• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 540
  • Last Modified:

Exchange 2010 Calendar, domain admins can see all users appointments not just Free/Busy

We are running Exchange 2010 on Server 2008 R2.

Domain admins have the ability to see too much information on users calendars, we need to ensure that only Free/Busy information is known for Key company directors and managers.

I checked a Directors account:
Get-MailboxFolderPermission –identity Users@Company.com:\calendar | FL
PowerShell Screen GrabFull Access Permissions to account
Is there anywhere else i can check and restrict what the domain admins can see?

Thanks,
0
ncomper
Asked:
ncomper
  • 2
  • 2
1 Solution
 
Will SzymkowskiSenior Solution ArchitectCommented:
Have you checked the users Active Directory account? Do the domain admins have permissions from the domain level on all accounts to view this information?

Just go to the User in ADUC, properties>Security> Advanced check to ensure that domain admins do not have full control over the user account.

Will.
0
 
ncomperAuthor Commented:
Thanks Will,
    They do have full permissions, don't suppose you know what needs to be removed to make sure we can still maintain the accounts but restrict the information visible.

Thanks,
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
Use you the Exchange Role Base Access Contorl to control permissions within Exchange. If in your hierarchy have domain admins with full permissions this is being applied to all user accounts and also newly created accounts.

I would create a test account, remove the permissions from the account for domain admins and see what are you able to see with that account. Once you have the permissions ironed out on the test account you can remove it from the hierarchy in the domain.

Will.
0
 
ncomperAuthor Commented:
This was a setting linked to outlook on a laptop that was off site. Above checks are all relevant and were very useful
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now