Solved

Need to be able to open anyone's mailbox for admin purposes

Posted on 2006-07-10
9
240 Views
Last Modified: 2010-03-06
I've been asked to do some forensic research of some employees which requires that I be able to open their mailbox and view everything including sent mail, deleted mail and such.  In exchange 5.5 I could open people's mailboxes with an Exchange Admin account.   Not so in Exchange 2003.   I tried to create an admin profile with the Exchange Admin account as the owner of the mailbox and then ADD other users mailboxes, but it doesn't seem to work all the time.

Can I use the System Manager in a way to view/pull emails from any account?  I'd prefer to do things from my computer, but have no issues running things from the server.

Please advise.



0
Comment
Question by:rdelrosario
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
9 Comments
 
LVL 18

Expert Comment

by:amaheshwari
ID: 17075340
By Default Exchange 2003 service account does not have full rights to access all the mailboxes.This article discusses how to grant permissions to all mailboxes in Exchange 2003.

How to assign service account access to all mailboxes in Exchange Server 2003.
http://support.microsoft.com/default.aspx?scid=kb;en-us;821897
0
 

Author Comment

by:rdelrosario
ID: 17075462
I'm using an account that I already granted full access to (its used successfully by Veritas Backup Exec for Exchange) so I know it has full rights to all mailboxes.
0
 
LVL 22

Expert Comment

by:kristinaw
ID: 17075932
if your account has already been granted the appropriate permissions as detailed in the article referenced above, then you should be able to do file > open > other user's folder, and open the inbox that way. If that works, you should be OK.

you mention it works sometimes, but not all the time. are all mailbox users on the same store? same exchange server?

kris.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:rdelrosario
ID: 17076484
I need access to sent items/deleted items and such.  I don't believe thats an option for "opening other user's folders".   Actually I thought it was working sometimes... but I was wrong... It never works.
0
 
LVL 22

Expert Comment

by:kristinaw
ID: 17076737
as long as you have assigned the permissions correctly as per the article, you should be able to add the mailbox in the profile, or open the inbox via the method i described. if you can do neither, go through the article again.

kris.
0
 

Author Comment

by:rdelrosario
ID: 17078097
As I mentioned, I need access to sent item/deleted items... opening up other users folders won't do it.   That will give you inbox, but not sent items....As for the article you mentioned, I already have an account with appropriate permissions.  The article is old news.  Any other ideas.
0
 
LVL 22

Accepted Solution

by:
kristinaw earned 500 total points
ID: 17078175
no. the article works. if it's not working for you then someone, somewhere has done something that is causing the permissions not to be inherited down properly. i'm pretty sure that if you 'add the mailbox in the profile' , as i mentioned in my last post, you'll get access to every folder in the mailbox, including sent, etc.

i'm pretty sure about this because i do it daily.

the 'experts' on this site are all volunteers. volunteer means we aren't paid.

there often is no 'easy' button when it comes to troubleshooting. if you had an account with the appropriate permissions, it seems to reason that it would work for all accounts. something obviously is not the same between accounts that do work and accounts that don't.

what exactly have you done to troubleshoot the issue? have you tried creating a new user and see if your service account has access to that user? if it doesn't, it's possibly inheritance got turned off.

at any rate, the more info you provide the easier it will likely be to find a solution. i frequently go through things more than once to make sure i haven't missed something. but if you don't want to do that, that's fine too.

best wishes,
kristinaw

0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question