Re: Just want a mailbox :O(

Thanks Kirill

You have a point here of course, but the fact that the logon is possible
after all is a security issue on itself.
The same 'problem' arises with mailboxes that are solely setup for resource
(rooms, portables) reservation purposes.
It's not that a big deal, I was just looking for an simple way to setup a
mailbox without a 'live' user account.
Disabling the account does not help since POP3 logons fail then.

Regards and by the way thanks for the enormous pile of tips you provided
here over the years :o)
Rudy Steyaert

"Kirill Palagin" <kpalagin@xxxxxxxxxxxxxxxxx> wrote in message
news:uWVP1O7NGHA.456@xxxxxxxxxxxxxxxxxxxxxxx
Proper permission assignment is the way to avoid dirty tricks. Make sure
that access control lists for resources on your network do not include
"Domain Users", but only less wide groups. And make sure that your POPers
are not in those groups.
Alternatively, get Windows Server 2003 web edition and use it for cheap
POP3 hosting.

Rudy Steyaert wrote:
Exchange server 2003 in active directory domain on windows server 2003.

I want to create some mailboxes for POP3 users only.
But, to have a mailbox, I have to create user accounts in active
directory.
Now, I would like to prevent that these users can effectively logon to a
computer in the domain (I must communicate them the account and password,
so they can effectively logon to a computer with them).

The only thing I can think off is adding a non existing computername in
the 'Log On to' - list for the account.
But, first, I'm not sure this won't prevent to logon through POP3 also
and two, I don't like that kind of 'dirty' tricks really :O)

Thanks for any ideas.
Regards
Rudy Steyaert


.

Relevant Pages

  • Works on Server... not on Client
    ... creates mailboxes in an Exchange 5.5 and AD environment. ... At this point it doesn't matter what user account I enter, the logon dialog ... granting access rights to the resource to the ASP.NET request identity. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • [EC-SA-01.2003] Windows XP "welcome screen" exposes the names of all the members of the l
    ... logon screen with what is called "Welcome Screen". ... (including the original administrator account, ... Using the "welcome screen" actually disables / ignores the security ...
    (Bugtraq)
  • Re: ATTN : Microsoft - Security Event 529....Second Request for help....
    ... According to the events, the logon ... failure is from the local machine account. ... disconnected from the network. ... Security Event ID 529 is a failure audit for logon/logoff. ...
    (microsoft.public.windows.server.sbs)
  • Re: Is it really true that NTFS is secure?
    ... > and failure auditing starting with "Audit Account Management," and also try ... > The account Group got put back in the Administrator group again. ... > The logon to account: ...
    (microsoft.public.security)
  • Re: Please help refresh my memory on AD DC
    ... When I boot my Laptop I reach the Logon screeen for XP Laptop and here ... admin account to be able to Login so I can control it from the DC. ... A domain user can by default logon to any domain computer, except Domain controllers. ... A Server has websites already hosted on it in a Workgroup and now I ...
    (microsoft.public.windows.server.active_directory)