Exchange 2010, user access logs?

Login-attempts are filed with the normal Windows login attept log, in the Security event-log. I don't believe there is a way to disambiguate Exchange logins from normal Windows logins, but your Client-access servers shouldn't be seeing any plain-windows logins anyway, so it's safe to assume that everything there is Exchange-related.

I don't believe, though may be wrong, that there is a way to audit database-access. That kind of log would get insanely spammy in an organization of any size due to the amount of activity Outlook does just sitting there apparently doing nothing. The default Outlook connection mode is based on a pull model, so Outlook polls the Exchange server periodically (the interval can be tuned, but by default it is pretty short) which would be the kind of thing to get logged.