Solved

Determine what IP address has accessed Exchange 2007

Posted on 2010-11-27
3
751 Views
Last Modified: 2012-06-27
One of my clients is concerned that some sensitive information has leaked from the CEO's email in the past few months

 Is there a way to determine what IP addresses have connected to the Exchange 2007 server?

The person who got in would probably have known his password.

I will go through the IIS logs, but are there also logs for IMAP and Active Sync?

0
Comment
Question by:dan_computerx
  • 2
3 Comments
 
LVL 9

Accepted Solution

by:
losip earned 500 total points
Comment Utility
Access via OWA will be logged in the IIS logs - by default at C:\Windows\system32\LogFiles\W3SVC1.

I don't suppose the CEO lost his BlackBerry in the past few months?

By default, IMAP logging is disabled.  It's a bit late now but see this article how to enable it: http://www.msexchange.org/articles_tutorials/exchange-server-2007/management-administration/managing-exchange-server-2007-log-files-part2.html
0
 

Author Closing Comment

by:dan_computerx
Comment Utility
The answer didn't tell me anything I didn't already know, but I don't think there was a good answer.
0
 

Author Comment

by:dan_computerx
Comment Utility
I forgot to mention.  Active Sync goes through IIS, as does Outlook Anywhere.  I should have remembered that; I had to raise the TCP timeouts on the firewall to avoid errors.  I just didn't think of it with management breathing down my neck.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now