Hi all, recently had a situation where an employee was dismissed and asked to
leave on the spot. I was aware of this, and changed the password of the
account, and then disabled the account. On their way out, this person passed
their workstation, logged onto their pc WITH their old password, and then
sucessfully sent out an email to someone. I would have thought that because
the password was changed, the exchange server should not let it send as
authentication should not occur.
Can someone please explain to me why this user was a)denied logon access to
their pc, and b) why they could still send an email out.
Also - what are best practices surrounding this? What do others do in this