itmti
asked on
Creating user in AD with Exchange mailbox with limited or no rights
Hi,
We have some outside consultant that will need access to one of the mailboxes on Exchange 2007 system.
We have single forest with domain and child domain.
I have created user in Active Directory, but basic user has too many rights to all other resources.
Anyway to create limited user and limit only to Exchange mailbox?
We have tons of other resources, intranets, sharepoints, etc., that basic user can login.
We have some outside consultant that will need access to one of the mailboxes on Exchange 2007 system.
We have single forest with domain and child domain.
I have created user in Active Directory, but basic user has too many rights to all other resources.
Anyway to create limited user and limit only to Exchange mailbox?
We have tons of other resources, intranets, sharepoints, etc., that basic user can login.
devinnoel
Remove the user from "Domain Users" group, that will strip a lot of rights.
ASKER
Does not work,
created new group in ad, added that user to that group, made it primary group and removed Domain Users.
Still able to authenticate to a lot of stuff, like intranets, sharepoints, etc.,
created new group in ad, added that user to that group, made it primary group and removed Domain Users.
Still able to authenticate to a lot of stuff, like intranets, sharepoints, etc.,
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for suggestions
ASKER
What I did also was:
created new user on new trusted forest.
created linked mailbox on primary forest and gave permissions to that user from trusted forest.
Everything worked ok, but still was able to get access to intranets, sharepoints as you said it is using authenticated users on those servers.
So what else i did was went into that new users properties under AD, went into Account Tab, hit Log On To... and gave rights only to my Exchange webmail server.
That did the trick!
created new user on new trusted forest.
created linked mailbox on primary forest and gave permissions to that user from trusted forest.
Everything worked ok, but still was able to get access to intranets, sharepoints as you said it is using authenticated users on those servers.
So what else i did was went into that new users properties under AD, went into Account Tab, hit Log On To... and gave rights only to my Exchange webmail server.
That did the trick!