ArchiveWeb provides the ability to manage user access to archived files on a network share. Users must accept the security policy to be able to open archived files.
As an administrator or a user with the appropriate permissions, you can define a policy condition, agreement term, and reminder. You can define notification templates for Access Denied and Reminder messages and see a list of all users with the date of acceptance of conditions and status.
Users are notified by email when access to a protected archive file is denied and when the policy consent expires.
NOTE: Email notifications are sent only once. It is recommended that the administrator should send an email to all first-time users who are registered in ArchiveWeb to accept the policy agreement. |
In this topic:
·Granting compliance permissions to users
·Configuring compliance settings
·Accepting compliance agreements
A working SMTP server is needed to send notification emails to users. The SMTP server must be configured with the Archive Manager Configuration Tool.
1.Open the Archive Manager Configuration Tool from <installdir>\Program Files (x86)\Common Files\PAM\PAMConfig\PamConfig.exe.
2.From the feature panel on the left in the Configuration wizard, click Users.
3.Verify that the database and scripts are up to date.
4.Open the SMTP Configuration tab and set the properties as described below:
Server name - Name or IP address of the SMTP server
Port - SMTP server port
Use SSL - select the checkbox if the SMTP server requires an SSL connection
User name, Password - SMTP server credentials
Sender email - Email address of the sender
Number of retries - Number of times that the SMTP server will attempt to send the message
5.Click Apply and then close the window.
1.Open Archive Manager for Files
2.Connect to the Archive Manager for Files server
3.From the navigation panel, click Settings.
4.In the Other options section select the Activate compliance permissions checkbox and click Apply.
Granting compliance permissions to users
1.Log in to ArchiveWeb.
2.From the main menu, click the username dropdown and then select Manage settings.
3.From the local toolbar, click Permissions.
4.Click to search and add users or groups.
5.Select the user from the left-hand panel and grant the following compliance permissions:
·Allow policy managed download - grants access to archived files.
·Compliance management - grants management access.
6.Add more users or groups and grant the permissions as required.
7.All users must log out and log in again to refresh compliance settings in their session of ArchiveWeb.
1.Log in to ArchiveWeb.
2.From the main menu, click Compliance.
3.From the navigation panel, select Agreements.
The columns are described below:
a.Username - Name of the user
b.Email address - email address of the user
c.Agreement date - date and time when the compliance policy was accepted.
d.Status - status of the compliance policy. the status value are as follows:
·Approved - User has confirmed their agreement to the policy.
·Rejected - User has declined the policy.
·New - Administrator has granted the Allow policy managed download permission, but the user has not yet accepted the policy agreement.
·Canceled - Administrator has changed the policy settings and canceled all user agreements.
·Expired - the policy term has ended.
e.Expiration date - Date and time when the compliance policy expires.
1.Log in to ArchiveWeb.
2.From the main menu, click Compliance.
3.From the navigation panel, select Templates.
4.In the top section, prepare the template for the Access Denied message in the template editor.
5.In the bottom section, prepare the template for the Reminder message in the template editor.
6.Click Save at the bottom right corner to commit any changes.
Configuring compliance settings
1. Log in to ArchiveWeb.
2.From the main menu, click Compliance.
3.From the navigation panel, select Settings.
Configure the settings as described below:
a.Agreement term - Number of months during which the policy is active.
b.Remind user before expiration - Number of days before the policy expires when a reminder message will be sent to the user.
c.Policy - prepare the policy statement using the template editor.
4.Click Save at the bottom right corner to commit any changes.
5.In Cancel Agreement dialog click Yes to cancel all agreements with users. Users must accept the new policy agreement. Click No to change the policy for new users only (or when saving a policy for the first time).
Accepting compliance agreements
When users who have been granted the Allow policy managed download permission log in to ArchiveWeb, then will see the Policy Agreement page. Users must accept the Policy Agreement to work with protected archived files. This page is also available to users from the [User name] > Manage Settings > Profile > Policy Agreement page, if they want to accept the agreement at a later time.
1.Select I agree.
2.Click Save at the bottom right corner to commit any changes.
ArchiveWeb now supports General Data Protection Regulation (GDPR) regulations.
Users with the requisite permission can create a retention change request for archived Exchange and Files items from its context menu. When a request is created, approvers get an email notification and can review the request. Users who created a request are informed through an email notification once an approver has processed the request. Users and approvers can track the requests in ArchiveWeb from the Retention tab. Users and approvers can see open, approved, denied requests and request history. Additionally, approvers can export all items from a request to a ZIP file, deny the entire request and approve all or selected items from the request.
To use all retention features, a working SMTP server is needed, however SMTP is not mandatory for retention functionality. The SMTP service is used to send notification emails to approvers and retention requesters.
To setup the SMTP service (PamConfig)
1.Open Archive Manager Configuration Tool from <installdir>\ Program Files (x86) \ Common Files \ PAM \ PAMConfig \ PamConfig.exe.
2.Click on Users tab and verify that the database and scripts are up to date from the Database tab.
3.Click the SMTP Configuration tab.
Specify the information as described below
·Server name -specify SMTP server name or IP address where the SMTP server is installed
·Port -specify the SMTP port
·Use SSL - check this button if the SMTP requires SSL connection
·User name, Password - specify SMTP credential. Username must be in the format domain/username
·Sender email - specify email address which will be used to hand-shake with the SMTP
·Number of retries - specify number of retries the SMTP will try to send the message
To grant permissions in ArchiveWeb
1.Log in to ArchiveWeb.
2.From the main menu, click the username dropdown and then select Manage settings.
3.From the local toolbar, click Permissions.
4.Grant the permissions to users and approvers as indicated below. For detailed steps about granting permissions, see Permissions.
Permission |
Default value |
Meaning |
Approve retention change requests |
Denied |
Allows to approve or denied the retention change request and export items |
Create retention change request |
Denied |
Allow to create a new retention change request and to display Retention tab at the top of the navigation bar with ability to list open, approved, denied requests and history. |
To create a retention change request
Users with the Create retention change request permission can create a retention change request from the context menu for selected item(s).
1.Log in to ArchiveWeb.
2.Click Archive from the main menu and select the Files tab.
3.Select one or more archived items.
4.For a single archived item
5.Click Menu in the preview pane and then select Log in to ArchiveWeb.
6.For selected items, the context menu appears automatically. Select Create retention change request.
7.The Create Retention Change Request dialog opens
8.Enter the information as described below:
·Task name name for retention change request
·Delete request select to create a delete request
·Set retention time to select to set a new retention time in months. The purpose for this option is create a retention change request to decrease retention time
·Delete items after the retention expires by selecting this option the expired items will be automatically deleted
·Reason for request description of request
9.Click Send request to submit the request for approval. Newly created retention change requests appear in the Open and History lists in the Retention tab. Only items which have no Legal hold flag set will be added to retention change request.
10.If the SMTP service is configured correctly, a notification email is sent to approvers who have been granted the Approve retention change requests permission. A sample email is shown below.
Retention tab
This menu option is available to all users with either the Create retention change request or Approve retention change requests permissions. The user can see list of open, approved, denied requests and history.
OPEN REQUESTS
Displays all requests that are created but have not been approved or denied. Click any request to view the items included in the request in the preview pane. The columns are described below:
Column |
Description |
Task name |
Retention change request task name |
Request type |
Request type: Change retention request request to decrease retention time Delete request request to delete item |
Requested retention |
Contains retention time requested in Change retention request task; for Delete request this column is empty |
Automatic Deletion |
Informs if the option "Delete items after the retention expires" is activated for the given item |
Submitted by |
Name of the user who submitted the request |
Date created |
Date-time when the request was submitted |
Processed by |
Name of the user who approved/denied the request |
Date processed |
Date-time when the request was approved/denied |
Submitted items |
Number of items in submitted request |
Status |
Request tasks status |
Reason |
Approve/Denied reason |
Reason for request |
Reason the submitter entered |
To approve a request
1.Click the Retention tab and then click Open Requests.
2.Select a request to view the items included in the request. Select ore or more items or select the checkbox in the column header to select all items.
3.Click Approve selected. The Request Approval dialog opens.
·Reason for change - enter text to explain why the change is necessary.
·I understand that the process is not reversible - select this checkbox to confirm the approval
4.Click Approve. The selected items will be asynchronously processed and their retention settings will be changed.
5.If SMTP is correctly set up, the requester will be informed through email. A sample notification email is shown below:
To deny a request
1.Click the Retention tab and then click Open Requests.
2.Select a request to view the items included in the request. All items will be included for denial.
3.Click Deny all. The Deny Request dialog opens.
·Reason for deny - enter text to explain why the request is being denied.
4.Click Deny. All items will be denied. No operation from retention change request will be processed.
5.If SMTP is correctly set up, the requester will be informed through email. A sample notification email is shown below:
To export items
1.Click the Retention tab and then click Open Requests.
2.Select a request to view the items included in the request. Select ore or more items or select the checkbox in the column header to select all items.
3.Click Export all. All items will be exported to a ZIP file. There is option to encrypt the output ZIP file with a password.
APPROVED REQUESTS
Displays all requests that are approved. Click any request to view the items included in the request in the preview pane. The columns are described below:
Column |
Description |
Task name |
Retention change request task name |
Request type |
Request type: Change retention request request to decrease retention time Delete request request to delete item |
Requested retention |
Contains retention time requested in Change retention request task; for Delete request this column is empty |
Automatic Deletion |
Informs if the option "Delete items after the retention expires" is activated for the given item |
Submitted by |
Name of the user who submitted the request |
Date created |
Date-time when the request was submitted |
Processed by |
Name of the user who approved/denied the request |
Date processed |
Date-time when the request was approved/denied |
Affected items |
Number of items approved |
Status |
Request tasks status. |
Reason |
Reason for approval |
DENIED REQUESTS
Displays all requests that are approved. The columns are described below:
Column |
Description |
Task name |
Retention change request task name |
Request type |
Request type: Change retention request request to decrease retention time Delete request request to delete item |
Requested retention |
Contains retention time requested in Change retention request task; for Delete request this column is empty |
Automatic Deletion |
Informs if the option "Delete items after the retention expires" is activated for the given item |
Submitted by |
Name of the user who submitted the request |
Date created |
Date-time when the request was submitted |
Processed by |
Name of the user who denied the request |
Date processed |
Date-time when the request was denied |
Affected items |
Number of items that were denied |
Status |
Request tasks status |
Reason |
Reason for denial |
HISTORY
Display the list of all requests (open, approved and denied). The columns are described below:
Column |
Description |
Task name |
Retention change request task name |
Request type |
Request type: Change retention request request to decrease retention time Delete request request to delete item |
Requested retention |
Contains retention time requested in Change retention request task; for Delete request this column is empty |
Automatic Deletion |
Informs if the option "Delete items after the retention expires" is activated for the given item |
Submitted by |
Name of the user who submitted the request |
Date created |
Date-time when the request was submitted |
Processed by |
Name of the user who denied the request |
Date processed |
Date-time when the request was denied |
Affected items |
Number of items that were denied |
Status |
Request tasks status |
Reason for Request |
Reason for approval or denial |
Select any request in the History view to see the affected items in the preview pane. The columns are as described below:
Folder |
Folder name |
Name |
File name |
Approved |
Indicates whether the item was approved |
Error |
Contains error message, if any |
The preview pane in the History view contains two predefined filters:
·Processed contains list of processed items.
oFor Change retention request items with selected checkboxes in the Approved column have been processed, retention time have been changed; if error occurred the Error column will contain a message.
oFor Delete request items with selected checkboxes in the Approved column have been processed by a Delete job, and items have been deleted; if error occurred the Error column will contain a message.
·Waiting contains list of items waiting to be processed.
oFor Delete request items with selected checkboxes in the Approved column are waiting for a Delete job to process the items.
As default, only the super-user specified in Archive Manager for Exchange or Archive Manager for Files (see note below) can access ArchiveWeb and all its functions. If another user/group should be able to manage roles, super-user can allow access for them in the following ways:
·in ArchiveWeb under logged on user / Manage settings / Permissions
·in Archive Manager for Exchange Administration Center on the Tools / Options / User Roles the given user has to be added with Modify roles option checked
·in the Archive Manager for Files Administration Center on the Settings / User management tab the given user must have the User management permission allowed
Please note: Super-user is specified in:
·Archive Manager for Exchange Administration Center / Tools / Options / User Roles)
or
·Archive Manager for Files (Enterprise Manager / Settings / User management)
Roles and Permissions pages allow permission management on user/group level. Individual users can inherit permission or can be granted direct permissions. The priority of permissions follows this order:
1.Direct permission defined for a user (blue highlight under Permissions) on a server
2.Global direct permission defined for a user (blue highlight under Permissions)
3.Inherited permission (yellow highlight under Permissions) on a server
4.Global inherited permission (yellow highlight under Permissions)
5.Default settings (no highlight under Permissions)
All defined permissions apply only for the given instance of ArchiveWeb.
On these pages you can allow or deny access to ArchiveWeb features and menu options for individual users or groups, i.e. allow or deny roles. Under Roles, users are assigned to roles. Under Permissions, roles are assigned to users.
© ALL RIGHTS RESERVED. Nutzungsbedingungen Datenschutz Cookie Preference Center