Avatar of CTCRM
CTCRM
Flag for United Kingdom of Great Britain and Northern Ireland asked on

I would like Administrative Rights to all/everyones mailboxes in the domain.

We're running Exchange 2007/Win 2K8R2 environment and there's always a daily requirement for Sys Admins to access end users mailboxes but I'm getting prompted with a Windows Login dialogue box first and can't authenticate against AD with our Sys Admin credentials.

What is the work around for this please?
ExchangeMicrosoft Legacy OS

Avatar of undefined
Last Comment
CTCRM

8/22/2022 - Mon
SvenIA

ASKER CERTIFIED SOLUTION
SvenIA

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Neil Russell

My only comment wuold be....

Is this written into company policy?
What are the laws in your country/state regarding privicy?
Are all your employees aware that you will have unrestricted/unmonitored access to there email accounts?

Just ensure that you do not breach any privacy/data protection/employment laws.
CTCRM

ASKER
Neilsr - The Exchange Servers and Email System/Processes are company property, all email is monitored and scanned for content and filtered for SPAM. The Systems Administrators here are responsible for a number of tasks that require a SysAdmin to do as opposed to a general end user. Some of those tasks could be changing/setting the OOOffice details, granting access to generic mailboxes, changing permissions on individual end user mailboxes etc.

The MSOutlook email platform is the responsibility of the company and you're right there has to be a level of privacy considered but that trust has to sit with the Sys Admins to carry out the logged tasks and no further than that. All employees sign a number of declarations regarding IT Policies in terms of mis-use, privacy, etc so as a department we're covered.

I will give the PS script a run first and also look at the suggested links and will let you know how they go.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Neil Russell

Glad to see you have it all covered in policies and procedures. Some countries take different views on who owns the DATA within an email system unless explicitly stated in a contract of employment.
Neil Russell

As an example of this see the below explination of the data protection statement on email privacy from the Irish DPA.

4.1 Can my employer access my email or internet usage? / Can I access my employees’ email or internet usage?

More extensive guidance is available on this issue here (http://www.dataprotection.ie/viewdoc.asp?DocID=208).

The advice of this Office is that every employee has a legitimate right to expect a certain amount of privacy in a work context.  The key point is that the employer needs to have a clear policy that is made available to all employees in relation to whether personal use of employee equipment such as email or the internet is allowable.  If an employer does not allow any such use then the employee should not use these systems for their own use.  Such a policy will allow more ready access to an employee’s email and internet records by an employer as the employee should not be making use of them for a personal purpose.  However, even in such circumstances ongoing monitoring is never considered proportionate and access should be in response to a reasonable suspicion.

If the employer’s usage policy does allow some use of equipment for personal purposes then ongoing monitoring of that usage will likely give rise to data protection concerns as the employee is entitled to privacy in relation to that limited personal use.  Any specific access to emails or internet usage should be in response to a specific and reasonable suspicion of inappropriate use of the facilities provided.



SOURCE:  http://www.dataprotection.ie/viewdoc.asp?DocID=634
CTCRM

ASKER
Thanks
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.