Automatic & Selective Enabling of User Accts

Question

Hi I need to be able to either
Enable a user for archiving with a powershell Script (we have archiving tasks / mailboxes&nbsp;over two mail servers)
Use a AD attribute (preferable a cumstom one) that the auto enroll function can detect then enable the account for archiving.
&nbsp;
Basically my problem is that we have numorous service / special accts with mailboxes we do not want to push to EV, but currently have no way to distinguish them which is where the custom attribute would help.&nbsp;in my ideal situation i would like to sweep AD user objects once a week and enable any objects with a certain attribute.
&nbsp;
i could even script this if i could get a powershell command to enable the MB for archiving, we are using EV10 with exchange 2010 at the moment
&nbsp;
Thanks

jesuswept3 · Accepted Answer

if you are going to use a custom AD attribute in AD then you can use an LDAP query in your Provisioning Group...
	
	So you could do the following
	&nbsp;
1. Open the Vault Admin Console
2. Expand out Directory on Server -&gt; SiteName -&gt; Targets -&gt; Exchange -&gt; YourDomain -&gt; Exchange Server
3. Click Provisioning Group
4. Right click New -&gt; Provisioning Group
5. Press Next
6. Give a name to the provisioning group like "EV Users" and press Next
7. Press the Add Button
8. Choose "LDAP Query" and press OK
9. Give the Display NAme a description like "EV Users (Attribute 6)"
10. The query root should be filled out already&nbsp;
&nbsp; &nbsp; should be something like GC://gcServer.myDomain.com/DC=myDomain,DC=com
11. In the query type the following to enable based on Custom Attribute 6 in AD:&nbsp;
&nbsp; &nbsp; (&amp;((extensionattribute6=EnableEV)))
12. Press OK and then follow the prompts through to the End
&nbsp;
Make sure that "Archive Mailboxes in this provisioning group is checked"
Make sure that on the Archiving Defaults that "Automatically enable mailboxes" is checked
&nbsp;
and thats all you really need to do, run provisioning making sure that the group is appropriately placed
The enablements will occur when the archiving task kicks off so you dont have to manually enable anyone
&nbsp;

edlacey · Answer

If you AD design is consistent and segregates special/service accounts from ordinary user accounts then you can create a provisioning group and target specific OU's or create a specific AD Group and target that so your service desk can simply add accounts to be archived. Alternatively apply a custome attribute to accounts you want to archive and create a provisioning group with an LDAP query

mark_prior20 · Answer

ok may not have explained or understood the answer correctly, heres an eample
&nbsp;
User starts firm
User AD Account &amp; MB created
(at the moment i have to manually enable the user for archiving in EV admin) Ev console, select enable for EV, select which MB server, select userID etc.......
We have a provisioning group that forces everything into EV once the account is enabled for archiving. so for example if a user leaves we make them a member of this group EV picks this up and forces all items to vault.
Its the actual enablement of the archiving i need to automate somehow

edlacey · Answer

So you don't have the checkbox "Archive mailboxes in this provisioning group" checked?

mark_prior20 · Answer

yes this is enabled, but should this create a new archive for any user in that group ?
&nbsp;
So "Joe.Bloggs" is created in AD (EV has never seen or touched this user)
i add him to the&nbsp; Target group - "EV create" with the option "Archive mailboxes in this provisioning group" ticked, This will give / enable him for archiving in EV?
or just start pushing mail once i have manually enabled him in the EV console?

tonysterling · Answer

On the Provisioning Group you can select to automatically enable mailboxes, I think that is where EDLacey was going.
You will want to make sure that only mailboxes you want enabled are part of that group.
How to automatically enable users for Enterprise Vault

Article:TECH76756
			&nbsp;|&nbsp;
			Created: 2009-01-12
			&nbsp;|&nbsp;
			Updated: 2011-06-21
			&nbsp;|&nbsp;
			Article URL  http://www.symantec.com/docs/TECH76756

&nbsp;

Forum Discussion

Automatic & Selective Enabling of User Accts

7 Replies

How to automatically enable users for Enterprise Vault

Related Content

Re: Specify what media server a restore runs through

EnableMailboxMessage when automatically enable set

Automatically Enable Mailboxes

User mailbox not automatically enabled.

enterprise vault elastic search index snapshot automatic backup script

Recent Discussions

EV Client Reset for MAC book

Attachments in Mails - EnterprsieVault

Enterprise Vault MPIP encrypted email decryption is not working

Defender 365 detecting malware in a CAB/DVSSP file

Broken link