Interesting Exchange / Outlook issue
- From: "Rene Fisher" <Rene_Fisher@xxxxxx>
- To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
- Date: Thu, 18 Mar 2004 06:03:00 -0700
I have an interesting problem from my perspective. I am not sure if anyone has
come across this or not.
Configuration.
Exchange 2003 running on W2K in native mode < previous it was Exchange 2000 >
Issue:
Any user that is using Outlook 2000 or better can add a distribution list to
the ACL permissions on his /her mailbox. Or a mailbox they have delegated
rights to. What happens is that the Store will convert the DL to a security
group. For example if you have a Global DL called all users the store will
convert it to a global SG called All Users. Once the group is converted to a
Security group the Kerberos token increases in size for everyone who is a
member of that DL. I find it odd that a regular user with no permissions to
modify AD security groups has the ability to do this. I am looking for a way to
stop this behaviour. I know that I can educate the end user etc etc etc ..but
we all know how well that goes ..
I hope someone has some suggestions or Ideas. I know that this is only an issue
in Native mode, also it does not work on the new query based distribution lists
that Exchange 2003 offers but neither is a solution that I can use at the
moment ..
Thanks in Advance
Rene
Other related posts:
