Pages

Monday, November 14, 2016

User Still has Access of Mailbox after Disabling the Account or Changing the Password

Hello readers, I am going to discuss an Exchange problem "User still have access of mailbox after disabling the account or changing the password" in this article. As you know that at present every organization depends on email and its associated services to carry out smooth and effective communication. Every user or employee is provided unique and confidential email credentials for secure access. However, the admin always has rights to monitor account activity or change passwords. Similarly, Outlook users accounts are configured with Exchange Server, which keeps track of all Outlook accounts. Recently, an issue has been reported by administrators that the user still has access of mailbox after disabling the account or changing the password. It is a major issue as the password is the only way to authenticate the account. In this section, we will discuss the probable reasons behind this issue and how to resolve this access related issue in the simplest manner.
User Still has Access of Mailbox after Disabling the Account or Changing the Password

Major Issue Faced By the Users After Changing Password

A number of users face daily challenges due to this Exchange error, which creates a lot of trouble. It has mostly affected the admin of organizations, who cannot afford to let the employee login to official account even after disabling the account. Consider the following statement quoted by the Exchange Server administrators:
"Being a Network administrator, I was once asked by my boss to disable the account of an employee as he was leaving the organization. I did so by performing the complete process to delete his account. But, a few hours later we got to observe that huge amount of emails have been sent through his id after we had disabled his account. It was next to impossible at the first sight as I had myself disabled the account. But, it was the reality that the employee was still able to access his Outlook account even after disabling it from the server. Thus, it acted as the biggest trouble for our organization as an outsider was able to access company’s account and may harm the organization by leaking or manipulating the confidential information."
Similarly, many administrators have reported that even after changing the password of employee’s account from the server end, the users still login and access the accounts. Thus, we can observe that this kind of issue is like a nightmare for the organization in terms of their security, privacy policy. No one can tolerate such kinds of errors that can cause harm to the organization.

Reason Behind Mailbox Access Issue

The most probable reason behind this issue is Active Directory synchronization. When an account is disabled from the active directory, it takes about almost 8-10 hours for the EAS devices to recognize the changes done within the server. So, when the user tries to login from the same device during the same duration, the account can be accessed easily.
So, it poses to be a threat for the administrator or organizations to work with active directory features.

How to Resolve Exchange Mailbox Issue?

Since it is the major priority issue for the administrators, an efficient and fastest approach is the demand of every admin so that the accounts can be permanently banned access. It can be performed by making specific changes to the registry settings in the following steps:
  1. Open Registry Editor(Regedt32.exe) on the server from which the user gains access to the profile.
  2. Search for key in the registry settings:
  3. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\InetInfo\Parameters
  4. Browse Edit Menu >> Add Value, and make the following changes:
    • Value Name: UserTokenTTL(Case Sensitive)
    • Data Type: REG_DWORD
    • Value Range: 0-0x7FFFFFFF
  5. Exit the registry settings window and restart the server.
Thus, whenever a user makes a request to login, the server authenticates the login with the help of tokens. As the token will not validate with the existing token, the attempt to login will be failed.

Conclusion

Since authentication is the basic key to security for every organization, one cannot afford insecure login attempts. However, Exchange Server still poses some error, where the user still has access of mailbox after disabling the account or changing the password. To help out the administrators in maintaining restricted access, a simplified approach has been discussed in this article.

0 comments:

Post a Comment

Post a reply