Link to home
Start Free TrialLog in
Avatar of CRush1682

asked on

Need to reverse an Exchange Shell Command!

I have a client with SBS 2011, using Exchange, no POP mailbox downloading.  One person in the organization received an email that looked like it was a spoofed address that was sent from outside the network and routed through the exchange server to the person in the organization.  After a short amount of research I discovered this command:

Get-ReceiveConnector “My Internet ReceiveConnector” | Get-ADPermission -user “NT AUTHORITY\Anonymous Logon” | where {$_.ExtendedRights -like “ms-exch-smtp-accept-authoritative-domain-sender”} | Remove-ADPermission

This evidently close the loophole, but caused another problem unexpectedly.  I need to reverse this command, but not sure how to.  I tried replacing "Remove-ADPermission" with "Add-ADPermission", but it didn't seem to do anything.  Any ideas?
Avatar of LesterClayton
Flag of Norway image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of CRush1682


Thanks, I'll look into that asap.