Vidéos d'aide de Screencast

How to set Authorization Scope

Created: 04 Décembre 2012 • Updated: 16 Décembre 2012 | 6 comments
l'image des Peter_N
Ce problème a été résolu. Voir la solution.


i need to create a Enterprise Vault autorization group to permit multiple site admins to:

a) import psts to archives

b) which are in the vault store of their site only

Is it possible to scope the authorization definition to a Vault Store or Group of Users?

Has anyone built a working "import pst only" definition?

Thank you for any advice.

PS: All archives are on 1 EV Server in the HQ

Commentaires CommentairesAccéder au dernier commentaire

l'image des TonySterling

Sorry, but I don't think that will be possible based on your requirements.  I am bit confused by the request, what is the use case?

l'image des AndrewB

there is a role called PST Administrator. have you tested it already? does that give too much?

i see a task for "EVT Import and Export Archives" but not one for just Import Archives.

Andy Becker | Authorized Symantec Consultant | Trace3 | Symantec National Partner |

l'image des Peter_N


thank you for the response.

The use case is, my customer has a central IT department in Austria with centralised Exchange Server and Enterprise Vault Server. They have subsidiaries in Brazil, China, Denmark, etc. They want the local administrators of the subsideries to import the Users PST into the related Vault Store (which are separated by location).

e.g.: Brazil Admins to import local PSTs to Brazil Vault Store in Vienna

I know the "EVT Import and Export Archives" Role.

My customer has 2 problems with that:

They dont want that its possible for a subsidiary admin to export any vault data to PST, exept his own country.

So requirement is a role:

1) to only import data (mendatory)

2) to scope only on the Vault Store for the country (if possible)

I dont know if there is a different way to do this. We have the "locate, assign, import" process in place for the austria psts, because they can decide what psts to import for their own people.



PS: sorry for my late answer. I didnt get a notification about pending replys, but only spam about every other threat that is new.

l'image des TonySterling

Sorry, but you are not going to be able to limit the scope of the PST migration to certain PSTs to certain archives or by country. 

Perhaps enable auditing so you can track if someone does that??

l'image des Peter_N

Thanks again. I guess that should be a "arent".

At least it should be possible to build a new role to just import and not export.

Guess i need to work that out on my own.



l'image des TonySterling

Yep, sorry about that.  :)  I fixed it in the post so it makes sense.