Configuring Enterprise Vault for anonymous connections
|Article:HOWTO38207|||||Created: 2010-12-24|||||Updated: 2012-06-27|||||Article URL http://www.symantec.com/docs/HOWTO38207|
To prepare Enterprise Vault servers for anonymous connections from Exchange 2007 or 2010 CAS servers, or Exchange 2000 or Exchange Server 2003 back-end servers, perform the following steps as described in this section:
If Enterprise Vault is installed on Windows Server 2008, you need to ensure that IIS Roles and Feature Delegation rights are configured as described in the section, OWA Prerequisites, in the manual, Installing and Configuring.
On each Enterprise Vault server that may receive connection requests from OWA servers, create an ExchangeServers.txt file in the Enterprise Vault installation folder. This file contains a list of the IP addresses for all the Exchange CAS servers, and any Exchange 2000 or Exchange Server 2003 back-end servers, that will connect to the Enterprise Vault server.
Additional entries are needed if you are configuring this file for clustered Exchange Virtual Server configurations.
Create or select a domain account to be used for anonymous connections from Exchange Servers to the Enterprise Vault server. This is the Data Access account, which is also used for anonymous connections to the Domino Mailbox Archiving Web application. The steps required to configure the Data Access account for OWA Extensions and Domino Mailbox Archiving are different. To configure the account for OWA, you run a command line script. To configure the Data Access account for Domino Mailbox Archiving, you specify the account on thetab of Directory properties.
If you are configuring both Enterprise Vault OWA Extensions and Domino Mailbox Archiving, it is important to use the same account as the Data Access account for both features.
On each Enterprise Vault server on which you have created an ExchangeServers.txt file, run the script, owauser.wsf, to configure the Data Access account
Synchronize mailboxes and restart the Enterprise Vault Admin service.
To create the ExchangeServers.txt file
Type the IP address of each Exchange CAS server, and Exchange 2000 server or Exchange Server 2003 back-end server that will connect to the Enterprise Vault server, one entry per line.
Addresses can be in either IPv4 or IPv6 format. IPv6 addresses must be in the form, fdfa:9c37:5267:d2e3:a192:b168:cc80:d204.
Save the file as ExchangeServers.txt in the Enterprise Vault installation folder (for example C:\Program Files (x86)\Enterprise Vault). When you save the file, select ANSI, Unicode, or Unicode big endian encoding.
To configure the Data Access account for OWA
Create or select a domain account to be used for anonymous connections to the Enterprise Vault server. This is the Data Access account. The account should be a basic domain account; a local machine account cannot be used. The account should not belong to any administrator group, such as Administrators or Account Operators.
If you are configuring both Enterprise Vault OWA Extensions and Domino Mailbox Archiving, it is important to use the same account as the Data Access account for both features. If you have already set up Domino Mailbox Archiving, note the details of the account specified on the Data Access Account tab of Directory properties in the Administration Console. Configure this account for OWA as described in this section.
Log on to the Enterprise Vault server as the Vault Service account.
Open a Command Prompt window and navigate to the Enterprise Vault installation folder.
On Windows Server 2008, you must open the Command Prompt window with administrator privileges. To do this, right-click the Command Prompt shortcut on the Windows Start menu and then click Run as Administrator.
Enter the command line that is appropriate to your system. If you have OWA on both Exchange Server 2000 and Exchange Server 2003 in your organization, use the command line for OWA on Exchange Server 2003.
The file owauser.wsf is installed in the Enterprise Vault installation folder.
For domain, give the domain of the Data Access account.
For username, give the username of the Data Access account.
For password, give the password of the Data Access account.
To display help for the cscript command, type
cscript owauser.wsf /?
The progress of the script execution is displayed in the command prompt window.
The configuration changes made by the script are described in the following technical note on the Symantec Support Web site: http://www.symantec.com/docs/TECH69113.
When the configuration script finishes, you are prompted to restart the Enterprise Vault Admin service and synchronize mailboxes.
If there are multiple Enterprise Vault servers in your environment, logon to each server on which you created an ExchangeServers.txt file, and run the script,
owauser.wsf, using the instructions given in this section.
If you add another Exchange CAS server, or an Exchange 2000 or Exchange Server 2003 back-end server to your environment at a later date, add the IP address of the server to the ExchangeServers.txt file on the Enterprise Vault server to which the Exchange Server will connect, and then rerun the
Article URL http://www.symantec.com/docs/HOWTO38207