How to give permissions to an archive using Enterprise Vault Policy Manager (EVPM)
| Article:TECH69114 | | | Created: 2009-01-25 | | | Updated: 2011-05-09 | | | Article URL http://www.symantec.com/docs/TECH69114 |
Problem
How to give permissions to an archive using Enterprise Vault Policy Manager (EVPM)
Solution
The EVPM utility is designed to allow granular and custom changes to mailboxes and archives. By default an archive will have permissions assigned to it based on inherited permissions. At times it is necessary to add custom permissions to one or more archives.
This can be achieved by creating an EVPM script, specifying the particular details and running it against the affected archive.
a. Modify the script below to match the particular DirectoryComputerName, SiteName and mailbox distinguished name.
b. Edit the file in Notepad and save in UNICODE format, with an .ini extension.
---------------------------Copy below---------------------------------------
[Directory]
DirectoryComputerName=kvsvault
SiteName=archivesite
[ArchivePermissions]
ArchiveName = john doe
GrantAccess = read write delete, ourdomain\smith
---------------------------Copy above---------------------------------------
Descriptions:
This can be achieved by creating an EVPM script, specifying the particular details and running it against the affected archive.
a. Modify the script below to match the particular DirectoryComputerName, SiteName and mailbox distinguished name.
b. Edit the file in Notepad and save in UNICODE format, with an .ini extension.
---------------------------Copy below---------------------------------------
[Directory]
DirectoryComputerName=kvsvault
SiteName=archivesite
[ArchivePermissions]
ArchiveName = john doe
GrantAccess = read write delete, ourdomain\smith
---------------------------Copy above---------------------------------------
Descriptions:
ArchiveName
Mandatory. Identifies the archive to which the permission settings are applied.
If there are multiple folders with the same name and you specify a name, Policy Manager modifies only the first one that it finds. In this case, you must use archive Ids to specify the archives.
Possible values:
The name of an archive
An archive ID
ALL (permissions are applied to all journal, shared, and mailbox archives in the specified vault site)
ALL_JOURNAL (permissions are applied to all journal archives)
ALL_SHARED (permissions are applied to all shared archives)
ALL_MAILBOX (permissions are applied to all mailbox archives)
GrantAccess
Optional. Grants to the specified Windows accounts the specified access to the archive.
The new values supplement any existing access rights. You can have many occurrences of GrantAccess within the same [ArchivePermissions] section.
Possible values:
A list of permissions, followed by a comma and then a comma-delimited list of groups or accounts that are granted the specified permissions. Permissions can be any of read, write, and delete, followed by a comma.
For example, to grant read and write access to ourdomain\smith:
GrantAccess = read write, ourdomain\smith
Note: For further details and assistance in running EVPM, please see the Utilities guide under Documentation in the installation of EV.
|
|
Legacy ID
321592
Article URL http://www.symantec.com/docs/TECH69114
Terms of use for this information are found in Legal Notices
Thank you.