Solved: Generally archive enabling for all users, how to p...

Sani_B · ‎10-09-2014

Hi,

I recently took over an Enterprise Vault environment where is set Provisioning group that enables the archive to all users through AD users OU.

Now they want to make it so that some users won't be enabled for archiving though they are in that particular OU.

Is it possible and how should it be done?

As I understand I could make another provisioning group leaving the automatically enable tap empty - make it higher in rank - and target a created "Disable archiving" AD-group to it and it should take care of that? At least new users who are added to the group when the account is created and the provisioning task runs for the first time... right?

But if the new user account is accidentally left out from the group the second Provisioning group will be taking actions and enable the archiving - then the only possibility is to export what ever was archived in the first place and disable the archiving manually and it will not get enabled automatically anymore second time correct?

Is there easier way to make this work?

Sani B.

WiTSend · ‎10-09-2014

You are correct, if the user is not in the "do not archive" group they will get enabled and archived. Another option, though requiring more administrative effort would be to disable the users. If they are disabled then they won't get automatically re-enabled without manual intervention. The key is a difference between enabled, do not archive and disabled users. You could also create an EVPM script that disables the users.

View solution in original post

JesusWept3 · ‎10-09-2014

Use distribution lists and not OU's would be my suggestion

https://www.linkedin.com/in/alex-allen-turl-07370146

JesusWept3 · ‎10-09-2014

Use distribution lists and not OU's would be my suggestion

https://www.linkedin.com/in/alex-allen-turl-07370146

Sani_B · ‎10-09-2014

Yes I recommend that too but the client is adamant that they want to use the OU setting...

Sani B.

WiTSend · ‎10-09-2014

You are correct, if the user is not in the "do not archive" group they will get enabled and archived. Another option, though requiring more administrative effort would be to disable the users. If they are disabled then they won't get automatically re-enabled without manual intervention. The key is a difference between enabled, do not archive and disabled users. You could also create an EVPM script that disables the users.

JesusWept3 · ‎10-09-2014

other suggestions would be Provision the users and don't auto-enable the users, you would have to manually enable the users via the VAC and double check as to whether or not they should be archived Or set the prov group to initially suspend archiving and hen give users instructions on how to unsuspend themselves

https://www.linkedin.com/in/alex-allen-turl-07370146

Michael_Bilsbor · ‎10-09-2014

Hi,

ok so why not as a one off exercise enable and disable them? or enable them with a policy that means that they won't actually get archived nor have any client capabilties? (do they get the client software installed on their client?)

Mike

Sani_B · ‎10-09-2014

Hi all,

Yes the add in is automatically installed to everyone due to company policies and it looks like my original thoughts about how I would have to do it stands out to be the option to go with as I don't manage the AD and therefore have no way of knowing advanced if some rare individual should not have the archive enabled.

Thanks for all your great answers once again - always happy to ask advices/opinions when you guys are so supportive! =)

Sani B.

VOX

Generally archive enabling for all users, how to prevent it from enabling for some users?