Solved

Anonymous relay issue

Posted on 2015-02-04
4
55 Views
Last Modified: 2015-02-05
I accidentally ran the exchange shell command to allow anonymous relay to the outside with the default frontend receive connector instead of one we created.  How do I go about removing those permissions?
0
Comment
Question by:Chris Rice
  • 2
4 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40590001
Exactly what command did you run?

It is usually a matter of reversing it with something like remove-adpermissions or something like that, but without knowing what command you used, impossible to say further.

Simon.
0
 

Author Comment

by:Chris Rice
ID: 40590243
I ran this command Get-ReceiveConnector "Relay Connector" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"
0
 
LVL 24

Accepted Solution

by:
VB ITS earned 500 total points
ID: 40590384
In that case use the command Get-ReceiveConnector "Relay Connector" | Remove-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"

I'm not sure how the above command you ran would have modified the default frontend connector though, as you've specified the receive connector named "Relay Connector" with that command.
0
 

Author Comment

by:Chris Rice
ID: 40591022
That was just an example that I found on google.  I couldn't remember the command that I ran off the top of my head.  Thanks.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data‚Ķ
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question