Solved

best way to monitor changes to active directory groups and exchange mailboxes

Posted on 2014-09-30
1
207 Views
Last Modified: 2014-11-12
what is the best way to monitor access rights to mailboxes and AD groups
if an admin gives themselves full access to open an other users mailbox or adds themselves to a group
what is the best way to monitor these changes
0
Comment
Question by:dougdog
1 Comment
 
LVL 12

Accepted Solution

by:
David Paris Vicente earned 500 total points
ID: 40352679
On the Exchange side by Default is enable the Admin Audit log, this register every operation made by the Administrator in the Exchange Organization.
For a best understanding about this log please follow this link

Exchange also have a functionality to audit specific mailboxes.

You can also enable Windows security Auditing in the Domain member Servers to audit actions or changes in your organization.

For Windows Security Auditing check this link for a better overview and understanding

Or you can use third party tools to do that for you such as the ADaudit for members of Active Directory
Regards
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article runs through the process of deploying a single EXE application selectively to a group of user.
how to add IIS SMTP to handle application/Scanner relays into office 365.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question