Pan Ngon
asked on
Exchange2010 MailboxAuditLogging in OWA
I am trying to search mailbox auditing logs and cannot get owa log ins and operations from delegated users. Does exchange2010 log auditing data from owa? Mailbox auditing is enabled for both admin and delegates.
Also, I tested it by opening another mailbox from both outlook and owa and made changes, still cannot see the audit data updated. How long does the logging data take to get updated?
Regards,
Pam
Also, I tested it by opening another mailbox from both outlook and owa and made changes, still cannot see the audit data updated. How long does the logging data take to get updated?
Regards,
Pam
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Audit logging is already enabled for the user mailbox. The reason I could not see was I didn't add folderbind logging to delegate and tried to access it from OWA. Now I've added all the delegate auditing to the mailbox and can see it whilst accessing it from the webmail.
This is the EMS I used to add auditings.
Set-Mailbox -Identity mailbox -AuditDelegate create,folderbind,sendas,s endonbehal f,softdele te
,harddelete,update,move,mo vetodelete ditems -AuditAdmin update,move,movetodeletedi tems,softd elete,hard delete,fol derbind,s
endas,sendonbehalf,create, messagebin d
I cannot open other user's mailbox as an admin user from webmail. Is it default by the configuration?
This is the EMS I used to add auditings.
Set-Mailbox -Identity mailbox -AuditDelegate create,folderbind,sendas,s
,harddelete,update,move,mo
endas,sendonbehalf,create,
I cannot open other user's mailbox as an admin user from webmail. Is it default by the configuration?
You can access other’s mailbox if you have been granted by such permission, get more details here: https://support.office.com/en-us/article/Access-another-person-s-mailbox-A909AD30-E413-40B5-A487-0EA70B763081
To grant Full Access permission to mailbox database in Exchange, please use below commands:
Get-MailboxDatabase | Add-ADPermission -Group "MB-Admins" -AccessRights ExtendedRight -ExtendedRights Receive-As, ms-Exch-Store-Admin, ms-Exch-Store-Visible,Send -as -inheritancetype All
http://www.msexchange.org/blogs/walther/news/opening-other-users-inboxesmailboxes-using-owa-2010-494.html
Hope this helps!
To grant Full Access permission to mailbox database in Exchange, please use below commands:
Get-MailboxDatabase | Add-ADPermission -Group "MB-Admins" -AccessRights ExtendedRight -ExtendedRights Receive-As, ms-Exch-Store-Admin, ms-Exch-Store-Visible,Send
http://www.msexchange.org/blogs/walther/news/opening-other-users-inboxesmailboxes-using-owa-2010-494.html
Hope this helps!
Some actions are not logged by default for certain types of users. More details here: https://www.codetwo.com/admins-blog/user-mailbox-and-shared-mailbox-auditing-in-exchange-2013/?sts=6635#actions
Best regards,
CodeTwo