Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2003 Mailbox Permissions

Posted on 2008-06-17
3
Medium Priority
?
716 Views
Last Modified: 2013-11-15
We just came across an issue the other day that If our users found out could cause some serious harm. Somehow anyone with an exchange mailbox can open anyone else's mailbox including calendar. When I went into Mailbox Rights under the Exchange Advanced tab in AD I noticed that there were quite a few users that had access to my particular mailbox. However when I tried to remove them I would get the following message:

 "You can not remove "Everyone" because this object is inheriting permission from its parent directory. Turn off the option for inheriting permissions, and then try removing again."

How can I fix this so that I can remove "Everyone" from being able to view everyones mailbox?
0
Comment
Question by:FBTC_Helpdesk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 6

Accepted Solution

by:
DocCan11 earned 1000 total points
ID: 21807912
Find a point above your user accounts and turn off inheritance.. this seems very strange.. it seems as if someone who did not know what they were doing added the everyone group to AD permissions.. I would try and find this and remove it.. It will be in your AD somewhere..
0
 
LVL 4

Assisted Solution

by:pamiken
pamiken earned 1000 total points
ID: 21808017
Wow,  that's really bad.  Goto Exchange system manager.

open -server
right click your server, goto "security" tab
assign appropriate permissions.  

If it's not there then go down the tree (ie right click "first storage group", security, etc)

0
 

Author Comment

by:FBTC_Helpdesk
ID: 21824467
Just out of curiosity, what users/groups should be listed under mailbox rights under the Exchange Advanced tab in AD?
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I originally wrote this article to compare SARDU and YUMI, but have now added Easy2Boot, since that is the one I currently use and find the easiest to create and alter.
The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

661 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question