yannickthevenot
IS-IT--Management
hi guys,
i've been called in to work on an exchange server where everybody can access anybody's mailbox.
i finally found where the wrong permissions was set. using ADSIedit i looked at the permissions for 'Configuration\Services\Microsoft Exchange\<Organization>' and found that there was full access for 'authenticated users' and 'everyone'. of course that permission is inherited by every item below.
i removed authenticated users and everyone permissions and thought i was done. however, i discovered few minutes later that users could not send emails anymore (whether from outlook or OWA). emails would stay in outbox (and in drafts for OWA). After i reaplied the full control permissions for authenticated users (at least i got read of everyone successfully), emails started to be delivered again.
during the problem, i noticed event in the logs indicating the microsoft mailbox system attendant could not login to the mailboxes. i double checked that the service is running with local system account.
any idea on what permissions i am missing once i removed all permissions to authenticated users?
i haven't touched all the exchange servers and groups permissions at all.
should i just click on default permissions at that level and see what happens?
thanks,
kind regards,
Yannick
i've been called in to work on an exchange server where everybody can access anybody's mailbox.
i finally found where the wrong permissions was set. using ADSIedit i looked at the permissions for 'Configuration\Services\Microsoft Exchange\<Organization>' and found that there was full access for 'authenticated users' and 'everyone'. of course that permission is inherited by every item below.
i removed authenticated users and everyone permissions and thought i was done. however, i discovered few minutes later that users could not send emails anymore (whether from outlook or OWA). emails would stay in outbox (and in drafts for OWA). After i reaplied the full control permissions for authenticated users (at least i got read of everyone successfully), emails started to be delivered again.
during the problem, i noticed event in the logs indicating the microsoft mailbox system attendant could not login to the mailboxes. i double checked that the service is running with local system account.
any idea on what permissions i am missing once i removed all permissions to authenticated users?
i haven't touched all the exchange servers and groups permissions at all.
should i just click on default permissions at that level and see what happens?
thanks,
kind regards,
Yannick
