VOX

Cannot access the above link........

I have been doing a little more digging on the fpolicy requirement (or not), and whilst I do not see this documented in any of the installation / configuration manuals I do see it appearing in technotes.

See the following excerpts:

This extract seems to imply fpolicy must be used to register the EV Proxy Server:

This proxy server (which is typically the Enterprise Vault server) registers itself with the NetApp device via the fpolicy interface and responds to placeholder requests in the same way that it does for Windows based placeholder operations

But then see this:

File blocking on NetApp file servers is achieved using a similar method to the placeholder mechanism. An agent server registers itself with the NetApp filer via the FPolicy interface and responds to blocked content notifications in the appropriate manner. The agent server will need the NetApp FSA Agent installed. Note that this must not be the same server running the Placeholder proxy as NetApp only support one FPolicy registration per Windows server.

I am now confused as to whether I simply need to register (via fpolicy) my proxy server to use file blocking or whether this will cause problems as the proxy is also running the placeholder service.  (Note:  I am only performing file-blocking, and at this point am not archiving and therefore not using the placeholder service).

Any input appreciated......

AJ

Update - can now access the HOWTO49600 - seen it before and I believe have complied with all the requirements. 

No mention of fpolicy in there..........

AJ

After a lot more digging around I am fairly confident that the fpolicy registration is required for a NetApp filer - and will go ahead and do this.

Whilst I do not intend to perform actual archiving at this stage (just file blocking) I do read with interest the fact that the placeholder service and the file blocking service cannot exist on the same proxy.

"File blocking on NetApp file servers is achieved using a similar method to the placeholder mechanism. An agent server registers itself with the NetApp filer via the FPolicy interface and responds to blocked content notifications in the appropriate manner. The agent server will need the NetApp FSA Agent installed. Note that this must not be the same server running the Placeholder proxy as NetApp only support one FPolicy registration per Windows server"

Another article also appears to state that the fpolicy registration will be attempted automatically by the proxy server ??

When testing the file blocking against the proxy server itself (prior to the fpolicy integration for the filer) I am getting the following results when a save of a blocked file is attempted on the proxy server (I have configured the notification to email the admin and send a message to EV log).  The file is NOT allowed to be saved which is correct::

1. When a save is attempted the user gets the following message on the PC:

         The filename, directory name or volume label syntax is incorrect.

2. The correct message (as configured) is logged to the EV log:

          The file 'filename' could not be saved to 'servername'.

3. Email is sent to administrator - same contents as message sent to EV Log above.

I am concerned at the message displayed on the users screen when they attempt to save a banned file type, as this is not user friendly and surely should be the same as the message I configured and is being sent to the EV Log.

What message should the user get prompted with when a file save is blocked ?

Thanks,

AJ.

SYMAJ,

The message being returned is from Windows and cannot be adjusted by EV.  The email can be sent to the user to allow them to know why the item failed to be saved to the server.  

Previously, a Net Send could have been used for this process, however that is not typically available in most networks today.  

Thanks for that.

I think this will be most confusing for the users as there is no indication as to why the file is not saving - the path / directory is valid !!  Even if they get an email this may not arrive or be read until the user has 'toiled' with trying to save the file for some time !!

Regarding the email to the user, when I am configuring notification how do I get the email to go to the user who is attempting the save ?  When I put [USER] in the TO: filed of the email the email send fails, as the [USER] is not substituted to the userid.  I know the email functionality is working because if I put a valid email address into the TO: field it will send the email OK - but I need to get this to the user who is trying to save the file.

Thanks,

AJ

Can you use this variable [USER MAIL ID] in place of [USER]?  

It may be related to http://www.symantec.com/docs/TECH194302.  10.0.4 introduced the new variable.  

An update on the fpolicy and a question here:

The proxy WILL automatically register with the filer using the fpolicy utility - it wasn't in my case as I already had a proxy registered from the previous Storage Exec installation.  I tested with another filer which had no proxy registered and as soon as I added the filer to EV and identified the proxy it registered on the filer and all worked OK.

The question:

I am getting different messages 'popped up' on the users screen when a file is blocked depending upon the O/S version they are running.

Windows 7 - When you try to save a banned file type you are blocked but offerred to save on your local profile drive (see attached).  This is a problem as we do not want users saving to a local drive.

Is there a way I can change the message which is being delivered so as to simply advise the user they cannot save in this location - but not offer them the option to save in their local profile directory ?

Also, regarding the [ISER EMAIL ID] Vs [USER] - neither worked in the TO: parm of the email send.  They will both resolve OK when added to the body of the message - so do work, but not when put in the TO field.

Thanks,

AJ

AJ,

The message is coming from Windows and there is nothing from and EV perspective that could change that.  It may be a configuration options within Windows 7.  

I have tested the [USER MAIL ID] in the lab on 10.0.4 in both the TO and CC fields and it does send the email.  I only have one entry on each line.  In my case I have [USER MAIL ID] on the TO field and an admin@domain.com in the CC field and both emails are received.  Did you restart the blocking service on the file server?  

Another option is [USER NO DOMAIN]@domain.com (you will need to replace domain.com with the actual name as it will not resolve this).