Quote:
Originally Posted by jkbusinessedge
here is what we have found;
Alternatively, we recommend that you do not use accounts that are members of protected groups for e-mail purposes. If you must have the rights that are given to a protected group, we recommend that you have two Active Directory user accounts. These Active Directory accounts include one user account that is added to a protected group, and one user account that is used for e-mail purposes and at all other times.
|
Yeah we've had that talk in various threads, in terms of security what they say is correct.
For my organization however we are small enough that I didn't have an issue just running the dsacls command, however depending on the size of your org, and the folks involves security might be an issue.
You'll have to figure that one out.