i have a situation, mix between active directry, exchange and security.
Server windows 2003 ENT.
exchange 2003 ENT.
it had been access one of the account, and send an email, its look like by OWA, because it had been sent at 04:00 am.
the user of thats email, telling that he didnt send thats email, and he claim that some one reset his password and send the email.
is there is any way we can trace reset password, or changing password???
and how can we make sure not the user sent thats mail, and change his password after that?