Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can I remove the "File>open other user>INBOX" option? 1

Status
Not open for further replies.
MikeCoyle

MikeCoyle

IS-IT--Management
Jun 12, 2002
38
GB
I may be missing something obvious...
2 exchange 2K servers (on diff domains)
One allows everyone access via outlook funcionality to each others inbox, the other doesn't..
I wan't to remove the funcionality and lock it down but I can't see anything obvious in either my AD / security policy or exchange policy that is allowing the users the access to each others inbox...
On each server in the exchange advanced / mailbox rights -
they BOTH have the following users -
Administrator
"actual user name"
Domain admins
Enterprise admins
Exchange Domain..
Exchange servers..
SELF
EVERYONE
It's the 'everyone' part I'm not sure of, but if it's listed on the users on the other server why are they blocked and the other isn't?

Thanks again..
 
Sort by date Sort by votes
The 'EVRYONE' has full permissions from an inherited policy.
But then again, so does the server that doesn't allow other users access to open each others inbox's..

Any idea's?
 
Upvote 0 Downvote
I think what you are seeing here is a miss aplication of the security settings in the ESM.

On you insecure exchange server, change or add the following reg key to show the security page in properties.

Start Registry Editor (Regedt32.exe).
Locate the following key in the registry:
HKEY_CURRENT_USER\Software\Microsoft\Exchange\ExAdmin

On the Edit menu, click Add Value, and then add the following registry value:
Value Name: ShowSecurityPage
Data Type: REG_DWORD
Value: 1

Quit Registry Editor.


Now go into the esm and drill down to the server level. Right click the server and select the security tab.

Now normally if you wanted to add a user so that they can see everyones mailbox, you would add them here and make sure that any groups they are a member of does not have the deny rights to send as and receive as.

From here you should be able to check the differences between your two boxes.

Chris Styles

NT4/2000 MCSE
 
Upvote 0 Downvote
Thanks Chris - Great pointer, it was indeed the everyone and authenticated user accounts had 'extra' permissions ticked at this level...
Cleared and closed.
(PS Guess at some point another admin decided they wanted people to have access to each others mailbox's)
Many thanks.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Brent Fletcher
  • Locked
  • Question
Exchange rule to remove "✉" icon when it appears in a subject title from a supplier
Replies
0
Views
3K
Brent Fletcher
Brent Fletcher
PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
3K
PatrickRoggers
PatrickRoggers
DrB0b
  • Locked
  • Question
Moved to 365 in cloud, cannot get iPhones default mail app to connect
Replies
2
Views
3K
Priyanka_Chauhan
Priyanka_Chauhan
T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
3K
DrB0b
DrB0b
IcarusHallsorts
  • Locked
  • Question
VBA to create output file of headers of selected emails
Replies
0
Views
3K
IcarusHallsorts
IcarusHallsorts

Part and Inventory Search

Sponsor

Back
Top