SOLVED
Home

Elevation of Exchange admin privilege Alerts

Frequent Contributor

Elevation of Exchange admin privilege Alerts

Does anyone else get these alerts?  From what I have been able to gather thus far, this BOXServiceAccount is used by Microsoft for management of the mailboxes and exchange servers.  What I haven't figured out is whether I should be concerned about these or what it means for our security footprint.

 

A low-severity alert has been triggered

Elevation of Exchange admin privilege

Severity: — Low

Time: 4/10/2018 1:26:11 PM (UTC)

Activity: GrantAdminPermission

User: BOXServiceAccount@namprd05.prod.outlook.com

Details: GrantAdminPermission. This alert is triggered whenever someone in your organization becomes an admin or gets new admin permissions.

3 Replies

Re: Elevation of Exchange admin privilege Alerts

It looks like some server workflow, I'm almost certain we should not be getting such events. Reports it on the UPP network?

Solution

Re: Elevation of Exchange admin privilege Alerts

I opened a support case, and was basically told it was safe to ignore since it is a back-end process. Unfortunately no additional details.

Re: Elevation of Exchange admin privilege Alerts