RE: Exchange tool

  • From: "Mulnick, Al" <Al.Mulnick@xxxxxxxxxx>
  • To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
  • Date: Wed, 15 Oct 2003 10:10:25 -0400

Auditing is the only other way to record who opened a mailbox.  You'd want
to audit the event log to see what you get and cross reference that with the
user id's.  
Other processes that open the mailbox include MAPI based virus scanners and
any other MAPI based access to the mailboxes.  Depends on what you have inst

-----Original Message-----
From: Stelley, Douglas [mailto:dstelley@xxxxxxx] 
Sent: Wednesday, October 15, 2003 10:03 AM
To: [ExchangeList]
Subject: [exchangelist] Exchange tool

AD: Get Thawte's New Step-by-Step SSL Guide for MSIIS: 
I've been tasked to provide a report that show when users last opened their
mailbox. In ESM, I can go to mailboxes and there is a column "Last Logon
Time". This is no good, as each mailbox is touched by "NT AUTHORITY\SYSTEM"
too often to be of any use. I need to know when the user got in, not the
system. Does anyone know of, or use any such tool?
On a similar note, besides the Mailbox Manager, is there any other process
that would be using 
"NT AUTHORITY\SYSTEM" to touch a mailbox? If I stopped, or only ran the
management process, say once a month, could I then use the "Last Logon Time"
in mailboxes for this report?
p.s. the boss wants to know who doesn't yet use the email they've so
generously provided.....
Doug Stelley 
Network Administrator
Olean General Hospital
Get Thawte's New Step-by-Step SSL Guide for MSIIS
Find out how to test, purchase, and install a Thawte Digital Certificate on
your MSIIS web server:

You are currently subscribed to this Discussion List as:
To unsubscribe send a blank email to

Confidentiality Notice: The information contained in this message may be
legally privileged and confidential information intended only for the use of
the individual or entity named above. If the reader of this message is not
the intended recipient, or the employee or agent responsible to deliver it
to the intended recipient, you are hereby notified that any release,
dissemination, distribution, or copying of this communication is strictly
prohibited. If you have received this communication in error please notify
the author immediately by replying to this message and deleting the original
message. Thank you.

Other related posts: