?
Solved

Determine what IP address has accessed Exchange 2007

Posted on 2010-11-27
3
Medium Priority
?
791 Views
Last Modified: 2012-06-27
One of my clients is concerned that some sensitive information has leaked from the CEO's email in the past few months

 Is there a way to determine what IP addresses have connected to the Exchange 2007 server?

The person who got in would probably have known his password.

I will go through the IIS logs, but are there also logs for IMAP and Active Sync?

0
Comment
Question by:dan_computerx
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 9

Accepted Solution

by:
losip earned 1000 total points
ID: 34224485
Access via OWA will be logged in the IIS logs - by default at C:\Windows\system32\LogFiles\W3SVC1.

I don't suppose the CEO lost his BlackBerry in the past few months?

By default, IMAP logging is disabled.  It's a bit late now but see this article how to enable it: http://www.msexchange.org/articles_tutorials/exchange-server-2007/management-administration/managing-exchange-server-2007-log-files-part2.html
0
 

Author Closing Comment

by:dan_computerx
ID: 34251821
The answer didn't tell me anything I didn't already know, but I don't think there was a good answer.
0
 

Author Comment

by:dan_computerx
ID: 34251855
I forgot to mention.  Active Sync goes through IIS, as does Outlook Anywhere.  I should have remembered that; I had to raise the TCP timeouts on the firewall to avoid errors.  I just didn't think of it with management breathing down my neck.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question