AXISHK
asked on
Login IP address for any Exchange mailbox
Is there any solution that can log all the IP address accessing to a particular Exchange mailbox ? Can the latest version of Exchange log these types of traffic ?
Thx
Thx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
As mentioned above, depending on how the mailbox is accessed then you will have to refer to their respective log.
In exchange 2013/2016 you can disable activesync and imap/mapi/pop while allowing for owa access. This can be done via the mailbox features option.
In exchange 2013/2016 you can disable activesync and imap/mapi/pop while allowing for owa access. This can be done via the mailbox features option.
ASKER
It would be great if there is a centralized log for which IP has been access a mailbox at particular time. Is there any 3rd party solution that can integrate with Exchange to serve this purpose ?
You can check the frontend IIS logs for that user mailbox, based on the protocol used you can filter if it is RPC or MAPI, other logonstatistics can be one thing you can try, else there is no specific logs which logs the IP address of the client machine because most of time clients connection are handled by LB and you just see LB's IP in connections
ASKER
Alternatively, can we configure Exchange such that if the mailbox is not accessed through office workstation or company phone, the administrator or the user will be warned ?
Thx