RE: Exchange 5.5 security issue

• From: Chris Wall <Chris.Wall@xxxxxxxxxxxxxxxxxxx>
• To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
• Date: Mon, 28 Feb 2005 22:23:04 -0500

What domain accounts or groups are given permissions on the 'Site'
properties tab in the Exchange 5.5 admin program?  Write down all domain
accounts and groups that are given permissions here, and then see if the
person in HR is added to one of these groups.  If so, remove the group from
the permissions of the site or remove the HR person from the group that is
given the permissions.  If you remove the group, make sure that your domain
account (or the Exchange service account) is assigned the permissions
individually before you remove anything.  This way you do not remove your
access as well.  

Obviously there are some permissions setting in there that should not be.
Also, the 'domain users' group should NOT be listed in the site permission
properties for any reason.

Regards,

Chris Wall
-----Original Message-----
From: ba_cruising@xxxxxxxxxxx [mailto:ba_cruising@xxxxxxxxxxx] 
Sent: Monday, February 28, 2005 9:57 PM
To: [ExchangeList]
Subject: [exchangelist] Exchange 5.5 security issue

http://www.MSExchange.org/

Hello;
I run Exchange 5.5 sp4 on Windows 2000 member server on our NT 4.0 domain.
 I had a complaint today regarding our HR person accessing someone else's
mailbox.  I checked permissions within Exchange Admin and she does not
have the permission to do this.  Even when I check the Mailbox Resources
HR is listed as being logon to this other person's mailbox.  She does not
know the admin password so how can she view someone else's mailbox?  I've
checked all the permissions I know of within Exchage Admin and am baffled.

I also checked the person who suspects that HR is reading his email within
the Outlook client configuration to see if somehow he delegated this right
but the HR person is not listed within the Outlook as having permission to
his mailbox.

How can someone besides the Exchange Admin have permission to view someone
else's mailbox?  Any help would be greatly appreciated.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
Chris.Wall@xxxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx

Other related posts:

• » Exchange 5.5 security issue
• » RE: Exchange 5.5 security issue
• » RE: Exchange 5.5 security issue
• » RE: Exchange 5.5 security issue
• » RE: Exchange 5.5 security issue
• » RE: Exchange 5.5 security issue
• » RE: Exchange 5.5 security issue
• » RE: Exchange 5.5 security issue
• » RE: Exchange 5.5 security issue

1. Home
2. exchangelist
3. Archive
4. 02-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---