cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Limit access to Exchange Archvies to owner

Jakob
Level 5
Partner

‎02-03-2017 07:52 AM

Hi,

is there the possibility to limit the access to all Exchange Archives to the Mailbox-owner (+ if needed addidtional EV Archive Permissions).

Via policy there is the option to disable inherited permissions and disable folder permission sync. I need the option to disable the regular mailbox permission sync.

Via EVPM i  have the possiblility to edit the rights of an archive once - but we wan´t to have this regulary - also for new archives?

The backgound is that the customer uses EV to dissolve pst files. But the users were used to the pst files and also use them to hold some confidential informations etc.. That´s why they expect the vault to behave like an pst file so that only themselves have access to the pst file. They don´t want to solve it by modifiing exchange or mailbox folder permissions.

0 Kudos
4 REPLIES 4

CConsult
Moderator
Moderator
Partner    VIP   

‎02-06-2017 04:48 AM

Hi,

do I understand you correctly?

You want to not have specific users have access to the archive?

Archive permissions are set in Archive Permissions (Read, Write, Delete)

You can use EVPM to set those rights, as far as I remember even on Foldernames.

Everyone that isnt in the permission will not have access to the archive.

(Aslong as they dont grant the rights themself) >> Auditting

0 Kudos

Jakob
Level 5
Partner
In response to CConsult

‎02-06-2017 05:11 AM

Hi CConsult,

only the owner of an exchange mailbox should have access to the archive. All Other users which have Full Access to the Exchange Mailbox shouldn´t have access to the archive.

I don´t think that EVPM is theright tool for this. The problem is that also new autmatically created archives should have this limited access.

Jakob

0 Kudos

GertjanA
Moderator
Moderator
Partner    VIP    Accredited Certified
In response to Jakob

‎02-06-2017 06:30 AM

Hello Jakob,

I find it strange that you need to deny access to archives to people who have full access to the mailbox, but stranger requests have been seen :)

I believe you can sort of do this in the mailbox policy, but it might be that (since the Exchange permissions are synced), users with full access get permissions on the archive anyway.

Synchronize Folder Permissions - set to OFF

Obviously, Include default and anonymous and Inherited permissions also need to be Off

 

Regards. Gertjan
0 Kudos

Jakob
Level 5
Partner
In response to GertjanA

‎02-07-2017 06:07 AM

Hi Gertjan,

yes - this is a bit strange... but in PST Files the can handle the permissions themself by NTFS permissions ect. As EV is planned as a alternate to PST Files this is a kind of a valid request.

The points you mentioned only affect inherited MBX Permissions and Folder Permissions. It´s not a solution for the direct mailbox permissions.

Regards

Jakob

0 Kudos