Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Outlook Users can open each others E-mail. not able to disable!

Status
Not open for further replies.
Flinx

Flinx

IS-IT--Management
Jul 2, 2001
55
US
My client has Exchange 5.5 sp3 on an NT4 sp5 machine.
Any user can open any other users email.
Is there any way to disable this without setting permissions on each person outlook.
BTW this seems to be the default setting for any user created.
My client would like to disable this and go back to enabling it on a user by user basis.
The previous System manager set it up this way but no one there knows how.
So far we have not been able to fix it.

Thank you.
 
Sort by date Sort by votes
Check in Exchange Admin. Check the permissions of the organisation, site and server and ensure each one is only set for administrator and backup account.
 
Upvote 0 Downvote
Did the previous system manager set the permissions up on each individual mailbox?

If so, then you'll have to change each individual mailbox back to how it should be (unless anybody knows of a funky utility to blanket-bomb mailbox permissions in exchange?).

If not, then as zelandakh says, you probably have 'everyone' listed as an administrator in Exchange Admin (scary!).
 
Upvote 0 Downvote
ok in the typical users Permissions they have:
Windows NT account with permissions
account Role
domain\username user

Windows NT accounts with inherited Permissions
BUILTIN\Administrators Admin. Recipients container
BUILTIN\USERS User Recipients Container
DOMAIN\Administrator Permissions admin Site Domain
DOMAIN\DBAGENT Permissions admin Site Domain
DOMAIN\Domain admins Permissions admin Recipients container
DOMAIN\Domain users User Recipients Container
DOMAIN\Exchange Service account admin Site Domain

I believe that somehow users get access because of an inheritance but so far cannot track down where.
 
Upvote 0 Downvote
On one of the containers (org, site or server) find which one has the users and the domain users and remove BOTH.

To be thorough remove all except administrator, exchange service and dbagent on all containers.

This will cure your problem.
 
Upvote 0 Downvote
None of the containers (org, site or server) has users or domain users in it. The problem is the user manager for domains is a morass of groups that I'm probably going to have to slog through and find the inherited permission

Does the user DBAGENT or EXCHANGE need ADMIN rights to anything in exchange?
 
Upvote 0 Downvote
Both dbagent and Exchange admin needs full access to the containers. i.e. admin rights in Exchange but not NT.

From the list you posted above, it is an exchange permissions issue not NT if that is any help.

Sounds like you need to be good at untangling knots - I could quote you my hourly rate... :)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
2K
DrB0b
DrB0b
microsGuy16
  • Locked
  • Question
Global Address List Names not showing in Outlook OWA 365
Replies
0
Views
3K
microsGuy16
microsGuy16
DrB0b
  • Locked
  • Question
Moved to 365 in cloud, cannot get iPhones default mail app to connect
Replies
2
Views
2K
Priyanka_Chauhan
Priyanka_Chauhan
PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
3K
PatrickRoggers
PatrickRoggers
ComputersUnlimited
  • Locked
  • Question
Migrating to Exchange 2019
Replies
0
Views
2K
ComputersUnlimited
ComputersUnlimited

Part and Inventory Search

Sponsor

Back
Top