RE: Deleted items

Hi Eric,

Thanks for posting here.

From your post, I understand that you want to know how to check who is
deleting items from your company calendar in the public folders directory.
If I am off base, please feel free to let me know.

Based on my extensive research, I'm afraid that there is not a built-in
feature in Exchange server side or Outlook client side which allows us to
track who deleted items in a public folder. Your understanding is
appreciated!

Regarding the current situation, you can use the following methods to as a
workaround:

Method 1:
-----------
We can grant users with different Client Permissions on certain public
folders to restrict users from deleting items, and this is the recommended
method and easy to follow. To do this:

1. Start Exchange System Manager (ESM) on Exchange Server.

2. Expand the appropriate Administrative Groups -> Folders, locate the
public folder you want to set permissions on and open its Properties.

3. On the Permissions tab, click Client Permissions.

4. Change the permissions for Default group: for example, Reviewer, so all
users cannot delete items. You can then add others who you allow to
edit/remove items in this public folder.

5. Click OK to apply the changes.

6. We can then implement the following steps to propagate permissions to
this folder's sub-folders if you are using Exchange 2003 with SP2 (if it is
before SP2, Right click the parent folder -> All Tasks -> Propagate
Settings -> Folder rights):

(1) In ESM, right click the parent public folder -> All Tasks -> Manage
Settings -> Next.
(2) Select "Overwrite settings" and click Next.
(3) Select "Folder rights" and click Next. And this opens the wizard
completion page. Click Finish.
(4) Wait until the client permissions settings are propagated to all
sub-folders.

For additional information about public folder permissions, you can refer
to the following Microsoft online articles:

Managing Mailbox Stores and Public Folder Stores -> Working with
Permissions for Public Folders and Mailboxes
http://www.microsoft.com/technet/prodtechnol/exchange/guides/E2k3AdminGuide/
b63222ab-3fa1-447f-b71e-5775c5d78cbc.mspx?mfr=true

Method 2:
-----------
Another workaround is to enable Public Folder store auditing using the
steps as below. However, please understand that there will be many Security
event logs appeared and we may be unable to efficiently identify the
detailed information about who and when updates the Public Folder.

1. Configure Audit Settings on the Exchange Server. If it is a Domain
Controller, please configure this setting in Default Domain Controller
Security Policy:

(1) Click Start-> Run -> Input "gpedit.msc" and press Enter.
(2) Locate Computer Configuration -> Windows Settings -> Security Settings
-> Local Policies -> Audit Policy.
(3) In the right pane, double click "Audit Object Access" and configure it
to monitor both Success and Failure.
(4) Execute the following command to refresh policy:

For Windows 2000:
secedit /refreshpolicy machine_policy

For Windows Server 2003:
Gpupdate

2. Configure Audit Settings in Exchange System Manager, so that the Public
Folder Store will be audited:

(1) In Exchange System Manager, right click the Public Folder Store, and
click Properties.
(2) Click Security-> Advanced-> Auditing.
(3) Add Everyone group into Auditing, and select "Full Control" for both
"Successful" and "Failed".
(4) Click OK buttons to accept the changes.

Method 3:
-----------
In the meantime, I have helped you research this topic over the Internet,
and found that there are some third-party solutions that may help you
achieve this goal. For your convenience, I listed a web site below:

Microsoft Exchange Server Usage, Reporting, and Analysis Tools
http://www.slipstick.com/exs/reporting.htm

Note: The third-party contact information included in this article is
provided to help you find the technical support you need. This contact
information is subject to change without notice. Microsoft in no way
guarantees the accuracy of this third-party contact information.

I hope the information above is helpful. If you have any further questions
or concerns, feel free to let me know. I'm happy to be of assistance and
looking forward to your reply.

Have a good day.

Best Regards,

Steven Zhu
MCSE
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
======================================================
PLEASE NOTE the newsgroup SECURE CODE and PASSWORD were
updated on February 14, 2006.? Please complete a re-registration process
by entering the secure code mmpng06 when prompted. Once you have
entered the secure code mmpng06, you will be able to update your profile
and access the partner newsgroups.
======================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
======================================================







.