Solved

Need to be able to open anyone's mailbox for admin purposes

Posted on 2006-07-10
9
237 Views
Last Modified: 2010-03-06
I've been asked to do some forensic research of some employees which requires that I be able to open their mailbox and view everything including sent mail, deleted mail and such.  In exchange 5.5 I could open people's mailboxes with an Exchange Admin account.   Not so in Exchange 2003.   I tried to create an admin profile with the Exchange Admin account as the owner of the mailbox and then ADD other users mailboxes, but it doesn't seem to work all the time.

Can I use the System Manager in a way to view/pull emails from any account?  I'd prefer to do things from my computer, but have no issues running things from the server.

Please advise.



0
Comment
Question by:rdelrosario
  • 3
  • 3
9 Comments
 
LVL 18

Expert Comment

by:amaheshwari
ID: 17075340
By Default Exchange 2003 service account does not have full rights to access all the mailboxes.This article discusses how to grant permissions to all mailboxes in Exchange 2003.

How to assign service account access to all mailboxes in Exchange Server 2003.
http://support.microsoft.com/default.aspx?scid=kb;en-us;821897
0
 

Author Comment

by:rdelrosario
ID: 17075462
I'm using an account that I already granted full access to (its used successfully by Veritas Backup Exec for Exchange) so I know it has full rights to all mailboxes.
0
 
LVL 22

Expert Comment

by:kristinaw
ID: 17075932
if your account has already been granted the appropriate permissions as detailed in the article referenced above, then you should be able to do file > open > other user's folder, and open the inbox that way. If that works, you should be OK.

you mention it works sometimes, but not all the time. are all mailbox users on the same store? same exchange server?

kris.
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 

Author Comment

by:rdelrosario
ID: 17076484
I need access to sent items/deleted items and such.  I don't believe thats an option for "opening other user's folders".   Actually I thought it was working sometimes... but I was wrong... It never works.
0
 
LVL 22

Expert Comment

by:kristinaw
ID: 17076737
as long as you have assigned the permissions correctly as per the article, you should be able to add the mailbox in the profile, or open the inbox via the method i described. if you can do neither, go through the article again.

kris.
0
 

Author Comment

by:rdelrosario
ID: 17078097
As I mentioned, I need access to sent item/deleted items... opening up other users folders won't do it.   That will give you inbox, but not sent items....As for the article you mentioned, I already have an account with appropriate permissions.  The article is old news.  Any other ideas.
0
 
LVL 22

Accepted Solution

by:
kristinaw earned 500 total points
ID: 17078175
no. the article works. if it's not working for you then someone, somewhere has done something that is causing the permissions not to be inherited down properly. i'm pretty sure that if you 'add the mailbox in the profile' , as i mentioned in my last post, you'll get access to every folder in the mailbox, including sent, etc.

i'm pretty sure about this because i do it daily.

the 'experts' on this site are all volunteers. volunteer means we aren't paid.

there often is no 'easy' button when it comes to troubleshooting. if you had an account with the appropriate permissions, it seems to reason that it would work for all accounts. something obviously is not the same between accounts that do work and accounts that don't.

what exactly have you done to troubleshoot the issue? have you tried creating a new user and see if your service account has access to that user? if it doesn't, it's possibly inheritance got turned off.

at any rate, the more info you provide the easier it will likely be to find a solution. i frequently go through things more than once to make sure i haven't missed something. but if you don't want to do that, that's fine too.

best wishes,
kristinaw

0

Featured Post

Free Webinar: AWS Backup & DR

Join our upcoming webinar with experts from AWS, CloudBerry Lab, and the Town of Edgartown IT to discuss best practices for simplifying online backup management and cutting costs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question