Forum Discussion

Raul_Kivi's avatar
Level 3
17 years ago

How to change user archiving policy using script?

We have archiving policies based on Active Directory OU's.
If I move user from one OU to another EV policy does not change automatically.
to force target OU policy user needs to be diabled and then enabled for archiving again.
How to enable\diable using script and based only on AD data?
From AD I get user name, account, exchange server, legacyExchangeDN.
EnterpriseVault.ExchangeArchivePoint interface requires also other attributes like Systemmailbox,VaultStore and IndexingService. How I can get these attributes if I now only user name and user mailbox location.
I do not want to change any other setting except policy.

7 Replies

  • It should work without disable and enable again
    all you need to do is the following:
    enabled user is moved to an OU with a different policy
    run a sync
    and then do a report mode run against that user and see if he has picked up the new policy
    tells you in report which policy the user is assigned to
  • Yes it should work...are you getting any synch errors in the event logs? Are you trying to synchronize all mailboxes or just the one that you have moved to the OU that has a different Ev policy applied to it?
  • I synchronized only this user and finally it changed policy.
    But delay could be related with another problem I have.
    I have Windows 2003 SP1 installed and SysteM Event log is full DCOM errors like this:
     Event Type: Error
    Event Source: DCOM
    Event Category: None
    Event ID: 10021
    Date:  6.08.2007
    Time:  16:21:55
    User:  N/A
    Computer: KVS_2
    The launch and activation security descriptor for the COM Server application with CLSID
     is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services administrative tool.
    For more information, see Help and Support Center at
    Solutin described didn't help
  • It seems not work if I synchronize only certain user and work I do full sync.
  • I normally run a full sync after I have changed someone's policy but you should be ok if you only synch the affected user too.
    In regards to your dcom errors there are some technotes which may help - have a look at the support site :)