Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Disabling non admin users making changes on the email distribution group through Outlook

Posted on 2013-06-11
5
Medium Priority
?
403 Views
Last Modified: 2013-06-12
Hi People,

Does anyone here know as to why some of the users in my organization can add or remove themselves from the distribution group through the Outlook 2007 ?

This sounds like a security flaw or issue that must be mitigated since some distribution group contains sensitive recipients.

I have checked from the Exchange Server 2007 SP1 management console Organization Configuration | Exchange Administrators tab that this user is not listed in any Exchange Administrator group.
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 20

Assisted Solution

by:Lazarus
Lazarus earned 400 total points
ID: 39240041
Go to your EMC (console) and then Recipient Configuration, Find the Distribution Group you want under Distribution Groups. Go to the Membership Approval tab and check the appropriate box.
0
 
LVL 52

Assisted Solution

by:Manpreet SIngh Khatra
Manpreet SIngh Khatra earned 400 total points
ID: 39240116
There is a permission at the DL level in Security tab that says that the Owner\Managedby user can himself add\remove users from the DL itself

- Rancy
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 39240127
Thanks all, but in this case, our company doesn't use "Managed By" filed so I wonder how can he make the cahnges on any distribution group.
0
 
LVL 10

Accepted Solution

by:
Marshal Hubs earned 1200 total points
ID: 39240169
Hi,

Use ADUS (or ADSIEDIT) and check the "Security" tab on one of the Distribution Groups. Click the "Advanced..." button and then sort the list by "Permission".
 
Who has "Full Control"? Who has "Write Members" permission?
 
I expect you'll find something like the Everyone group has. If not, check what groups the people are in that shouldn't be able to change the membership of the group. Maybe you've added "Everyone" to the Domain Administrators group?
 
Whatever you do, do NOT deny the Everyone group permissions, just remove the permission (not having permission isn't the same as being denied permission)!
0
 
LVL 8

Author Closing Comment

by:Senior IT System Engineer
ID: 39240270
Thanks !
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question