Configuring Enterprise Vault for anonymous connections

Article:HOWTO58375  |  Created: 2011-08-01  |  Updated: 2013-07-12  |  Article URL http://www.symantec.com/docs/HOWTO58375
Article Type
How To


Subject


Configuring Enterprise Vault for anonymous connections

To prepare Enterprise Vault servers for anonymous connections from Exchange 2007 or 2010 CAS servers, or Exchange 2000 or Exchange Server 2003 back-end servers, perform the following steps as described in this section:

  • Ensure that IIS Roles and Feature Delegation rights are configured as described in the section, "Prerequisites for OWA" Installing and Configuring.

  • On each Enterprise Vault server that may receive connection requests from OWA servers, create an ExchangeServers.txt file in the Enterprise Vault installation folder. This file contains a list of the IP addresses for all the Exchange CAS servers, and any Exchange 2000 or Exchange Server 2003 back-end servers, that will connect to the Enterprise Vault server.

    Additional entries are needed if you are configuring this file for clustered Exchange Virtual Server configurations.

    See About configuring OWA and RPC Extensions in clustered configurations.

  • Create or select a domain account to be used for anonymous connections from Exchange Servers to the Enterprise Vault server. This is the Data Access account, which is also used for anonymous connections to the Domino Mailbox Archiving web application. The steps required to configure the Data Access account for OWA Extensions and Domino Mailbox Archiving are different. To configure the account for OWA, you run a command line script. To configure the Data Access account for Domino Mailbox Archiving, you specify the account on the Data Access Account tab of Directory properties.

    If you are configuring both Enterprise Vault OWA Extensions and Domino Mailbox Archiving, it is important to use the same account as the Data Access account for both features.

  • On each Enterprise Vault server on which you have created an ExchangeServers.txt file, run the script, owauser.wsf, to configure the Data Access account

  • Synchronize mailboxes and restart the Enterprise Vault Admin service.

To create the ExchangeServers.txt file

  1. Open Notepad.

  2. Type the IP address of each Exchange CAS server, and Exchange 2000 server or Exchange Server 2003 back-end server that will connect to the Enterprise Vault server, one entry per line.

    Addresses can be in either IPv4 or IPv6 format. IPv6 addresses must be in the form fdfa:9c37:5267:d2e3:a192:b168:cc80:d204.

  3. Save the file as ExchangeServers.txt in the Enterprise Vault installation folder (for example C:\Program Files (x86)\Enterprise Vault). When you save the file, select ANSI, Unicode, or Unicode big endian encoding.

  4. Close Notepad.

To configure the Data Access account for OWA

  1. Create or select a domain account to be used for anonymous connections to the Enterprise Vault server. This is the Data Access account. The account should be a basic domain account; a local machine account cannot be used. The account should not belong to any administrator group, such as Administrators or Account Operators.

    If you are configuring both Enterprise Vault OWA Extensions and Domino Mailbox Archiving, it is important to use the same account as the Data Access account for both features. If you have already set up Domino Mailbox Archiving, note the details of the account specified on the Data Access Account tab of Directory properties in the Administration Console. Configure this account for OWA as described in this section.

  2. Log on to the Enterprise Vault server as the Vault Service account.

  3. Open a Command Prompt window with administrator privileges.

  4. Navigate to the Enterprise Vault installation folder.

  5. Enter the command line that is appropriate to your system. If you have OWA on both Exchange Server 2000 and Exchange Server 2003 in your organization, use the command line for OWA on Exchange Server 2003.

    • Command line for OWA on Exchange Server 2010, 2007 and 2003:

      cscript owauser.wsf /domain:domain /user:username /password:password

    • Command line for OWA on Exchange Server 2000 :

      cscript owauser.wsf /domain:domain /user:username /password:password /exch2000

    The file owauser.wsf is installed in the Enterprise Vault installation folder.

    For domain, give the domain of the Data Access account.

    For username, give the username of the Data Access account.

    For password, give the password of the Data Access account.

    To display help for the cscript command, type

    cscript owauser.wsf /?

  6. The progress of the script execution is displayed in the command prompt window.

    The configuration changes made by the script are described in the following technical note on the Symantec Support website:

    http://www.symantec.com/docs/TECH69113

    When the configuration script finishes, you are prompted to restart the Enterprise Vault Admin service and synchronize mailboxes.

  7. If there are multiple Enterprise Vault servers in your environment, logon to each server on which you created an ExchangeServers.txt file, and run the script, owauser.wsf, using the instructions given in this section.

    If you add another Exchange CAS server, or an Exchange 2000 or Exchange Server 2003 back-end server to your environment at a later date, add the IP address of the server to the ExchangeServers.txt file on the Enterprise Vault server to which the Exchange Server will connect, and then rerun the owauser.wsf script.

See Restart the Admin Service and synchronize mailboxes for OWA configuration

See Configuring Enterprise Vault access for OWA users

See Prerequisites for OWA 2010 and earlier


Legacy ID



v9666766_v41328148


Article URL http://www.symantec.com/docs/HOWTO58375


Terms of use for this information are found in Legal Notices