Solved

Exchange 2003 Mailbox Permissions

Posted on 2008-06-17
3
714 Views
Last Modified: 2013-11-15
We just came across an issue the other day that If our users found out could cause some serious harm. Somehow anyone with an exchange mailbox can open anyone else's mailbox including calendar. When I went into Mailbox Rights under the Exchange Advanced tab in AD I noticed that there were quite a few users that had access to my particular mailbox. However when I tried to remove them I would get the following message:

 "You can not remove "Everyone" because this object is inheriting permission from its parent directory. Turn off the option for inheriting permissions, and then try removing again."

How can I fix this so that I can remove "Everyone" from being able to view everyones mailbox?
0
Comment
Question by:FBTC_Helpdesk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 6

Accepted Solution

by:
DocCan11 earned 250 total points
ID: 21807912
Find a point above your user accounts and turn off inheritance.. this seems very strange.. it seems as if someone who did not know what they were doing added the everyone group to AD permissions.. I would try and find this and remove it.. It will be in your AD somewhere..
0
 
LVL 4

Assisted Solution

by:pamiken
pamiken earned 250 total points
ID: 21808017
Wow,  that's really bad.  Goto Exchange system manager.

open -server
right click your server, goto "security" tab
assign appropriate permissions.  

If it's not there then go down the tree (ie right click "first storage group", security, etc)

0
 

Author Comment

by:FBTC_Helpdesk
ID: 21824467
Just out of curiosity, what users/groups should be listed under mailbox rights under the Exchange Advanced tab in AD?
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question