Exchange 2007 Change Permission Logging
Hello,Is it possible to log when some user (Exchange Admin) change permission for AD object (add-adpermission) or Mailbox object (add-mailboxpermission)?ThanksJan
February 24th, 2010 1:48pm

Would the Start-Transcript cmdlet be of any help here?http://www.pro-exchange.eu/modules.php?$1&name=News&file=article&sid=831It's not an automatic logging tool for all Admins however.Oliver Moazzezi | Exchange MVP, MCSA:M, MCTS:Exchange 2010, BA (Hons) Anim | http://www.exchange2007.com | http://www.exchange2010.com | http://www.cobweb.com |
Free Windows Admin Tool Kit Click here and download it now
February 24th, 2010 8:30pm

Hi, Yes if your admins use EMS then u can automate this Start-Transcript Logging. This way each and every thing will be logged to the file which you specify in Start-Transcript command. I have put Start-Transcript -path "C:\\Logs\PSLogs.txt" -append in Exchange.ps1 which exists at "C:\Program Files\Microsoft\Exchange Server\Bin" This is the script file which EMS use to initialize itself. So whenever I open EMS, logging is started automatically because of Start-Transcript command in Exchange.ps1. You can put this command at the end of function get-tip in Exchange.ps1. Note: do copy the Exchange.ps1 before modification, in case a backup needed later. Regards, Laeeq Qazi|Team Lead(Exchange + Sharepoint + BES + DynamicsCRM) www.HostingController.com
February 24th, 2010 9:41pm

Thank you very much, I will test it.But there is another weak point when Domain Admin change AD permission for Send As and Receive As:-(Or what about Exchange Management Console? How to log these steps done via Exchange Console?Transcipt is great function, but only for EMS.Thanks a lot!Jan
Free Windows Admin Tool Kit Click here and download it now
February 25th, 2010 10:23am

So far as I know, Start-Transcript can be the only way to do the job. In Exchange 2010, there is a new feature called administrator audit logging to meet the goal: http://technet.microsoft.com/en-us/library/dd335052.aspx Thanks, Elvis
March 1st, 2010 10:08am

Hello and Thank you. This way is not convenient for me. When admin runs powershell console on PC I cannot audit these events.I have got this whitepaper:http://technet.microsoft.com/en-us/library/ee331009(EXCHG.80).aspxI hope this helps me:-)ThanksJan
Free Windows Admin Tool Kit Click here and download it now
March 1st, 2010 2:42pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics