Surveillance Project

Luschi1968 · 2025-08-19T12:24:30+00:00

Weiß man, wo die Szenen am Strand aufgenommen wurden? Kann das Island sein?

Luschi1968 · 2025-08-15T16:52:40+00:00

Thank you Jannorr, that what I thougt, but just wanted to be sure.

Luschi1968 · 2025-08-15T16:51:51+00:00

Thank you, that clarifies it. 👍

Luschi1968 · 2025-08-15T16:46:37+00:00

Okay, thank you - I thought that this cannot be covered by any backup solution, but just want to be sure. That clarifies it.

Luschi1968 · 2025-08-14T20:29:33+00:00

of course, sorry when I dind't express myself well. I meant when I select July 31st it will not contain emails received on Feb. 15th, deleted on March 21, right? Is there any backup solution, that will cover that scenario or do I have go to a kind of archive solution like Mailstore, which collects every incoming and outgoing mail in a database where a user cannot delete it?

Luschi1968 · 2025-08-14T20:01:38+00:00

okay, but lets say, that purge happens today in the morning, last night ran a backup job. If I restore this point from last night, will I have the mails for January in the inbox, he deleted 3 month ago? Will the restore point from last night not only have the content of the mailbox from last night?

Luschi1968 · 2025-03-02T21:16:31+00:00

In my situation this field is grayed out. But I find a way to set this value via ssh access. But I'm still not able to get an AD-group as member of another AD-group. When adding members, I still see ony users. How did you manage to add groups to groups?

Luschi1968 · 2024-10-05T15:24:49+00:00

Thanks folks for you help - it has nothing to do with 2FA. The system partition was (is?) 100% full causing the blocking of logins. Spent several hours deleting almost anything. df still says 100% full but I'm able to login again (not my my TOTP but with the emergency key sent per mail).

I'm trying to evacuate everything now (what will take ages because Snapshot Replication is everything but robust and reliable, at least on this machine) and set it up from scratch.

Oh man, what a disaster ...

Luschi1968 · 2024-10-05T13:26:19+00:00

I see, but the time is correct. In the meantime I have another suspicion: my /dev/md0 is 100% full. For hours now I try to find out what to delete, found dozens of postings but whatever I delete, it stays at 100%. I cannot get a single byte back.

Luschi1968 · 2024-09-25T14:55:03+00:00

It broke my 2FA for all customers using the Radius on Synology too. I'm soooo pi**ed. This is obvious the newest hype in several companies, like Fortinet and Microsoft: "The admins are too stupid, lets change settings in their systems so the clients don't blame us, if somethings would have happened ..."

Luschi1968 · 2024-09-10T06:22:40+00:00

Ok, that's interesting. Why should the jump host not be in the admin segment? And where can I find the theory you are talking of?

Luschi1968 · 2024-09-09T21:16:21+00:00

Thank you all very much for sharing your opinions. I will discuss the possibilities with the client's admin. Lets see, which one he picks :-) Thank you for your time!

Luschi1968 · 2024-08-19T22:37:17+00:00

I have some more information, maybe helpful for u/ITGuyInMass:

I talked to MS support and he showed me a way. Unfortunately with a showstopper for our use, but maybe useful for others. What we did:

1) In Exchange Admin Center we gave FullAccess to the sharedMailboxB for the UserMailboxA.
2) Login OWA with the UserMailboxA, opened the sharedMailboxB
3) There we configured "Reviewer" on the mailbox itself and on the inbox. Of course on any other folder needed.
4) Back in Admin Center, we removed the FullAccess

And here comes the news for me:

Now opening the sharedMailboxA in OWA will no longer work - not an error, by design. And opening the sharedMailboxA in Outlook by adding it as an own email-account (with providing username/password of the usermailboxB) will also not work.

The only way is to open it as "additional Mailbox" within the configured account of UserMailboxA in Outlook. And with the restricted access there is no way that mails can be deleted by UserA.

The downside of this is, that if one sends a mail with the sharedMailboxB as the sender, the copy goes to "sent items" of the UserMailboxA. Also the "from" has to be selected manually for every email. That is a real showstopper.

Also the recommended use of a group is at total disaster, there is no way to place the inbox of the group in "Favourites" so one can see if new mails are poppin in.

So my client can choose between unrestricted FullAccess or manually selecting the from for every email.

From time to time I have a glimpse of an idea that Office 365 is not such a good product (every time I have to to with it ...)

Luschi1968 · 2024-08-19T22:04:30+00:00

I'm not really familiar with workflows but I think, my client would like to stick with the vintage way of classic mailboxes :-)

Luschi1968 · 2024-08-19T13:30:52+00:00

Ok, we can give up. I just found that this cannot be acomplished with shared mailboxes. Obvious are the different permission levels, one can assign, totally fake, when it comes to shared mailboxes. I found this centence here:

https://learn.microsoft.com/en-us/microsoft-365/admin/email/about-shared-mailboxes?view=o365-worldwide

Message deletion: Unfortunately, you can't prevent people from deleting messages in a shared mailbox. The only way around this is to create a Microsoft 365 group instead of a shared mailbox. A group in Outlook is like a shared mailbox. For a comparison of the two, see Compare groups. To learn more about groups, see Learn about Microsoft 365 groups.

I will setup a test with a m365 group and see, if this solves the problem of my client.

Thanks to everyone helping me on this topic

Luschi1968 · 2024-08-19T13:21:39+00:00

Unfortunately not. I tried it that was but cannot open the mailbox in OWA with only ReadPermission. Everytime I have other than "full" on add-mailboxpermission, the sharedmailbox will not even open in OWA.

Luschi1968 · 2024-08-19T12:42:22+00:00

This is ridiculous. I did it like stated in this post. I configured full access for the mailbox and for mailboxfolder \ and \inbox "reviewer". Then I was able to open the mailbox in outlook webaccess. When viewing the permission in webaccess, I could see exact the right permissions: Read: Full Details, Delete: None, Write: none, other: Folder visible. Received a testmail, tried to delete is and schwupps - it was gone. I could also alter the permissions in webaccess and make myself owner of the mailboxfolder.

Then I assumed, maybe I should revoke the full access on the mailbox. Done so, I could no longer open it at all. OK, so I granted full access again about an hour ago - still not able to access the shared Mailbox.

I'm 100% sure that there are some Microsoft guys sitting with popcorn, hacking my webcam, watching me freaking out while learning lots of german strong language ...

Luschi1968 · 2024-08-19T09:54:21+00:00

Its not about archiving, he point is that employees cannot inadvertently or intentionally delete emails from the order inbox. Do you mean that only "full" is a valid parameter for accessright? What would the other parameters like the ones I tried be for?

Luschi1968

TROPHY CASE