cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Grant rights to all archives?

Mats_Holm
Level 4

‎12-21-2007 01:08 AM

Hi all!
This might be a stupid question but I have a customer how have implemented EV in an pilot test and they are not showing any icons or menus to the user. Instead they want to be able to help user via Archive Explorer to restore mails to users. For this they need to grant permissions to all mailbox vaults to serviceaccount and two useraccounts. Is this possible to do without having to access every vault and change permission? Can I do that for all vaults in one cklick?
 
//Mats
0 Kudos
7 REPLIES 7

MichelZ
Level 6
Partner Accredited Certified

‎12-21-2007 01:23 AM

Mats

This is not possible using the GUI.
You would have to set permission on every archive.

However, it IS possible using EVPM Scripts.
Have a look at the utilities.pdf file, section "Policy Manager".

There is an [ArchivePermission] section which you can configure like this:

GrantAccess

Optional. Grants to the specified Windows accounts the specified access to the archive.

The new values supplement any existing access rights. You can have many occurrences of GrantAccess within the same [ArchivePermissions] section.

Possible values:

  • A list of permissions, followed by a comma and then a comma-delimited list of groups or accounts that are granted the specified permissions. Permissions can be any of read, write, and delete, followed by a comma. For example, to grant read and write access to ourdomain\smith:

    GrantAccess = read write, ourdomain\smith

Hope this helps

Cheers
Michel


cloudficient - EV Migration, creators of EVComplete.
0 Kudos

Mats_Holm
Level 4

‎12-21-2007 01:43 AM

Thanks exactly what they are looking for.
I'm not that familiar with EVPM. Can I do a script that doesn't change anything elese but the ArchivPermissions? I know I have to have the manadatory fields in the scripts but I don't want to change anything else in the environment.
 
//Mats
0 Kudos

MichelZ
Level 6
Partner Accredited Certified

‎12-21-2007 01:58 AM

Mats

Yes, this is possible.
I can't test it right now, but I believe this should do it:

[Directory]
DirectoryComputerName = SERVERNAME
SiteName = SITENAME

[ArchivePermissions]
ArchiveName = ALL_MAILBOX
GrantAccess = read write, DOMAIN\USER


It will add Permission to read/write from the Archive for User DOMAIN\USER on EVERY Mailbox Archive.

Cheers
Michel

cloudficient - EV Migration, creators of EVComplete.
0 Kudos

Mats_Holm
Level 4

‎12-21-2007 02:20 AM

Great, thanks!
Do I have to run this scripts on regular basis as new archives is created or does this apply to all upcoming archives aswell??
 
Merry Christmas!
 
//Mats
0 Kudos

MichelZ
Level 6
Partner Accredited Certified

‎12-21-2007 02:29 AM

You would have to run it on a regular basis, yes.



cloudficient - EV Migration, creators of EVComplete.
0 Kudos

jimbo2
Level 6
Partner

‎12-21-2007 08:47 AM

Make sure you save the file as Unicode.
 
Jim S.
0 Kudos

jimbo2
Level 6
Partner

‎12-22-2007 08:30 AM

Were you able to apply the script?
0 Kudos