cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Power Administrator - automatic granted permissions to users archives

Go to solution
jjkcougar
Level 3

‎07-14-2009 02:30 PM

Myself and another administrator are both in the power administrator role.  In each user's archive properties, I have been granted the automatic read/write/delete permissions and this allows me to see the users in Archive Explorer in Outlook.  The other administrator does not have permissions to anyone else (except one user for some reason) and therefore can't see in Archive Explorer (except that one user).  I will try removing/re-adding him to the power administrator role.  Any ideas on what the issue is and how to correct?  Shouldn't it work this way incase a new power administrator has to be added or an old one removed?   (He has full access permissions in Exchange to the mailboxes incase that means anything)

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Michael_Bilsbor
Level 6
Accredited

‎07-14-2009 05:00 PM

but being a power admin doesn't grant you access to archives right?  So perhaps that was done manually?

View solution in original post

0 Kudos
4 REPLIES 4

Go to solution
Michael_Bilsbor
Level 6
Accredited

‎07-14-2009 05:00 PM

but being a power admin doesn't grant you access to archives right?  So perhaps that was done manually?
0 Kudos

Go to solution
Paul_Grimshaw
Level 6
Employee Accredited Certified

‎07-14-2009 07:18 PM

Mike is correct this RBA right does not give you automatic access to the archive. This is being synchronised across from Active Directory somewhere. There is a piece of software called permission browser and you should find the executable in the EV directory. Fire this up and select the archive and this will show you the automatically assigned permissions.

So I would be looking at the Mailbox Permissions for the users and ensuring that yourself or a group you are in has not been given access.

It cannot be delegated access from outlook as this does not show up in the VAC.
0 Kudos

Go to solution
jjkcougar
Level 3

‎07-20-2009 07:48 AM

So you cannot use Vault (an archiving software) to assign access to archives via the VAC. I just wanted to write that because it obviously doesn't 'sound' right. Vault moves archives to Vault servers so that when you click on an email you're looking at them in Vault, not from Exchange.

But as you say, my access to users' archives on Vault servers through the Vault's Archive Explorer tool comes from mailbox permissions from Exchange. Therefore I will look in powershell and see if I can find a difference in our permissions.
0 Kudos

Go to solution
Wayne_Humphrey
Level 6
Partner Accredited Certified

‎07-20-2009 10:13 AM

use PermissionBrowser.exe to see the differences, it can be located in \Program Files\Enterprise Vault.

You can use EVPM to grant and Deny permissions on all archives if you wish, just use DistinguishName = ALL

--wayne
0 Kudos