Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Exchange 2000 Outlook 2000 Security issues 1

Status
Not open for further replies.
bshaw

bshaw

IS-IT--Management
Apr 26, 2001
11
US
I know I have done this before in older versions but I can't get the security + permissions to work correctly. I have setup people as delegates and then given that delegate access to the primary persons folders. ie calendar. That works great. The delegate can see and add anything to any of the folders. But when I try to set the permissions to none on email folder or none on any of the folders. It doesn't stop them. They can still see everything. The settings refferred to above are in Outlook 2000. I have also looked for settings in the Exchange system manager, Active Directory Users and computers, and the active directory users and computers in the exchange folder. Any suggestions would be great. I have a few people who are kind of upset becuase i can't shut down access. Thanks
 
Sort by date Sort by votes
Go into ADUC and the properties of the user in question and on the security tab check who has "receive as" permissions for the user. You also want to check on the exchange advanced tab then mailbox rights button. Check who has Full mailbox access. those should be the two places to check to find out why people are still able to open up email folders.

Sean
 
Upvote 0 Downvote
So If I don't want them to be able to see the primary persons email i need to uncheck recieve as? And uncheck full mailbox access? I checked on both of those and neither were checked. Also shouldn't I be able to give them access to just contacts and restrict all others ie email or calendar? Thanks for the post
 
Upvote 0 Downvote
If you are looking at the properties of the user account that you do not want people to have access to email folders on (for example the boss) and the users(secretary, assistant....) do not have the "receive as" or "full mailbox access" permission, then you need to make sure the (secretary, assistant .....) do not belong to a group which has these permissions for the bosses account. i believe the default permissions are to deny access to anybody else's mailbox. So if they can access the mailbox's then the default permissions have been changed and you'll need to track down where they are being granted the permission from. Another option you might use is to just go ahead and deny them the "receive as" and "full mailbox access" permission, that would stop them from being able to view emails but that would probably not be as clean as tracking down where they are getting the permission from.

Sean
 
Upvote 0 Downvote
Thanks for the help Sean. Does the same rule apply to allowing the secretary to see the bosses calendar but not the contacts or tasks in outlook. There seems to be options in Outlook that lists all the different folders and you can pick the level of access you want them to have. ie. read write etc. But no matter which way i set these options it doesn't change the access. ie. the secratary can still see everything of the bosses'.

Thanks again
 
Upvote 0 Downvote
yes the AD permissions will override Delegation permissions. i guess it is not really overriding the permission it just means she is not getting the permission from delegation, she is getting it from AD. If you do not give the secretary permissions through the outlook 2000 delgations and they are able to access the email folders then that means the secretary is getting the permission through AD.
 
Upvote 0 Downvote
I'm sorry to keep asking questions about this. Especially when you've already been so helpful. I looked in AD and can't find settings for allowing or not allowing permision to contacts, calendar, tasks etc. Do you know where they are and or what they are called.

Thanks for all your help
 
Upvote 0 Downvote
That you do through the delegation option in Outlook 2000
 
Upvote 0 Downvote
That is my problem. I have everyhting set the way i want the secretary to have access both on her computer and on my bosses' but she can still see everything. I put none in the access box for all things except calendar. none for email. none for contacts, none for tasks etc. But she can still get to them?
 
Upvote 0 Downvote
Did you check in ADUC if she belongs to a group that has permission to the bosses mailbox? What are all groups and users that are listed in the mailbox rights button for the boss.
 
Upvote 0 Downvote
Thanks Sean, There were a bunch of groups listed in there. I took out the ones she was a member of and it took care of the problem. thanks for all your help
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
1K
DrB0b
DrB0b
PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
1K
PatrickRoggers
PatrickRoggers
microsGuy16
  • Locked
  • Question
Global Address List Names not showing in Outlook OWA 365
Replies
0
Views
2K
microsGuy16
microsGuy16
ComputersUnlimited
  • Locked
  • Question
Migrating to Exchange 2019
Replies
0
Views
1K
ComputersUnlimited
ComputersUnlimited
Brent Fletcher
  • Locked
  • Question
Exchange rule to remove "✉" icon when it appears in a subject title from a supplier
Replies
0
Views
1K
Brent Fletcher
Brent Fletcher

Part and Inventory Search

Sponsor

Back
Top