[Last Call] Learn how to a build a cloud-first strategyRegister Now


Users still able to access any mailbox irrespective of permissions. What to check?!

Posted on 2006-05-30
Medium Priority
Last Modified: 2010-03-06
Alriiighty, basically one of the sites I manage as 50+ users, among other servers we have a DC and an exchange server, we had an issue 6 months ago with the Information Store which resulted in me exmerging the mailboxes out, creating anew store and merging them back in. Since then however, all users have been able to access any other mailbox, calendar etc and not only view but also change and delete emails, appointments etc. Even though some mailboxes have editor permissions for certain staff to read appointments etc, anyone can add, edit and delete anything from everyone one elses outlook. As you can guess this is a serious security issue, one that I have been unable to sholve in the short time that I have attempted to fix this. Before resorting to microsoft paid support I thought I'd pick someone's brain on here. I can obtain more specific information if it will help in narowing down the problem.
Question by:zanerkand
  • 2
LVL 31

Accepted Solution

LeeDerbyshire earned 500 total points
ID: 16789324
Have a look at the Security properties of your Mailbox Store in ESM (Servers\ServerName\StorageGroupName).  See if there is anything in the list of permissions that will give your Domain Users or Authenticated Users or Everyone groups Full Access.

Author Comment

ID: 16794688
Yeah I was in there yesterday playing around because thats the only place I could think of left that could override individual settings, and I took the full user access off and now ppl can't connect to the calendars that they were connected to anymore, so I'm going back in there now to double check the settings.. Will let you know how I go

Author Comment

ID: 16794730
'Everyone' security group had no rights, I gave the group read access and tried again and now the individual permissions are working again. Cheers

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month17 days, 18 hours left to enroll

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question