RE: Exchange 5.5 OWA

  • From: "Don Bentz" <Don@xxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Thu, 31 Jul 2003 11:01:30 -0500

Good question,
 
First screen is the OWA screen with one box, which basically is the
input for which email box you wish, 
 
then the NTLM popup appears for the next login (username/password)
 
If I type lets say JOE in the first box, then sue/password in the login
popup, then me as sue can read Joes email.
 
Hope that clarifies it somewhat.
 
 
Don Bentz, MCSE, CCA, MCP+I
Computer Management Systems, Inc.
216 South Main Street
Columbia City, IN  46725
[260] 248-2191 V  [260] 248-2801 F
www.cmsinetworks.com <http://www.cmsinetworks.com/>  
 
Hate Spam? Click Here
<http://www.myaffiliateprogram.com/u/hatespam/e.asp?e=3&id=1037> .
        -----Original Message-----
        From: Mike Dufoe [mailto:dufoem@xxxxxxxxxxx] 
        Sent: Thursday, July 31, 2003 10:29 AM
        To: [ExchangeList]
        Subject: [exchangelist] RE: Exchange 5.5 OWA
        
        
        http://www.MSExchange.org/
        
         
        Does it prompt them for username/password?          
         
        Example, if user aaa wanted to check out bbb mailbox, does aaa
get prompt for username/password?
         
        Or is this the admin account that your talking about accessing
the users mailboxes?
         
         
         
        -----Original Message-----
        From: Don Bentz [mailto:Don@xxxxxxxxxxx] 
        Sent: Thursday, July 31, 2003 11:12 AM
        To: [ExchangeList]
        Subject: [exchangelist] RE: Exchange 5.5 OWA
         
        http://www.MSExchange.org/
        I have a server running SBS4.5, and using OWA for exchange 5.5,
and have found that any user can log into any users mailbox using OWA.
I've checked permissions and can't see anything wrong. It presently has
SP4 installed for exchange. Anyone seen this?  Could SP4 have broke the
security?
         
         
        Don Bentz, MCSE, CCA, MCP+I
        Computer Management Systems, Inc.
        216 South Main Street
        Columbia City, IN  46725
        [260] 248-2191 V  [260] 248-2801 F
        www.cmsinetworks.com <http://www.cmsinetworks.com/>  
         
        Hate Spam? Click Here
<http://www.myaffiliateprogram.com/u/hatespam/e.asp?e=3&id=1037> .
        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
        Exchange Newsletters:
http://www.msexchange.org/pages/newsletter.asp
        Exchange FAQ:
http://www.msexchange.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Other Internet Software Marketing Sites:
        Leading Network Software Directory: http://www.serverfiles.com
        No.1 ISA Server Resource Site: http://www.isaserver.org
        Windows Security Resource Site: http://www.windowsecurity.com/
        Network Security Library: http://www.secinf.net/
        Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
        ------------------------------------------------------
        You are currently subscribed to this MSExchange.org Discussion
List as: dufoem@xxxxxxxxxxx
        To unsubscribe send a blank email to
$subst('Email.Unsub') 
        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
        Exchange Newsletters:
http://www.msexchange.org/pages/newsletter.asp
        Exchange FAQ:
http://www.msexchange.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Other Internet Software Marketing Sites:
        Leading Network Software Directory: http://www.serverfiles.com
        No.1 ISA Server Resource Site: http://www.isaserver.org
        Windows Security Resource Site: http://www.windowsecurity.com/
        Network Security Library: http://www.secinf.net/
        Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
        ------------------------------------------------------
        You are currently subscribed to this MSExchange.org Discussion
List as: don@xxxxxxxxxxx
        To unsubscribe send a blank email to
$subst('Email.Unsub') 
        This E-Mail is confidential. It is not intended to be read,
copied, disclosed or used by any person other than the
recipient.Unauthorised use, disclosure, or copying is strictly
prohibited and may be unlawful. Computer Management Systems, Inc.
disclaims any liability for any action taken in connection of this
E-Mail. The comments or statements expressed in this E-Mail are not
necessarily those of CMS, Inc. or its subsidiaries or affiliates.
        postmaster@xxxxxxxxxxx <mailto:postmaster@xxxxxxxxxxx> 

This E-Mail is confidential. It is not intended to be read, copied, disclosed 
or used by any person other than the recipient.


Unauthorised use, disclosure, or copying is strictly prohibited and may be 
unlawful. Computer Management Systems, Inc. disclaims any liability for any 
action taken in connection of this E-Mail. The comments or statements expressed 
in this E-Mail are not necessarily those of CMS, Inc. or its subsidiaries or 
affiliates.

postmaster@xxxxxxxxxxx

Other related posts: