Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

policies for "ownerless" vaults

Created: 11 Jul 2012 • Updated: 14 Aug 2012 | 6 comments
This issue has been solved. See solution.

Hi

EV 9 

I've recently discovered that, when a vault which belongs to a user account in a provisioning group etc has that active directory user account deleted all policies are removed and you are left with a vault with no policies assigned, specifically i'm concerned by the PST migration policy. we're still in the proccess of migrating the many TB of pst files that exist network wide and manual migration is an un managable task I'm getting on really well with the PST migrator tasks and makeing good progress (slow but steady and reliable is fine by me) but policy is to place pst files into the mailbox from which they originated where at all possible.

If user X leaves the company they are a user of EV and had a vault. the entire mailbox is archived and permissions applied to allow replacements/managers to access the vault as required. eventually (at about the six month mark) the user account is deleted from AD and thus exchange as part of our internal housekeeping. the vault is retained and hte access permissions kept so access is available ot those who need it. however adding psts and such falls foul of this lack of a policy.

I've looked but canot find any way of making a provisioning group for "all other vaults" - kinda of makes sense as they already exist and don't in AD. so i need a way to assign policies to these ex staff vaults. it would also be reassuring to know that some process is placing hte retention policy on these vaults.... currently i'm not sure where we stand on retention policies of vaults affected this way.

Thanks for your help

Mike

Comments 6 CommentsJump to latest comment

JesusWept3's picture

What I would advise is make it part of your practices for users that are leaving that as well as archiving the entire contents of the archive, to go ahead and do their PST migrations manually through the VAC or scripted through EVPM so therefor you have completed the entire process and no longer have to worry about it in the futur
I know that if you try and do a PST import manually through the VAC or EVPM and the user doesn't have a valid mailbox, it simply will not work and this may also be the case for locate/collect/migrate

Wayne Humphrey's picture

Take a read of Rob's Processing Company Leavers Article:

http://www.symantec.com/connect/articles/processing-company-leavers

I guess thats where you should start ;)

JesusWept3's picture

Does archive leavers do the PST portion though?

Wayne Humphrey's picture

No, but in combination of Archive Leavers, and your comment he can script it verry easly.

Archive Leavers is poweshell, so he can simply just modify it a bit to exicute EVPM

Mikeydee135's picture

HI Guys

Thanks for the advice. it seems that general opinion is agreed, dont get yourself in the situation i'm in.... however is there a way out of it now that i find myself with PST files and vaults that do not have valid mailboxes associated with them.

we're a company of over 20 globally distributed offices each with local file servers and workstation pools, and in many cases separate domains. This, combined with historically poor enforcement of IT policies, has meant that pst files are hidden all over the place, it seems that many staff members will have, through their careers, been stationed in 3 or 4 different offices and used a similar number of workstations. some psts are on  file server, some on workstations that the current user has out in the field for weeks at a time. this makes PST collection a chalenge. even though users don't remember where pst files are and no longer reference them the comapny policy states they should be imported to the vault for permanent retention but i've been running pst migrations for 12 months and am a long way from completeing even the location phase, let alone working out who's they all are and then migrating them. in all this means i'm going to have this problem again as the chances of me keeping up with staff changes are zero.

if the proper EV tools aren't enough is there any way to forcibly import them, even as crudely as using outlook one file/folder at a time (suddering at the thought)?

Wayne Humphrey's picture

Then you might want to have a look at PST FlighDeck

http://www.quadrotech-it.com/products/pst-flightdeck/

You can contact me directly should you need any further assistance.

SOLUTION