• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 318
  • Last Modified:

Exchange - User Permissions

Hi,
We have Microsoft Exchange running on a Network with 50 or so users.
One user has said they are able to view other peoples mail.
They should not have permission to do this.  
I have looked at this user and they are not a Member of any Administrators Group.
Nothing else seems out of place either.
Is there anything obvious I am missing?
0
harris9999
Asked:
harris9999
  • 5
  • 5
1 Solution
 
bsharathCommented:
Check the exchange mailstore permissions...
0
 
harris9999Author Commented:
Is that the Mailbox Rights under the Exchanged Advanced Tab?
In for all users it has
Domain Admins
Everyone  - Under the Allow option Read Permissions and Full Mailbox Access are ticked but Greyed out. Is this it?
0
 
bsharathCommented:
No in exchange select the exchange mailbox store inside it you have the stores  Go to properties > Security.In there everyone should not have any permissions.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
bsharathCommented:
In ADS ADUC console >Exchnage tasks > Exchange Advanced > Mailbox Rights .Also everyone should have read permission only
If anything else is selected remove all just for 1 user.
Test before you do to all users...
Give it some time to replicate...
0
 
harris9999Author Commented:
In the Exchange System Manager, I have went to the Mailbox Store and Properties and the security Tab, in there, Everyone has no permissions.

In the ADUC Everyone has Read Permissions and Full Mailbox Access ticked but greyed out.
Will I check the box for deny beside the Full Mailbox Access?
0
 
bsharathCommented:
Try to remove the users permission in ADUC for 1 user and see what happens...
0
 
harris9999Author Commented:
Just removed the Full Mailbox Access or the Read as well?
0
 
harris9999Author Commented:
I put Deny next to them both but this user is still able to open every ones mailbox by going to
File > Open Other Users Folder
0
 
bsharathCommented:
Download Active Administrator from
http://www.scriptlogic.com/
See each OU's delegation...This will show if the particular user has full permissions on the OU
0
 
harris9999Author Commented:
I had left it with the Deny box ticked beside Full Mailbox Access, it seemed to take a couple of hours for the permissions to take effect.  But once they did the user was unable to open there own mailbox.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now