<another lurker> Are you kidding? That employee (assuming he didn't do anything nasty with the guessed passwds) did you a big favor by exposing the weak passwords before the really bad boys got them.
On 11/13/2014 02:24 PM, Gordon Pegue wrote:
<lurker response> Wouldn’t a more effective solution be to: 1.Terminate the employee who “guessed” the pwds 2.Institute a password change for all OWA users immediately requiring a strong pwd Seems to me that turning off OWA is a business-line decision in this case, not an IT decision Gordon *From:*[email protected] [mailto:[email protected]] *On Behalf Of *Stefan Jafs *Sent:* Thursday, November 13, 2014 12:14 PM *To:* [email protected] *Subject:* [NTSysADM] OWA and Exchange 2007 We had a security breach where an employee have guessed about 20 peoples passwords and ben able to access their e-mail with OWA. Since most people use company Laptops and / or Surfaces to access their e-mails while on the road using RPC / HTTP with Outlook we are thinking about disable OWA for all but a few users, will that break anything else? Did some Googling and looks like it may be a problem in Exchange 2013 but we are still on 2007. __________________________________ *Stefan Jafs***
