[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Wrong mailbox is pulled up when accessing OWA with correct credentials

Posted on 2007-03-27
2
Medium Priority
?
960 Views
Last Modified: 2012-08-14
I am having issues with remote users that use OWA pulling up other users Mailboxes when putting in their credentials. This has only happened in one instance so far. Three different users are gettting one particular users Mailbox when they log on to OWA. Any ideas?
0
Comment
Question by:darovitz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Accepted Solution

by:
shinatykt earned 1500 total points
ID: 18801447
Microsoft has reported a weakness in Exchange Server 2003, which is caused due to a bug in the handling of NTLM authentication in Outlook Web Access.
Systems configured to use NTLM instead of Kerberos (which is the default authentication scheme) may provide users access to mailboxes belonging to other users, which have recently accessed their mailbox. Microsoft Sharepoint Services may cause the configuration to be changed so that NTLM authentication is used instead of Kerberos. It is not possible for a malicious user to control which mailbox to access.

this might help - http://www.microsoft.com/downloads/details.aspx?FamilyId=9542F949-D09B-4199-A837-FBCFC0567676&displaylang=en
0
 

Author Comment

by:darovitz
ID: 18802446
the tool will not help because our exchange server is updated with the latest service packs and the above is an old tool.  Any other suggestions as this user is really irrated as others can see his email...  I wouldn't be happy either.
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question