Why would a network tech have sufficient permissions in Exchange to be able
to open another users mailbox? Sounds like you have a fundamental security
configuration issue with your network.
> -Original Message-
> From: David Fortuna [mailto:[EMAIL PROTECTED]]
> Sent: Monday, April 08, 20
o: Exchange Discussions
> Subject: RE: Monitoring access
>
> If I remember correctly, you can set the SECURITY event log to record what
> account deleted the Application and System event logs. Unless the account
> has the proper permissions (like full local admin), he can
Either remove his access completely - let him get suspicious or make sure
that it is an offence to remove log files without storing them first (as an
EVT file - NOT csv)
Tris
-
Tristan Gayford
Deputy Systems & Network Manager
Cranfield University at Si
ng is wrong in my doing; it is a path
leading to success and truth. --Bruce Lee
-Original Message-
From: Dillon, Jeff [mailto:[EMAIL PROTECTED]]
Sent: Monday, April 08, 2002 10:04 AM
To: Exchange Discussions
Subject: RE: Monitoring access
You need two levels of admin password...a master tha
Create a batch that will run a constant loop checking the size of the log on
the REMOTE Exchange server (run the batch from your desktop if you can - or
some other system he has no access to or is not aware of). If the log file
grows in size - copy it to your machine - if it shrinks - end the loo
You need two levels of admin password...a master that you hold, and personal
admin equivs for the jerks. LET HIM GET SUSPICIOUS because he might stop at
that point.
-Original Message-
From: David Fortuna [mailto:[EMAIL PROTECTED]]
Sent: Monday, April 08, 2002 10:02 AM
To: Exchange Discus
6 matches
Mail list logo