Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.

EV 10.0.3 Allow specific user to be able to delete item from archive

Created: 10 Jul 2013 • Updated: 10 Jul 2013 | 2 comments
ia01's picture
This issue has been solved. See solution.


In EV 10.0.3 is it possible to allow specific user to be able to delete item from archive? Site settings is - user cannot delete item from their archives.

Many Thanks

Operating Systems:

Comments 2 CommentsJump to latest comment

JesusWept3's picture

Allow Users To Delete is a site setting that affects everyone, so either all can delete or none can delete

Some things you can do are to create Retention Categories that don't allow deletions, and give that retention to the majority of the users, so they can't delete because the retention is on hold.

Downside to that is its only for items being archived going forward, and also Storage Expiry or Archive Deletion won't allow items to be deleted when a retention is on hold.

Another way you can do it is to create a new desktop policy and provisioning group to allow deletions
Add the users who can delete to the new provisioning group, then on the main desktop policy set it so that Shortcut deletion means it just deletes the shortcut, not the archived item, and hide the delete from vault button, and then lock down the WebApps (Archive Explorer and Search) so the delete buttons are hidden

Thhe downside to this is its not bulletproof, someone could still delete if they knew the syntax to use with Deleteo2k.asp or what not

Another way you can do it is to restrict access to Deleteo2k.asp to deny access to it to the group of users who you won't allow to delete, so anytime they delete an item, it will call that asp page, but because they don't have NTFS permissions, the deletion will fail for them.

The last way i can think of is to manually add a Deny to delete on the archive permissions, but that would be really painful to do for individual users, especially if you're in an organization of 10,000 users etc