cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Provisioning criteria

Go to solution
ob40
Level 3

‎06-11-2010 09:25 AM

   Our help desk recently started reusing AD username/logon for returning employees. We always did this if an employee returned to the same job. If they returned before the mailbox was deleted by policy then they would be reconnected to the mailbox and at the next prosioning task run the new account would be given perms to the vault.
   Unfortunately they have started reusing the original username even though they are in a different job/department and shouldn't have access to old data in the vault. They create a new mailbox, but because the username doesn't change, the user is then given access to the old vault. Does anyone know of a workaround. We are trying to get them to go back to adding a number behind the username (i.e.username1) and that causes a new vault to be created.
   I didn't open a case as I don't feel that this is an EV design problem but an account management issue locally. However, if there is a workaround we could use I would appreciate it.

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
TonySterling
Moderator
Moderator
Partner    VIP    Accredited Certified

‎06-11-2010 09:28 AM


if the user has been enabled go ahead and disabled them.  Then on the existing archive rename it and set a manual deny in permissions for that account.  The manual deny overwrites the automatically assigned.

Then when you enable the user don't choose the existing archive but rather create a new one.

View solution in original post

0 Kudos
2 REPLIES 2

Go to solution
TonySterling
Moderator
Moderator
Partner    VIP    Accredited Certified

‎06-11-2010 09:28 AM


if the user has been enabled go ahead and disabled them.  Then on the existing archive rename it and set a manual deny in permissions for that account.  The manual deny overwrites the automatically assigned.

Then when you enable the user don't choose the existing archive but rather create a new one.
0 Kudos

Go to solution
ob40
Level 3

‎06-11-2010 09:34 AM

Tony,

   That will definately work. Unfortunately this happens dozens of times a week and currently we don't get notified of account actions. It is all scripted. I will talk to the integration team and see if they will modify the script to send us a notifier and will brief management that this is an option.
   The old way of just adding the 1 to the username was painless but I may not win that argument. thanks!
0 Kudos