Exchange 2007 group permissions

Hi All,
  It seems we have had a security group that has been given a number of read permissions to mailboxes that it shouldnt. We have secured the system now but we are looking to track back how the permissions were put in place. We are compiling a list of user accounts that had the read permission attached to confirm if a patten of OU/Location/Group can be found as currently this seems to be random.

Is there any way we can track back the changes within the accounts to find who assigned the permissions? None of our engineers were remember pushing out such a change and so we want to be 100% that the network is secure.

Many thanks
LVL 5
ncomperAsked:
Who is Participating?
 
Praveen BalanConnect With a Mentor Solution ArchitectCommented:
Yes, the ADPermissions are pushed through PowerShell

Command will be like,

get-mailboxdatabase - identity "<mailbox database identitiy>" | Add-adpermission -user <user or group name> -accessrights GenericAll -extendedrights <permissions>

you can get the current rights by

Get-MailboxDatabase -Identity "DB Name" |get-adpermission

-Praveen

0
 
ncomperAuthor Commented:
On Additional Digging it seems the Read permisison was pushed out to Two of the Exchange databases. Inorder for this to happen would this have needed to be pushed out by powershell?

Many thanks,
0
 
ncomperAuthor Commented:
Thanks
0
All Courses

From novice to tech pro — start learning today.