Solved

How can I audit who has been reading other users e-mails

Posted on 2007-11-26
5
198 Views
Last Modified: 2010-03-06
Dear Folks,
In my organisation, we are running exchange 2003. Recently I noticed that one of the  junior systems administrator has put his user account in the security of other key director accounts (i.e in AD when I checked the directors account properties, under the security tab, his account was there and having all the permissions to the directors mailboxes). We thought of pulling him in and asking what his account is doing inside other directors mailboxes, but one of the directors has suggested that we actually try and audit to find out what he is up to and what exactly he has been doing in these users mailboxes.
The problem is we don't know where to set up this auditing. Please help

0
Comment
Question by:Ogdhelpdesk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 13

Accepted Solution

by:
cshepfam earned 250 total points
ID: 20349731
0
 
LVL 35

Assisted Solution

by:rakeshmiglani
rakeshmiglani earned 250 total points
ID: 20349738
0
 
LVL 104

Expert Comment

by:Sembee
ID: 20349929
You can only audit access, not down to message level. If the access is regular then that admin should be updating their CV about now.

Simon.
0
 
LVL 22

Expert Comment

by:ATIG
ID: 20349935
just curously what perms did the user have?

running tools like Exmerge require specific rights like send-as and recieve-as
0
 

Author Comment

by:Ogdhelpdesk
ID: 20355564
Every single box is ticked for the user (complete full control). And why would he need to run this tool as himself on the exchange server? We all log in to the exchange server with the admin account.  Finally, the sys admin is not the person who would normally administer our exchange.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Smart phones, smart watches, Bluetooth-connected devices—the IoT is all around us. In this article, we take a look at the security implications of our highly connected world.
how to add IIS SMTP to handle application/Scanner relays into office 365.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question