Solved

Deny delete permission in Exchange Server 2003 Outlook 2003

Posted on 2004-09-02
10
1,291 Views
Last Modified: 2008-01-09
I need a way to prohibit a user from deleting items from their deleted items in outlook.  We had someone leave yesterday who deleted his entire sent items then deleted it from deleted items.  The exchange server is backed up daily so the backed up version has everything deleted too. I have the exchange server set to save deleted items for 7 days, but this can be purged from outlook as well.  Bottom line is that I do not want users to be able to delete all records of an email.
0
Comment
Question by:SpreadTheWord
  • 4
  • 4
  • 2
10 Comments
 
LVL 11

Expert Comment

by:infotrader
ID: 11966744
Chances are you can still recover the deleted items.  I followed the instructions on the following link, and it helped me recovered all of my deleted files:

http://support.microsoft.com/default.aspx?scid=kb;en-us;246153&Product=ol2002

The user doesn't have to move the message to the deleted folders to permanently delete the message.  If you high-light it and press shift-delete, it will bypass the deleted items folder.

- Info
0
 
LVL 104

Expert Comment

by:Sembee
ID: 11967068
You cannot stop someone from clearing their own deleted items folder. By default Outlook allows the user full control of their own folders.
Follow the procedure that "infotrader" above has outlined.
You can block access "To recover deleted items" menu via Group Policy. I tend to hide it for all but the network admins so that we can magically recover email messages for the users (make them wait a couple of hours, huff and puff about it being a complex procedure and if they are of the opposite sex and good looking use it as an excuse to chat them up).

If the user was savvy enought to flush it out of DIR as well, then you will need to build a recovery server and install another copy of Exchange to restore from backups. There is a very good white paper from Microsoft which I usually follow when I need to do this.

Simon.
0
 

Author Comment

by:SpreadTheWord
ID: 11967167
OK - but even from backups - if they send an email and immeadiatly delete and purge it - it will not be found on a backup.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 11

Expert Comment

by:infotrader
ID: 11967192
yes... but it will still be recovered if you follow the instruction I've given you.

- Info
0
 

Author Comment

by:SpreadTheWord
ID: 11967381
I understand - I am not trying to recover this set of emails - I just don't want this to be a problem later. We need to retain documentation for three years. If for example someone deleted something 2 years ago that I want to see that won't work.  It wouldn't make sense to set the deleted item retention to 1095 days would it?
0
 
LVL 11

Expert Comment

by:infotrader
ID: 11967460
The solution is good backup strategy.  That's why it's called retention.  You should always backup different sets of backups for this particular purpose.  For example, make a backup and store it in a different location, or rotate your backup media.

Here's what I do when I don't have money to keep up the retention requirement:

1.  Work closely with HR for possible layoffs/firing, then backup their data PRIOR to announcement

2.  Confisticate their equipment if necessary

3.  All you need is probably retention period of 1 week. Even in your case the user deletes his email, you'll know in 1 day and should still be able to recover the data.  

4.  Backup their exchange data to PST using Exmerge, burn it to CD or DVD and mark it... Move it to a safe or something until your retention period expires.

This does not just cover data security/retention for Exchange, but to all business data and applications.

- Info
0
 

Author Comment

by:SpreadTheWord
ID: 11967574
I am sorry this has gone back and forth so much - but the problem remains.  Say a person sends an email to ABC@ABC.com and deletes it directly afterward. Months go by and for some reason or another I need all records of emails sent to ABC@ABC.com in the last 3 years.  That email will not be in the folder, backup, or DIR.
0
 
LVL 104

Accepted Solution

by:
Sembee earned 500 total points
ID: 11967743
You will have to use some kind of archiving solution.
There is a rudamentry solution in Exchange which sends it to another mailbox or public folder, but if it is that critical then you will have to look at something like KVS (just bought by Veritias). Will not be cheap, but what about the fines.

Furthermore if it is a legal requirement, then I will have to drag out a common saying - "There are seldem technical solutions to management problems". HR need to tell the users that they must not delete the messages and if they do they will be disciplined. Someone getting fired usually brings everyone else in to line.

Simon.
0
 
LVL 11

Expert Comment

by:infotrader
ID: 11968198
Sembee is correct.  The government is not going to blame you if you show that you have tried to do everything according to compliance.  As long as you backup the data, and archive it, the SHOWS that you are doing what you are doing to reach compliance, then the rest of the blames falls on the employee who deletes the data... AS LONG AS YOU HAVE TOLD YOUR EMPLOYEES THAT'S A NO-NO.

In a typcial data-recovery scenario, I would change tapes on a daily basis, then rotate the tapes, and keep a good setup for the MONTHLY backup, etc.  That does not prevent the scenario you talked about, which someone deletes all of the emails 3 years ago, and you just learn about it....

However, as long as you show that you save your backups on a grand-father --> Father --> Son type of setup, you are doing your job.  To simply keep a transaction record of everything that is sent, saved, deleted, forwarded, etc. etc., is just not cost-effective, and I'd say that 99.99% of the business out there WILL go bankrupt on the cost of hardware and software to implement it.

- Info
0
 

Author Comment

by:SpreadTheWord
ID: 11968831
Ended up using the method of saving a copy of EVERY email sent in and out of the mail server to another mailbox. Nasty I know - but the guys in charge around here want EVERYTHING saved and documented. Thanks everyone.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question