Solved

Prohibit Users from viewing Exchange 2010 Archive Mailboxes in Outlook and OWA

Posted on 2012-04-12
7
545 Views
Last Modified: 2012-04-16
Background: Company is transitioning from Exchange Server 2007 SP2 environment to Exchange Server 2010 SP2 Rollup 1.   The company has purchased Exchange 2010 Enterprise CALs for all users. The company wants all mail to be retained for 7 years which the users cannot move, delete, or view in Outlook or OWA.  The Exchange administrators are obviously supposed to have this privilege but no other users.  

Question: Is it possible and if so how is it accomplished to configure Exchange 2010 archive mailboxes to not be visible by Outlook or OWA for non designated Exchange admins?
0
Comment
Question by:advserver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 47

Expert Comment

by:apache09
ID: 37841141
"for non designated Exchange admins"

Obviously if they are exchange admins, they are going to have the access.

You could remove the Domain Admin or Exchange Admin from permissions on the mailboxes.

Then only add the specific users, whom are required to have access.


However, I beleive the key factor here is non-designated Exchange Admin(s)

If they are an exchange admin, if they really want access to it, all they need to do is re-add themselves.

If these particular users need to be restricted from viewing such Mailboxes, perhaps Exchange Admin is not the appropriate role for them
0
 
LVL 4

Author Comment

by:advserver
ID: 37841711
I apologize as I should have been more black and white.  No one is permitted to see their archive mailbox in Outlook or OWA.

Please forget I said Exchange admins as you provided no answer and were simply condescending.  


Scenario:  1500 Exchange 2010 mailboxes with archiving enabled with 1 one of those being an admin  =1499 users who are not permitted to see their archive mailbox in Outlook or OWA.
0
 
LVL 24

Expert Comment

by:Rajith Enchiparambil
ID: 37842012
What is the point of having such an archive?

If it is for making sure users won't delete it, they can delete mails even before it goes into archive.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 4

Author Comment

by:advserver
ID: 37842139
The point of such an archive is for legal reasons.  It is a healthcare provider that wants all mail designated by the retention policy to be retained for all users for 7 years. They do not want the users to be able to see their archive mailbox.

If this is not possible that is fine.  I am simply asking if it is and if so how.  Thank you.
0
 
LVL 47

Assisted Solution

by:apache09
apache09 earned 250 total points
ID: 37849426
Thanks for clarifying

Sorry there was no intention of sounding condescending

Because the Archive Mailbox in Exchange 2010 is virtually an additional mailbox created for the specific user, restricting access of this archive for the user, would virtually make it unusable as access would be required for Mail Items to be moved into the Archive.

It would be similar to a user archiving off their email to a PST, with their Read permissons removed from the PST It then becomes Unusable by Outlook/User

I think what you may be looking for is something thats a little bit more robust than the built in archiving of Outlook/Exchange.

Likely to be found in a 3rd party Enterprise Archving Solution.

There are a few out there that are speciically desgined to meet legal or regulatory obligations such as mimosa or GFI

http://www.slipstick.com/exchange/archiving-tools-exchange-server/
0
 
LVL 37

Accepted Solution

by:
Jian An Lim earned 250 total points
ID: 37849539
you are using the archiving in a wrong way.

Archiving do not equal to journaling.
Archiving is designed to reduce the load of an active mailbox.
Journal is designed to retain email for certain of period. (hence compliance with your requirement)

So, the best bet you have is to turn on journaling in exchange
http://technet.microsoft.com/en-us/library/aa998649.aspx

forget about archiving, it is not design for compliance purpose.
I can discuss more if you have any question.
0
 
LVL 4

Author Comment

by:advserver
ID: 37852553
Limjianan and Apache09.  Thank you for your responses.  

When the client stated that they had purchased Enterprise CALs for the archiving and then stated the requirements I was afraid that it would lead to the answers above.  I did not want them to have paid for something they did not need.  There are other features such as Multi-Mailbox Search and Legal Hold which can be taken advantage of though.  

Limjianan, I will look to follow your advice and configure Journaling for all users.  Thank you.
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
how to add IIS SMTP to handle application/Scanner relays into office 365.

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question