03-12-2009 04:21 PM
We have two archives that are no longer used and after a mailbox migration they have no associated account. Unfortunately the permissions are set for EVERYONE to read and I want to get rid of this without deleintg the archives themselves.
Trying this:
"How to remove automatically set permissions from an archive using Enterprise Vault Policy Manager (EVPM).":
http://seer.entsupport.symantec.com/docs/280196.htm
does say it processed the permissions for the archive but I still cannot delete the EVERYONE permission that is set to "Granted" automatically.
Any ideas?
Solved! Go to Solution.
03-13-2009 02:22 PM
can't you just manually add everyone as a deny permission via the administation console?
03-12-2009 05:01 PM
I have just run exactly the same evpm script on one of my users that had the everyone group assigned and after running the script and refreshing the VAC the permission had gone as expected.
Did you refresh the VAC?
This does work
03-13-2009 02:22 PM
can't you just manually add everyone as a deny permission via the administation console?
07-24-2009 03:29 PM
Hi bdc,
You may have managed to remove automatically set permissions, however for anyone that is interested you could run the follow ing SQL query against EnterpriseVaultDirectory Database and change the archive name
Use EnterpriseVaultDirectory
update archiveview
set AutoSecurityDesc = NULL
where archivename = 'Mike J'
Close Enterprise Manager or SQL Management Studio
Refresh the Enterprise Vault Admin Console and check the automatically set permissions on the archive.
07-24-2009 09:35 PM