cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

EV 10.0.2 administration

EVUser0704
Level 4

‎10-29-2013 12:23 AM

Hello,

I am having an issue with Enterprise Vault while delegating users the EV roles e.g. PST Administrator, it says cannot connect to the Directory server via the EV Administrator Console unless you are a local administrator.

I have EV 10.0.2 on OS Windows 2008 R2

Directory server is in domain XXXGlobal and users to be granted EV roles are in XXXUK, a child domain (occurs in all child domains).
I have created a group XXXGlobal \s-u-grp-EV PST Administrators (universal group) this has been added to the EV role PST Administrators. The group contains a group XXXUK\s-d-uk-EV PST Administrators which then contains the end users, my test user is XXXUK\garry.lime
When I try to connect EV via the administrator console installed on a PC/server (tried both) other than XXXGlobal the console will not connect.
I granted XXXGlobal \s-u-grp-EV PST Administrators RDP access to the directory server and logged on as XXXUK\garry.lime and I can access the EV administrator console as expected with the correct EV roles.
I also grant XXXUK\garry.lime local administrative rights on the directory server and the user can connect to the EV directory server from PC/Servers with the EV console installed that , previously had failed with error.

Is it expected or am I doing something wrong?

I look forward to your response. Thank you !

0 Kudos
5 REPLIES 5

EV_Ajay
Level 6
Employee Accredited

‎10-29-2013 12:33 AM

Hi ,

It is expected behaviour. We need to add user / group on Directory Server in the Local administrative rights.

Then only those users can access the VAC Console.

 

0 Kudos

Rob_Wilcox1
Level 6
Partner

‎10-29-2013 12:38 AM

Ajay, I disagree.

I've seen this error before, and if you give the user local administrative rights on the EV server doesn't that sort of negate what Roles Based Admin is all about?

http://www.symantec.com/business/support/index?page=content&id=TECH130212

.. might help. Haven't tried it in a long time though!

Working for cloudficient.com
0 Kudos

EVUser0704
Level 4

‎10-29-2013 06:01 AM

Thank you both for the reply. @Rob: It still doesn't work I'm afraid !

0 Kudos

GabeV
Level 6
Employee Accredited

‎10-29-2013 06:54 AM

Hi EVUser,

You do not need to add the user as a local admin in the Enterprise Vault server or the client, just for the EV console admin installation in the PC, you need admin rights. If 'XXXGlobal \s-u-grp-EV PST Administrators' is a universal group, what kind of group is 'XXXUK\s-d-uk-EV PST Administrators'? I might be wroing, but if this is a global security group to the child domain, I was wondering if the EV server will see it since it's in the XXXGlobal domain. Have you tried adding the user directly to the 'XXXGlobal \s-u-grp-EV PST Administrators' uinversal group?

0 Kudos

EVUser0704
Level 4

‎10-30-2013 12:16 AM

XXXGlobal \s-u-grp-EV PST Administrators is a UNIVERSAL group, It has members of XXXUK\s-g-uk-Admin Local, this group contains the XXXUK user accounts trying to access. Yes I have tried with a test user XXXUK\garry.lime placed into the XXXGlobal \s-u-grp-EV PST Administrators group I still cannot connect to the EV console. I also checked whether Enterprise Vault Directory Database is in SINGLE-USER mode just to see whether that was causing the issue, but it is already in MULTI-USER mode.

I'd appreciate any suggestions. Thank you so far !

0 Kudos