Re: Message Tracking Permissions in Exchange 2000
From: Paulo (pt_at_jijk.com)
Date: 09/01/04
- Next message: Rod: "Re: Email filter and copy"
- Previous message: Venketash \(Pat\) Ramadass: "Re: Sending from different domain's email address"
- Next in thread: Rich Matheisen [MVP]: "Re: Message Tracking Permissions in Exchange 2000"
- Reply: Rich Matheisen [MVP]: "Re: Message Tracking Permissions in Exchange 2000"
- Messages sorted by: [ date ] [ thread ]
Date: 1 Sep 2004 05:26:49 -0700
Thanks for that Rich but I'm afraid you are incorrect! You definitely
appear to need View Only Admin rights delegated at the Site level to
track messages in a site. As I mentioned in my original email, the
tracking logs permissions alone are not enough and ours are all
correctly assigned anyway. Granting the View Only Admin right is the
only way I can find to do this.
"Rich Matheisen [MVP]" <richnews@rmcons.com.NOSPAM.COM> wrote in message news:<6bt1j0do3hg7bpahe72tpucf7lc1406qvg@4ax.com>...
> pt@jijk.com (Paulo) wrote:
>
> >We have a large multi-site Exchange 2000 environment that has been
> >migrated froma Exchange 5.5. In the 5.5 days an administrator with
> >rights only to his local site was able to track a message across sites
> >- i.e. no special permissions were needed in a remote site to track a
> >message through it beyond read access to the tracking logs. In
> >Exchange 2000 however this does not appear to be the case.
> >
> >Someone with Administrator rights on Site A cannot track a message
> >beyond the boundaries of that site (and into Site B) unless they have
> >Administrative permissions on Site B also.
>
> I don;t think administrative rights are nneded. What's necessary is
> permission to read from the share.
>
> Exchange 5.5 left the tracking logs open to anyone that wanted to read
> them. This was a problem when it came to ensuring privacy, especially
> if you log the message subject in Exchange 2000.
>
> >This is something of a pain! I want my localised administrators to be
> >able to manage only the servers in their own site but at the same time
> >be able to track messages as they flow into any site in the org.
>
> Then make sure the share has the necessary permissions.
>
> >But I
> >do not want to give them admin permissions on these remote sites
> >(again they do have share access to, and read permissions on, the
> >tracking logs).
>
> Put the Exchange admins into a group and give the group the right to
> read the information in the shared directory.
>
> >Looking at ESM, the non-local administrators do have basic read
> >permissions assigned to them on the Site object but that does not
> >appear sufficient.
>
> This isn't a problem with rights to read the information in the AD,
> it's a file system permission thing. :)
- Next message: Rod: "Re: Email filter and copy"
- Previous message: Venketash \(Pat\) Ramadass: "Re: Sending from different domain's email address"
- Next in thread: Rich Matheisen [MVP]: "Re: Message Tracking Permissions in Exchange 2000"
- Reply: Rich Matheisen [MVP]: "Re: Message Tracking Permissions in Exchange 2000"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
