to be able to delete certain users emails from different folders based upon their posistion and "need to have" in the organization. whether it be "deleted" or "sent" or whatever. To do that I think I need the rights to open everyones exchange box and have truly administrative rights. Is there a way to do that? And how do I do that, Explicitly? I believe that it would mean some how using Outlook at my end to proxy into the exchange boxes, but how do I give myself the rights to enable that kind of thing with out going around to every users workstation and giving myself explicit "delegated" rights?
I need a step by step explanation because I've thought about it until my hair hurts. After all I want to be as discreet as possible and not have the end users get their feathers in a bunch over their paranoia and big brother watching.
Rob
0
Comment
Question by:fi8224
7 Comments
 
LVL 27

Accepted Solution

by:
Exchange_Admin earned 84 total points
ID: 10829992
You don't say what version of Exchange you are running.
For Exchange 5.5, if you log in as the Exchange Service Account, then you will be able to open any mailbox you want.
The Exchange Service Account is GOD. :)

For Exchange 2000 check out the following MS KB article:
http://support.microsoft.com/default.aspx?scid=kb;en-us;262054&Product=exch2k
From the above article:
If you are NOT the Administrator, or a member of the Domain Admins or Enterprise Admins groups, then you can add your account to the Exchange Services or Exchange Domain Servers groups, and you will be allowed full access to all mailboxes on servers in the domain.

Note The Exchange Services group may not exist if you have never deployed the Active Directory Connector in your organization.


For Exchange 2003 check out the following MS KB article:
http://support.microsoft.com/default.aspx?scid=kb;en-us;821897&Product=exch2003

Hope this helps.
0
 
LVL 26

Assisted Solution

by:Vahik
Vahik earned 83 total points
ID: 10830015
well rob u are the big brother in that organization and u will be doing
certain things thoug legal(make sure u get a signed letter from management
that they gave u this permission)wont like it when it is applied to u.
If u want to delete emails then u can use mailbox manager in ur recipient
policy.
If u want to have full access to mailboxes so u can do whatever u want to do
then u need full mailbox rights to the individual mailboxes or the whole
mailbox store.I will make it easy for u and tell u how to have access to whole mailbox store.
exchange system manager\mailbox store right click \properties\security
now give urself full control plus allow permissions for send as and
receive as(dont worry about deny just click allow next to it )
Now u will have full mailbox rights to all the mailboxes on that store..
if u really want noone to know once u have full mailbox rights
use owa to access their mailboxes.Good luck.
0
 
LVL 8

Expert Comment

by:ErikKvK
ID: 10831495
If you are not running Exchange 2000/2003, I advise switching. These version support mailbox management service. This basically allows you to define how old Emails must become before they will be removed and such. This would take away your maual need to enter mailboxes.
0
 
LVL 1

Author Comment

by:fi8224
ID: 10839618
Oops, forgot to mention that I'm mostly using Exchange 2000 these days though I still have some 5.5 holdouts and newer 2003 clients.
How would I login using OWA to other user accounts. Usually you have to use a user name and password. If I'm say, Administrator, how would I login as Joe Schmoe?
Rob
0
 
LVL 8

Assisted Solution

by:ErikKvK
ErikKvK earned 83 total points
ID: 10840325
In OWA if you login, logout then you should be able to supply an Alias for the mailbox you want to open.


I think that this is not the approach for the problem. You would do much better in communicating to users how to handle Email and all the outlook features. Develop a Email policy for your organization. In the long run this will resolve the problems instead of keeping them under control and in hand. This approach does not contain any measure in curing the illness, just in handling the symptoms.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question