We have user left the company we need continue to receive e-mails for this user since she was part of our sales team. Our security team wants account not to be used, how we can make everyone happy.
Open ADUC
Locate the account
- Reset the password to anything ( incase if someone enables it at least password is changed), make sure to filter all event logs from Domain controllers
- Disable the account
- Go to Exchange advance
- Mailbox rights
- Locate "Self" and make sure
- Full mailbox permissions and Associated external account is Enabled
- Hide the account from GAL
Now security is happy account is disabled, your boss is happy, account still getting mails sent to this account, direct the mails to someone else if you like.
Do not turn this attribute for enable account you might have weird issues if you do it.
The External Associated Account attribute is only associated with a disabled user account in the Exchange Resource Forest and this disabled User Account is associated with a User Account in the Active Directory Account Forest
Best
Oz Ozugurlu
No comments:
Post a Comment