Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 408
  • Last Modified:

Disabling non admin users making changes on the email distribution group through Outlook

Hi People,

Does anyone here know as to why some of the users in my organization can add or remove themselves from the distribution group through the Outlook 2007 ?

This sounds like a security flaw or issue that must be mitigated since some distribution group contains sensitive recipients.

I have checked from the Exchange Server 2007 SP1 management console Organization Configuration | Exchange Administrators tab that this user is not listed in any Exchange Administrator group.
0
Senior IT System Engineer
Asked:
Senior IT System Engineer
3 Solutions
 
LazarusCommented:
Go to your EMC (console) and then Recipient Configuration, Find the Distribution Group you want under Distribution Groups. Go to the Membership Approval tab and check the appropriate box.
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
There is a permission at the DL level in Security tab that says that the Owner\Managedby user can himself add\remove users from the DL itself

- Rancy
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Thanks all, but in this case, our company doesn't use "Managed By" filed so I wonder how can he make the cahnges on any distribution group.
0
 
Marshal HubsEmail ConsultantCommented:
Hi,

Use ADUS (or ADSIEDIT) and check the "Security" tab on one of the Distribution Groups. Click the "Advanced..." button and then sort the list by "Permission".
 
Who has "Full Control"? Who has "Write Members" permission?
 
I expect you'll find something like the Everyone group has. If not, check what groups the people are in that shouldn't be able to change the membership of the group. Maybe you've added "Everyone" to the Domain Administrators group?
 
Whatever you do, do NOT deny the Everyone group permissions, just remove the permission (not having permission isn't the same as being denied permission)!
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Thanks !
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now