Forum Discussion

mias's avatar
mias
Level 4
13 years ago

Adding permission to archive by evpm

Hey
Have any of you an idea of how I can grant access to all my archive to a specific AD user  by using a evpm script

  • Firstly, refer to the Utilities Guide for the version of EV you have: 

     

    http://www.symantec.com/docs/DOC2200

     

    Then you need to include the 'ArchivePermissions' section within your script. There are examples in the guide.

2 Replies

  • Firstly, refer to the Utilities Guide for the version of EV you have: 

     

    http://www.symantec.com/docs/DOC2200

     

    Then you need to include the 'ArchivePermissions' section within your script. There are examples in the guide.

  • refer the following document 

    http://www.symantec.com/business/support/index?page=content&id=TECH69114

     

    How to give permissions to an archive using Enterprise Vault Policy Manager (EVPM)
    Details:

    This can be achieved by creating an EVPM script, specifying the particular details and running it against the affected archive.
     
    Modify the script below to match the particular DirectoryComputerName, SiteName and mailbox distinguished name.
     
    Edit the file in Notepad and save in UNICODE format, with an .ini extension.
     
    [Directory]
    DirectoryComputerName=kvsvault
    SiteName=archivesite
    [ArchivePermissions]
    ArchiveName = john doe
    GrantAccess = read write delete, ourdomain\smith
     
    ArchiveName
    Mandatory. Identifies the archive to which the permission settings are applied.
    If there are multiple folders with the same name and you specify a name, Policy Manager modifies only the first one that it finds. In this case, you must use archive IDs to specify the archives.
    Possible values:
    The name of an archive
    An archive ID
    ALL (permissions are applied to all journal, shared, and mailbox archives in the specified vault site)
    ALL_JOURNAL (permissions are applied to all journal archives)
    ALL_SHARED (permissions are applied to all shared archives)
    ALL_MAILBOX (permissions are applied to all mailbox archives)
     
    GrantAccess
    Optional. Grants to the specified Windows accounts the specified access to the archive.
    The new values supplement any existing access rights. You can have many occurrences of GrantAccess within the same [ArchivePermissions] section.
    Possible values:
    A list of permissions, followed by a comma and then a comma-delimited list of groups or accounts that are granted the specified permissions. Permissions can be any of read, write, and delete, followed by a comma. For example, to grant read and write access to ourdomain\smith:
    GrantAccess = read write, ourdomain\smith
     
    Refer to the policy manager to obtain more information on using EVPM