11-07-2018 07:21 AM
Would like to create a read only role within the Enterprise Vault VAC. Know how to create a custom role within the system, but haven't been able to find any documentation that describes what each operation means. The tech notes seem to be deleted or inaccessible. Is there a list with what each operation does?
Whats the difference in manage, administer, and view?
How should a read only role be set up? I would like the user to be able to view everything within VAC, but be unable to change anything.
11-07-2018 10:27 PM
Hello,
You can use the below. Do test this, as I believe it does allow access to services/tasks section.
The following "Operations" will need to have a check next to them
Can administer Enterprise Vault
Can manage Enterprise Vault Exchange Journaling tasks
Can manage Enterprise Vault Exchange Mailbox tasks
Can Administer Archives
Can administer all Enterprise Vault policies
Can administer all Enterprise vault targets
Can administer Enterprise Vault archives
Can administer Enterprise Vault Exchange Journaling policies
Can administer Enterprise Vault Exchange mailbox policies
Can administer Enterprise Vault Exchange policies
Can administer Enterprise Vault Exchange targets
Can administer Enterprise Vault policies
Can administer Enterprise Vault servers
Can administer Enterprise Vault targets
Can administer Enterprise Vault Vault Stores
Can administer Retention Categories
Can manage Enterprise Vault Exchange Journaling tasks
Can manage Enterprise Vault Exchange Mailbox tasks
Can manage Enterprise Vault services
Can manage Enterprise Vault tasks
Can manage Exchange Journal Archives
Can manage Exchange Mailbox Archives
Can use Server Manager
Can View Site Archiving Defaults property page
Can view Site Archiving Usage Limit property page
Can view Site General property page
Can Site monitoring property page
Can view Site Schedule property page
Can view Site Shortcut Deletion property page
Can view Site Storage Expiry property page
Also see below for more information.
https://vox.veritas.com/t5/Enterprise-Vault/EV-read-only-role-lets-me-create-and-delete-archives/td-...
11-08-2018 05:00 AM
Thanks. Do you know what if there is a list where wach operation details its function? I will test your role as described, but it seems like "Can adminster" would allow you to make changes to policy.
11-09-2018 03:12 AM
Welcome. I'm not sure there is actually a list. I made this long time ago (EV8 I believe), and found that you do need to included the 'can administer', otherwise you don't see them at all.
You might need to 'play' with the role to see what actually is possible. If I recall correct, you can for instance see the retention categories, but if you try to change them, you get an 'access denied' error