02-18-2014 02:41 AM
Hi I need to be able to either
Enable a user for archiving with a powershell Script (we have archiving tasks / mailboxes over two mail servers)
Use a AD attribute (preferable a cumstom one) that the auto enroll function can detect then enable the account for archiving.
Basically my problem is that we have numorous service / special accts with mailboxes we do not want to push to EV, but currently have no way to distinguish them which is where the custom attribute would help. in my ideal situation i would like to sweep AD user objects once a week and enable any objects with a certain attribute.
i could even script this if i could get a powershell command to enable the MB for archiving, we are using EV10 with exchange 2010 at the moment
Thanks
Solved! Go to Solution.
02-18-2014 07:22 AM
if you are going to use a custom AD attribute in AD then you can use an LDAP query in your Provisioning Group...
So you could do the following
02-18-2014 03:12 AM
If you AD design is consistent and segregates special/service accounts from ordinary user accounts then you can create a provisioning group and target specific OU's or create a specific AD Group and target that so your service desk can simply add accounts to be archived. Alternatively apply a custome attribute to accounts you want to archive and create a provisioning group with an LDAP query
02-18-2014 03:21 AM
ok may not have explained or understood the answer correctly, heres an eample
User starts firm
User AD Account & MB created
(at the moment i have to manually enable the user for archiving in EV admin) Ev console, select enable for EV, select which MB server, select userID etc.......
We have a provisioning group that forces everything into EV once the account is enabled for archiving. so for example if a user leaves we make them a member of this group EV picks this up and forces all items to vault.
Its the actual enablement of the archiving i need to automate somehow
02-18-2014 03:30 AM
So you don't have the checkbox "Archive mailboxes in this provisioning group" checked?
02-18-2014 04:25 AM
yes this is enabled, but should this create a new archive for any user in that group ?
So "Joe.Bloggs" is created in AD (EV has never seen or touched this user)
i add him to the Target group - "EV create" with the option "Archive mailboxes in this provisioning group" ticked, This will give / enable him for archiving in EV?
or just start pushing mail once i have manually enabled him in the EV console?
02-18-2014 05:42 AM
On the Provisioning Group you can select to automatically enable mailboxes, I think that is where EDLacey was going.
You will want to make sure that only mailboxes you want enabled are part of that group.
Article:TECH76756 | | | Created: 2009-01-12 | | | Updated: 2011-06-21 | | | Article URL http://www.symantec.com/docs/TECH76756 |
02-18-2014 07:22 AM
Additionally, if you have service/resource account that you do not want enabled you can create a Provisioning group just for them, place it high the Provisioning Group hierachy and uncheck the "archive mailboxes in this provisioning group". You can use a LDAP query with your custom attribute to automatically select the appropriate accounts.
02-18-2014 07:22 AM
if you are going to use a custom AD attribute in AD then you can use an LDAP query in your Provisioning Group...
So you could do the following