04-15-2019 02:46 AM
Hi,
I have been asked to prevent items in SMTP archive being deleted. I have found this article:
https://www.veritas.com/support/en_US/article.100001457
That says:
Before archived items can be deleted from an archive, the following 3 conditions/pre-requisites must be met:
So if any of this options is properly configured you can't delete items, but the article is just regarding journaling and user archives, can this article be applied to SMTP archives too?
Thanks,
David
Solved! Go to Solution.
04-16-2019 06:00 AM
An administrator must be granted Delete permissions on an archive in order to delete from it, just like anybody else. The trouble comes, of course, because an administrator can usually log onto the server and grant himself those permissions in the VAC. If this is a concern for you, rather than trying to lock down the permissions of administrators, you might look into enabling some detailed auditing. You might find it dissuades more wrongdoing than does a tight permissions scheme.
--Chris
04-15-2019 03:51 AM
Hello David,
I understand your question, but the article applies to ALL archives., so SMTP also included.
I checked an SMTP Archive. Tab advanced, there are the 2 checkmarks for Deletion Protection (allow deletion of archived items and of this archive, and delete expired items from this archive automatically).
04-15-2019 07:40 AM
That article was pretty ancient, so I touched it up a bit. It's now clearer that it applies to all types of archives, not just Exchange. I also added a couple deletion eligibility tests that we have introduced in recent updates. Should be easier to follow now.
--Chris
04-16-2019 04:59 AM
Thanks both for your answers! But I have know another question/petition. According to the article the configuration can be changed to let admins delete or not delete items. I have a customer that uses EV to store journaling (via exchange journaling and SMTP Journaling), the want to configure EV so that even admins can't delete items. Is that possible?
04-16-2019 06:00 AM
An administrator must be granted Delete permissions on an archive in order to delete from it, just like anybody else. The trouble comes, of course, because an administrator can usually log onto the server and grant himself those permissions in the VAC. If this is a concern for you, rather than trying to lock down the permissions of administrators, you might look into enabling some detailed auditing. You might find it dissuades more wrongdoing than does a tight permissions scheme.
--Chris
04-29-2019 04:14 AM
Thanks Chris and Gertjan, it helped a lot.