locked
Active Directory Usesr and Computers RRS feed

  • Question

  • Can you check mailbox and public folders permissions/access control lists in active directory users and computers? If so how?

    Or is there a more appropriate tool? I cant run powershell scripts which seem to be the alternative solution?

    We use exchange 2003

    Tuesday, May 10, 2011 12:20 PM

Answers

  • No, as long as it's internal use for your company.

    Sukh

    • Marked as answer by cf090 Wednesday, May 11, 2011 2:38 PM
    Wednesday, May 11, 2011 2:29 PM

All replies

  • Just mentioned in the other post.

    For Exchange 2003, you can use ADUC to check permission for user mailboxes.

    For PF, as mentioned before.

    For 3rd party tools, you can use Quest, Message Stats which will cost.

    You can create a script to query AD but this probably isn;t the best forum to do that in. Maybe the scripting formum may be able to help you here.

    Sukh

    Tuesday, May 10, 2011 1:25 PM
  • For Exchange 2003, you can use ADUC to check permission for user mailboxes.

    Can you show me how to do this in ADUC - can it be done on bulk or just one mailbox at a time?

     Any ADUC screenshots you could show would help me...

    Wednesday, May 11, 2011 1:13 PM
  • If browing via ADUC then you have to do it one at a time

    1. Start ADCU>select a user>go to properties of the user>select the Exchange advacnced tab>select mailbox rights

    This will show you user/groups who have fullmailbox access.

    2. If you dont see the tabs mentioned above, you will have to install the Exchange management tools.

    3. Try using ADUC on the exhange server first, more likely to have this installed there with ADUC.

    Sukh

    Wednesday, May 11, 2011 1:35 PM
  • If browing via ADUC then you have to do it one at a time

    1. Start ADCU>select a user>go to properties of the user>select the Exchange advacnced tab>select mailbox rights

    This will show you user/groups who have fullmailbox access.

    2. If you dont see the tabs mentioned above, you will have to install the Exchange management tools.

    3. Try using ADUC on the exhange server first, more likely to have this installed there with ADUC.

    Sukh


    I dont see the "exchange advanced tab", can you install exchange management tools on any PC?
    Wednesday, May 11, 2011 1:41 PM
  • 1. The advanced tab is not their by default, you need to click "View" and select Advanced Features in ADUC.  If it's still not their afterwards. Then make sure the admin tools (which sounds like they are installed) are installed.

    2. Also, install the Exchange management tools. http://technet.microsoft.com/en-us/library/bb123850(EXCHG.65).aspx

    Sukh

    Wednesday, May 11, 2011 1:49 PM
  • 1. The advanced tab is not their by default, you need to click "View" and select Advanced Features in ADUC.  If it's still not their afterwards. Then make sure the admin tools (which sounds like they are installed) are installed.

    2. Also, install the Exchange management tools. http://technet.microsoft.com/en-us/library/bb123850(EXCHG.65).aspx

    Sukh


    Advanced features was checked. I dont have access to the exchange server so need to run ADUC from my machine. I only have domain user rights. Will I still be able to see the mailbox permissions in ADUC once exchange management tools is installed on my  machine?
    Wednesday, May 11, 2011 1:54 PM
  • You will need Exchange View Only Administrator Rights.

    Sukh

    Wednesday, May 11, 2011 2:06 PM
  • You will need Exchange View Only Administrator Rights.

    Sukh


    Have you a link on how to create such rights that I can send to our exchange admin for approval?

    Thanks again

    Wednesday, May 11, 2011 2:10 PM
  • Your Exch admin will know this.

    http://technet.microsoft.com/en-us/library/bb123667(EXCHG.65).aspx

    http://technet.microsoft.com/en-us/library/aa995775(EXCHG.65).aspx

    http://support.microsoft.com/kb/823018

    Sukh


    And there are absolutely no liscence issues with installing this exchange management tools on my machine, or as many machines as we chose?
    Wednesday, May 11, 2011 2:24 PM
  • No, as long as it's internal use for your company.

    Sukh

    • Marked as answer by cf090 Wednesday, May 11, 2011 2:38 PM
    Wednesday, May 11, 2011 2:29 PM