I have a situation where one of my Notes Administrators is possibly accessing users (including direct supervisors) email accounts. I know a real Notes Administrator by ethical practice wouldn’t do this, but this seems to be the case. I need to find a way to determine all databases that this particular user has accessed going back as far as possible. I know I can see user activity access details by inspecting every database, but realistically this doesn’t scale. I’ve also noticed that this doesn’t go back very far into the past. I need to find a history of unauthorized access that I can have actioned by mgmt. I have VERY limited scripting abilities, and have no ability to bring someone in or get outside help officially in any way. I won’t even be able to purchase any tools without compromising. Suggestions?
Assuming we wrote an agent here, who would run it?They would need authority to read every email file - just the problem you have now.
If you suspect someone of a breach of confidentiality like this, you really need an outside organisation or consultant to come in, set up another server, file copy all the mail files onto it, and analyze the user activity of them
Why copy them off to another server? Because otherwise if the admin guessed what was going on, it’s trivially easy for him to turn off user activity on the dbs that he has been reading
And it has to be file copy as otherwise Notes wipes the User Activity Log
hi ,This tool will give you the ability to get mail sent (into a mailin db if you want) when your admin is reading an mail that not from his mail database.
Hello Tamir,Looks interesting, trying to figure out how to configure it so that it will work. I want it setup so that if user XXX opens any other mail account, the app will send a mail msg to a mailbox with the details.