Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 210
  • Last Modified:

How can I audit who has been reading other users e-mails

Dear Folks,
In my organisation, we are running exchange 2003. Recently I noticed that one of the  junior systems administrator has put his user account in the security of other key director accounts (i.e in AD when I checked the directors account properties, under the security tab, his account was there and having all the permissions to the directors mailboxes). We thought of pulling him in and asking what his account is doing inside other directors mailboxes, but one of the directors has suggested that we actually try and audit to find out what he is up to and what exactly he has been doing in these users mailboxes.
The problem is we don't know where to set up this auditing. Please help

0
Ogdhelpdesk
Asked:
Ogdhelpdesk
2 Solutions
 
SembeeCommented:
You can only audit access, not down to message level. If the access is regular then that admin should be updating their CV about now.

Simon.
0
 
ATIGCommented:
just curously what perms did the user have?

running tools like Exmerge require specific rights like send-as and recieve-as
0
 
OgdhelpdeskAuthor Commented:
Every single box is ticked for the user (complete full control). And why would he need to run this tool as himself on the exchange server? We all log in to the exchange server with the admin account.  Finally, the sys admin is not the person who would normally administer our exchange.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now