Solved

Mailbox Access Auditing

Posted on 2010-11-18
5
854 Views
Last Modified: 2012-05-10
I setup auditing for my exchange server to see who is accessing boxes other than their own. It is working fine for non Domain admins. It seems that domain admins are not captured in the logs. How can I get them to be logged as well?
0
Comment
Question by:TroydSanchez
5 Comments
 
LVL 4

Expert Comment

by:Krishnamanoj83
Comment Utility
Hi,

This link may be useful to get those details : http://www.msexchange.org/tutorials/Auditing-Mailbox-Access-Exchange-System-Manager-Event-Viewer.html

Regards,
KrishnaManoj K
0
 

Author Comment

by:TroydSanchez
Comment Utility
That is the site where I found the orginal artical that shows how to setup the auditing. It doesn't show to make it so that Domain Admins get audited. It does give a command that shows how to stop an account from being audited. I need to know how to make it so that my domain admins are audited.
0
 
LVL 1

Accepted Solution

by:
ITEngineering earned 500 total points
Comment Utility
This page at MS has good info and a sample of how to turn off the extended right to bypass auditing for the Domain Admins group.
http://technet.microsoft.com/en-us/library/ee221156%28EXCHG.80%29.aspx

For individual users, you can disable the bypass right using the following:
get-mailboxdatabase | Add-ADPermission -User <domain>\<user> -AccessRights ExtendedRight -ExtendedRights Ms-Exch-Store-Bypass-Access-Auditing -Deny:$true

Open in new window

0
 
LVL 74

Expert Comment

by:Glen Knight
Comment Utility
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now