Microsoft KB Archive/173692

From BetaArchive Wiki
< Microsoft KB Archive
Revision as of 15:37, 18 July 2020 by 3155ffGd (talk | contribs) (importing KB archive)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Knowledge Base

Event 1016 Generated When You Open Mailbox or Schedule of Another User

Article ID: 173692

Article Last Modified on 10/28/2006


  • Microsoft Exchange Server 5.0 Standard Edition
  • Microsoft Exchange Server 5.5 Standard Edition

This article was previously published under Q173692


When you attempt to access another user's mailbox or schedule, Microsoft Exchange generates the following event in the Application Event log:

Event ID: 1016
Source: MSExchangeIS Private
Type: Success Audit
Category: Logons
NT User DOMAIN\username logged on to John Doe mailbox, and is not the primary Windows NT account on this mailbox.

This occurs even if you have permission to access the mailbox, and it occurs regardless of whether your attempt is successful or unsuccessful.


This behavior is by design.

Exchange records Event 1016 in the Event Log regardless of how you set the diagnostics logging level on the Information Store.

The decision to log this error was made with security in mind. It is important that any possible security breach be logged. If this type of logging were suppressed, an actual breach of security would not be logged.

Additional query words: plus client outlook calendar

Keywords: kbprb KB173692