?
Solved

Exchange 2010 account @iphone is getting emails even after password change

Posted on 2016-10-11
8
Medium Priority
?
67 Views
Last Modified: 2016-10-12
I have a SBS 2011 box with pre installed Exchange 2010 Version 14.3 (Build 123.4)
Users are receiving emails at iPhone. I noticed a strange thing; even after changing password of windows logon account, users can still receive & send emails at iPhone even without updating the new password in the iPhone exchange account settings.

iPhone asked the new password after restarting the server only.

Is it the genuine procedure or is the server got compromised? If its a policy, where to find & modify the policy.

Thanks for reading the concern.
0
Comment
Question by:Akash Bansal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 59

Accepted Solution

by:
Cliff Galiher earned 2000 total points
ID: 41839544
Perfectly normal. Authentication issues a token for a length of time and that token os still valid after a password change. You won't have to re-auth until the token expires. You really don't want to mess with this behavior. It has ramifications well beyond exchange.
1
 
LVL 2

Author Comment

by:Akash Bansal
ID: 41839547
What is the token age normally? Worried if my server is compromised or not.
0
 
LVL 59

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 2000 total points
ID: 41839552
Several hours. Is there a reason you think the server is compromised?
1
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 2

Author Comment

by:Akash Bansal
ID: 41839554
Thanks.
User having admin privilege  reported a suspicious attachment he opened.
I submitted it to Avira; now it is added to the virus definition.


https://analysis.avira.com/en/status?uniqueid=5v1rPZISYhnBq1FR0vdkSVqFDNqYZtDA&incidentid=2099562

A few months back one of my friend lost money as his google mail password was hacked & hacker successfully diverted some expected payments to his account. The friend click almost the same type of link in pdf file & innocently entered his password to the phishing link.
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 41839712
Well, as a general rule, admins should have separate admin accounts. For example, I may have an account called "cliff" that is a standard user that has an exchange mailbox and is a standard user, and "admin-cliff" that does *not* have an exchange mailbox and is used for admin tasks.  Admin accounts are further secured with 2FAband/or all external access blocked. That way admin credentials would never be leaked how you described.
1
 
LVL 2

Author Comment

by:Akash Bansal
ID: 41840168
Yes! You are correct, I would advice my friends to make separate admin accounts.
What is 2FAband?
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 41840952
Typo. 2FA and/or.
1
 
LVL 2

Author Comment

by:Akash Bansal
ID: 41841401
As google mail has an option to sign out from all devices. So after changing the password of gmail, we click on "sign out all other web sessions", I guess this ensure that all other devices are forced logout.

How can we do it with on premises exchange 2010/2013 or 2016 users sessions.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You need to know the location of the Office templates folder, so that when you create new templates, they are saved to that location, and thus are available for selection when creating new documents.  The steps to find the Templates folder path are …
In this article I discuss my selections of the Top Four free Outlook OST File Viewers available. Open, view and read even damaged OST files by using these tools. They all provide a clear preview of all data such as emails, notes, tasks, calendars, e…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month10 days, 18 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question