Archive Permission
I need to find permissions that where added to an archive via the EV management console. I have over 20k archives so using permissionbrowser.exe is not an option. Anyone have a utility or sql script that can help me out?
Hi Donnal,
Please try following SQL Script :
Use EnterpriseVaultDirectory
Select AA.ArchiveName, RT.VaultEntryId AS ArchiveID, ac.ACEType as PermissionType, TT.SID from Archive AA
Inner join ACE AC
on aa.RootIdentity = ac.RootIdentity
Inner join Trustee TT
ON TT.TrusteeIdentity = AC.TrusteeIdentity
INNER JOIN Root RT
ON RT.RootIdentity = AA.RootIdentity
---Archive those don't have permission would not come in this list. PermissionType '0' mean archive have only Automactic permission, 1 mean only manual permssion via VAC (in case of shared/fileserver/PF), 2 mean it has combination of automatiac/manual permission.
--It will also not give granular information such permission level such read/write/delete or Deny/allow.
--These SID can be taken in excel sheet and You may need to run other powershell/AD script for user/group with associated SID then need to compare (need to do some research in google to findout any easy way to get SID with user/group)