I believe you could use the IIS log's for info as to accessing and maybe a combination with your NT evernt log's
But I suspect you will not be able to "prove" it is this person...unless maybe you could get cooperation with the ISP you suspect the person is coming from. In other words there's really no way of knowing..for sure....who is accessing the said account. like if you gave someone your ID and password then the system would think and show it as you...and then all you would really have to go on is the IP of the connecting terminal...now with the IP you could tell from which ISP..but then that's about it.. -----Original Message----- From: Cooke, Brian [mailto:[EMAIL PROTECTED]] Sent: Monday, July 15, 2002 10:02 AM To: Exchange Discussions Subject: Tracking OWA Logons Hi All, We are running exchange 5.5 SP1 with Win NT. We are having a problem with an ex-employee trying to access one of our users account. Well let me rephrase, we think it's one of out former employees but we have no way of proving it. Is there any way that we can track from where people are trying to access OWA? Is there anything that OWA can do to log this? Or will we need to pick up a third party software utility to see if we can log the fact that he is attempting to gain access. Thanks in advance for all your help. Thanks, Brian _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
