I was under the impression that AA is a product that can be used for E2K3. Perhaps I should rethink that. Promodag is a tool that comes to mind now that you mention it, but I don't know that it will pull that specific information. Much more affordable as I recall. www.promodag.com <http://www.promodag.com> Al -----Original Message----- From: Stelley, Douglas [mailto:dstelley@xxxxxxx] Sent: Wednesday, October 15, 2003 10:30 AM To: [ExchangeList] Subject: [exchangelist] RE: Exchange tool AD: Get Thawte's New Step-by-Step SSL Guide for MSIIS: http://www.msexchange.org/thawte/ I'll reply to both of your threads. I've looked into the event log, and would really hate to manually check off user access . Too many users. I can't use just domain access, as many users logon to the domain and never check their mail. They (money crunchers) won't buy us MOM (although they would benefit in many ways...) I've looked at AppAnalyzer, but it seems like its more for E5.5, where I've got clean installs oh E2k (getting ready to upgrade to 2K3) My stock answer has been to wait till we upgrade to a 2003 domain with 2003 Exchange, and furthor tools will be available (like a query that's pull users who haven't logged on to the domain in, say 30 days). I continue to look and learn, so I thought I'd ask the experts before spending a half a day looking for a process that may not exist. As far as installed programs, the server has no other installed programs. We use GFI Security & Essentials, but it resides on the mail gateway server. And each workstation has Mcafee installed. (I daily pray that suffices...) -Doug _____ From: Mulnick, Al [mailto:Al.Mulnick@xxxxxxxxxx] Sent: Wednesday, October 15, 2003 10:13 AM To: [ExchangeList] Subject: [exchangelist] RE: Exchange tool AD: Get Thawte's New Step-by-Step SSL Guide for MSIIS: http://www.msexchange.org/thawte/ <mutter; darn touch pads> In the last email I was describing using auditing on the Exchange servers and cross-referencing the information. You may, depending on your organization, be able to use the last time they log into the network period. There're are several scripts available on the 'net to give that type of information. Tools that would be helpful here would be things like MOM and NetIQ AppAnalyzer. I think AppAnalyzer would be better for this type of report, but I haven't been able to afford to find out so far. Al -----Original Message----- From: Stelley, Douglas [mailto:dstelley@xxxxxxx] Sent: Wednesday, October 15, 2003 10:03 AM To: [ExchangeList] Subject: [exchangelist] Exchange tool AD: Get Thawte's New Step-by-Step SSL Guide for MSIIS: http://www.msexchange.org/thawte/ I've been tasked to provide a report that show when users last opened their mailbox. In ESM, I can go to mailboxes and there is a column "Last Logon Time". This is no good, as each mailbox is touched by "NT AUTHORITY\SYSTEM" too often to be of any use. I need to know when the user got in, not the system. Does anyone know of, or use any such tool? On a similar note, besides the Mailbox Manager, is there any other process that would be using "NT AUTHORITY\SYSTEM" to touch a mailbox? If I stopped, or only ran the management process, say once a month, could I then use the "Last Logon Time" in mailboxes for this report? p.s. the boss wants to know who doesn't yet use the email they've so generously provided..... Doug Stelley Network Administrator Olean General Hospital Get Thawte's New Step-by-Step SSL Guide for MSIIS Find out how to test, purchase, and install a Thawte Digital Certificate on your MSIIS web server: http://www.msexchange.org/thawte/ ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: al.mulnick@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') Confidentiality Notice: The information contained in this message may be legally privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any release, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error please notify the author immediately by replying to this message and deleting the original message. Thank you. Get Thawte's New Step-by-Step SSL Guide for MSIIS Find out how to test, purchase, and install a Thawte Digital Certificate on your MSIIS web server: http://www.msexchange.org/thawte/ ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: dstelley@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') Get Thawte's New Step-by-Step SSL Guide for MSIIS Find out how to test, purchase, and install a Thawte Digital Certificate on your MSIIS web server: http://www.msexchange.org/thawte/ ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: al.mulnick@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') Confidentiality Notice: The information contained in this message may be legally privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any release, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error please notify the author immediately by replying to this message and deleting the original message. Thank you.