Someone has access to my exchange server as I was able to see their connection through task manager. They were using rdp I believe. I looled at the users who were able to access my server and found 4 additional users that I did not add. I removed all of them and left only the Administrator account in Remote access. He showed up again. I turned RDP totally off and have not seen him login yet. For the past 30 minutes he has not shown up.
What other things can I do to deny access to this rogue user?