• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 319
  • Last Modified:

Exchange/AD Account

Does anyone know of a 3rd party tool that will let me scan an individual's email and/or Active Directory account?
We have 2 users whose email closes down (stops working) at specific times during the day and I'm pretty sure those accounts are compromised.
I've scanned the computer(s) with Microsoft Forefront (that's our AV product) and nothing is found.  I don't know what else to try.
0
skbarnard
Asked:
skbarnard
1 Solution
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Does anyone know of a 3rd party tool that will let me scan an individual's email and/or Active Directory account? - What exactly do you want to know ??

If you think their accounts are being used you can enable "Mailbox Auditing" for those users.

- Rancy
0
 
chubby_informerCommented:
or just change the passwords
0
 
Leon FesterSenior Solutions ArchitectCommented:
Your Domain Controller will log authentication requests when an account is validated.

We have 2 users whose email closes down (stops working) at specific times during the day and I'm pretty sure those accounts are compromised.

How to you restore service again after email stops working?
What does stop working mean? Cannot send, gets errors, hangs?

I've seen some funky issues with DLP software and mimecast which resulted in Outlook crashing.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
skbarnardAuthor Commented:
The password had already been changed so I am going to try the mailbox autditing, thanks Rancy.
I'll report back within a day or two to update whether this helps me as much as I think it will
0
 
skbarnardAuthor Commented:
In repsonse to dvt_localboy - the email for these users hangs.  They are unable to use their Outlook even after closing it down and opening again.  They're unable to log in to their email via the web access.
Their email eventually starts back up (unfreezes, isn't hung) on its own.
For Rancy's suggestion - I have enabled mailbox auditing on these 2 accounts via the management shell.  Is there a report I can get that let's me see how much SMTP traffic the account is generating?  Do I have to explicity set what is to be audited? (AuditAdmin?, AuditOwner?)
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Is there a report I can get that let's me see how much SMTP traffic the account is generating? - Message Tracking is the only option for this

Get-MessageTrackingLog

- Rancy
0
 
skbarnardAuthor Commented:
This problem is more wide-spread than just the 2 users when the question was originally posted.  Mailbox auditing has assisted some but no complete solution has been found.  We're going to install Exchange SP2 as this is supposed to fix the known problem with the store.exe crashing - likely this is our resolve.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now