Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Metalogix Archive Manager for Exchange 8.5 - ArchiveWeb Guide

Compliance

ArchiveWeb provides the ability to manage user access to archived files on a network share. Users must accept the security policy to be able to open archived files.

As an administrator or a user with the appropriate permissions, you can define a policy condition, agreement term, and reminder. You can define notification templates for Access Denied and Reminder messages and see a list of all users with the date of acceptance of conditions and status.

Users are notified by email when access to a protected archive file is denied and when the policy consent expires.

info

NOTE: Email notifications are sent only once. It is recommended that the administrator should send an email to all first-time users who are registered in ArchiveWeb to accept the policy agreement.

In this topic:

·Configuring the SMTP server

·Activating compliance

·Granting compliance permissions to users

·Viewing agreements

·Configuring templates

·Configuring compliance settings

·Accepting compliance agreements


Configuring the SMTP server

A working SMTP server is needed to send notification emails to users. The SMTP server must be configured with the Archive Manager Configuration Tool.

1.Open the Archive Manager Configuration Tool from <installdir>\Program Files (x86)\Common Files\PAM\PAMConfig\PamConfig.exe.

2.From the feature panel on the left in the Configuration wizard, click Users.

3.Verify that the database and scripts are up to date.

4.Open the SMTP Configuration tab and set the properties as described below:

img-300

Server name - Name or IP address of the SMTP server

Port - SMTP server port

Use SSL - select the check box if the SMTP server requires an SSL connection

User name, Password - SMTP server credentials

Sender email - Email address of the sender

Number of retries - Number of times that the SMTP server will attempt to send the message

5.Click Apply and then close the window.


Activating compliance

1.Open Archive Manager for Files

2.Connect to the Archive Manager for Files server

3.From the navigation panel, click Settings.

img-310

4.In the Other options section select the Activate compliance permissions check box and click Apply.


Granting compliance permissions to users

1.Log in to ArchiveWeb

2.From the main menu, click the username dropdown and then select Manage settings.

3.From the local toolbar, click Permissions.

4.Click ico-120-add-user to search and add users.

5.Select the administrator and from the Permissions panel on the right, grant the following compliance permissions:

·Allow policy managed download

·Compliance management

img-320

6.Add more users and grant the Allow policy managed download to grant access to archived files. Grant Compliance management if the user requires management access.

7.All users must log out and log in again to refresh compliance settings in their session of ArchiveWeb.


Viewing agreements

1.Log in to ArchiveWeb

2.From the main menu, click Compliance.

3.From the navigation panel, select Agreements.

img-330

The columns are described below:

a.Username - Name of the user

b.Email address - email address of the user

c.Agreement date - date and time when the compliance policy was accepted.

d.Status - status of the compliance policy. the status value are as follows:

·Approved - User has confirmed their agreement to the policy.

·Rejected - User has declined the policy.

·New - Administrator has granted the Allow policy managed download permission, but the user has not yet accepted the policy agreement.

·Canceled - Administrator has changed the policy settings and canceled all user agreements.

·Expired - the policy term has ended.

e.Expiration date - Date and time when the compliance policy expires.


Configuring templates

1.Log in to ArchiveWeb.

2.From the main menu, click Compliance.

3.From the navigation panel, select Templates.

img-340

4.In the top section, prepare the template for the Access Denied message in the template editor.

5.In the bottom section, prepare the template for the Reminder message in the template editor.

6.Click Save at the bottom right corner to commit any changes.


Configuring compliance settings

1. Log in to ArchiveWeb

2.From the main menu, click Compliance.

3.From the navigation panel, select Settings.

img-350

Configure the settings as described below:

a.Agreement term - Number of months during which the policy is active.

b.Remind user before expiration - Number of days before the policy expires when a reminder message will be sent to the user.

c.Policy - prepare the policy statement using the template editor.

4.Click Save at the bottom right corner to commit any changes.

5.In Cancel Agreement dialog click Yes to cancel all agreements with users. Users must accept the new policy agreement. Click No to change the policy for new users only (or when saving a policy for the first time).

img-360

 


Accepting compliance agreements

When users who have been granted the Allow policy managed download permission log in to ArchiveWeb, then will see the Policy Agreement page. Users must accept the Policy Agreement to work with protected archived files. This page is also available to users from the [User name] > Manage Settings > Profile > Policy Agreement page, if they want to accept the agreement at a later time.

1.Select the check box I agree

2.Click Save at the bottom right corner to commit any changes.

img-370

 

General Data Protection Regulation

ArchiveWeb now supports option to manage the new General Data Protection Regulation (GDPR) regulations. User can create a retention change request (for Exchange and/or Files items) via context menu. When the request is created, approver(s) get email notification and can review the request. User who created a request is informed via email notification once approver has processed the request. User (who has appropriate permission) can follow the requests in ArchiveWeb by clicking on Retention tab. User can see open, approved and denied requests and also the history.

Approver(s) except of these read-only functions (opened, approved, denied requests and history) have ability to export all items from request to ZIP file, denied the entire request and approve (all or selected) items from request.

 

To use all features of new Retention functionality the working SMTP server is needed, however to use Retention functionality the SMTP is not mandatory. The SMTP service is used to send notification emails to approver(s) and/or retention requester(s).

 

If you’d like to use SMTP service (set SMTP server to use with ArchiveWeb) see the next section: Setting SMTP server under Archive Manager Configuration (PamConfig).

 

 

Archive Manager Configuration (PamConfig)

·First, configuration has to be done outside of ArchiveWeb. Open Archive Manager Configuration Tool from <installdir>\ Program Files (x86) \ Common Files \ PAM \ PAMConfig \ PamConfig.exe.

 

1.Click on Users tab.

2.Make sure that database and scripts are up to date.

3.Click on Users tab / SMTP configuration tab and set the required settings

 

 
Snap109
 

oServer name – specify SMTP server name or IP address where the SMTP server is installed

oPort – specify the SMTP port

oUse SSL – check this button if the SMTP requires SSL connection

oUser name, Password – specify SMTP credential

oSender email – specify email address which will be used to hand-shake with the SMTP

oNumber of retries – specify number of retries the SMTP will try to send the message

 

 

 

ArchiveWeb

Permissions

New Retention permissions have been added to ArchiveWeb:

Permission

Default value

Meaning

Approve retention change requests

Denied

Allows to approve or denied the retention change request and export items

Create retention change request

Denied

Allow to create a new retention change request and to display Retention tab at the top of the navigation bar with ability to list open, approved, denied requests and history.

 

Archive tab – Exchange

User who has at least “Create retention change request” permission will be able to create a retention change request from the context-menu for selected item(s).

For single item – in a preview pane, click on […] action menu and select Create retention change request option

 

For multi selected items – from context-menu select Create retention change request option

 

In both cases the following pop-up window will appear:

 

·Task name – name for retention change request

·Delete request – select to create a delete request

·Set retention time to – select to set a new retention time in months. The purpose for this option is create a retention change request to decrease retention time

·Delete items after the retention expires – by selecting this option the expired items will be automatically deleted

·Reason for request – description of request

 

By clicking on Send request the retention change request will be submitted for approval. Newly created retention change request will appear in Open and History grids in Retention tab.

NOTE: Only items which have no Legal hold flag set will be added to retention change request.

 

 

When the SMTP is correctly set, notification email will be send for user(s) who have “Approve retention change requests” permission set.

Example of notification email:

 

 

 

Archive tab – Files

User who has at least “Create retention change request” permission will be able to create a retention change request from the context-menu for selected item(s).

For single item – in a preview pane, click on […] action menu and select Create retention change request option.

 

For multi selected items – from context-menu select Create retention change request option.

 

In both cases the following pop-up window will appear:

 

 

·Task name – name for retention change request

·Delete request – select to create a delete request

·Set retention time to – select to set a new retention time via calendar. The purpose for this option is create a retention change request to decrease retention time

·Delete items after the retention expires – by selecting this option the expired items will be automatically deleted

·Reason for request – description of request

 

By clicking on Send request the retention change request will be submitted for approval. Newly created retention change request will appear in Open and History grids in Retention tab.

NOTE: Only items which have no Legal hold flag set will be added to retention change request.

 

When the SMTP is correctly set, notification email will be send for user(s) who have “Approve retention change requests” permission set.

 

 

 

Retention tab

This menu option is available to user who has at least “Create retention change request” permission set. The user can see list of open, approved, denied requests and history.

 

Column

Meaning

Task name

Retention change request task name

Request type

Request type:

Change retention request – request to decrease retention time

Delete request – request to delete item

Requested retention

Contains retention time requested in Change retention request task; for Delete request this column is empty

Automatic Deletion

Informs if the option "Delete items after the retention expires" is activated for the given item

Submitted by

Name of the user who submitted the request

Date created

Date-time when the request was submitted

Processed by

Name of the user who approved/denied the request

Date processed

Date-time when the request was approved/denied

Submitted items

Number of items in submitted request

Status

Request task’s status

Reason

Approve/Denied reason

Reason for request

Reason the submitter entered

 

OPEN REQUESTS

OpenRequests

 

When a user has “Approve retention change requests” permission, it means the user is an approver and has permission to Approve, Denied or Export request items. In this case when the OPEN REQUESTS tab contains any request, after clicking on a request in a grid, the item list grid should look like (double-click on item in the list grid will invoke item preview in a pop-up window):

 

ListGrid

 

 

·Approve selected – selected items will be prepared for approval process. After the approver confirms the following dialog, the items will be asynchronously processed

 
request approval

 

If the SMTP is correctly set the submitter will be informed via email, example of notification email

 

 

·Deny all – all items (no selecting is required) will be prepared for deny process. After the approver confirms the following dialog, all items will be denied, no operation from retention change request will be processed and if the SMTP is correctly set the submitter will be informed via email

 
deny request

·Export all – all items will be exported to ZIP file. There is option to encrypt the output ZIP file with a password

 

 

APPROVED REQUESTS

Grid contains list of approved requests

 

ApprovedRequests

 

DENIED REQUESTS

Grid contains list of denied requests

 

DeniedRequests

 

HISTORY

Grid contains list of requests (open, approved and denied). For approved and denied requests after clicking on a request in a grid, items grid will contain list of items (double-click on item in the list grid will invoke item preview in a pop-up window)

 

History

 

The list grid contains “processed” and “waiting” filters.

Column

Meaning

From

For Exchange items – sender’s name

To

For Exchange items – recipient(s) names

Subject

For Exchange items – item’s subject

Folder

For Files items – folder’s name

Name

For Files items – file’s name

Approved

Indicates whether the item was approved

Error

Contains error message, if any

Warning

Contains warning messages, if any

 

·Processed – contains list of processed items.

oFor “Change retention request” – items with selected “Approved” column have been processed, retention time have been changed; if error occurred the “Error” column will contain a message

oFor “Delete request” – items with selected “Approved” column have been processed by Delete job, item has been deleted; if error occurred the “Error” column will contain a message

·Waiting – contains list of items waiting for processing.

oFor “Delete request” – items with selected “Approved” column waiting for Delete job to process the items

 

ArchiveWeb Settings

 

As default, only the super-user specified in Archive Manager for Exchange or Archive Manager for Files (see note below) can access ArchiveWeb and all its functions.  If another user/group should be able to manage roles, super-user can allow access for them in the following ways:

·in ArchiveWeb under logged on user / Manage settings / Permissions

·in Archive Manager for Exchange Administration Center on the Tools / Options / User Roles the given user has to be added with Modify roles option checked

·in the Archive Manager for Files Administration Center on the Settings / User management tab the given user must have the User management permission allowed

 

Please note: Super-user is specified in:

·Archive Manager for Exchange Administration Center / Tools / Options / User Roles)

Snap107

or

·Archive Manager for Files (Enterprise Manager / Settings / User management)

Snap108

 

Roles and Permissions pages allow permission management on user/group level. Individual users can inherit permission or can be granted direct permissions. The priority of permissions follows this order:

1.Direct permission defined for a user (blue highlight under Permissions) on a server

2.Global direct permission defined for a user (blue highlight under Permissions)

3.Inherited permission (yellow highlight under Permissions) on a server

4.Global inherited permission (yellow highlight under Permissions)

5.Default settings (no highlight under Permissions)

All defined permissions apply only for the given instance of ArchiveWeb.

 

On these pages you can allow or deny access to ArchiveWeb features and menu options for individual users or groups, i.e. allow or deny roles. Under Roles, users are assigned to roles. Under Permissions, roles are assigned to users.

Roles

To display the Roles page, click the logged-on user name in the right-upper corner. Select Manage settings from the drop-down menu, then click Roles on the grey sub-bar. In the left pane select the server for which the roles should apply. Now you can assign users/groups to ArchiveWeb roles in the main pane.

List of roles is split into sections – Exchange Archive features are listed under Exchange roles, search features under Search roles etc. Select a role in the list view. All users/groups with access to ArchiveWeb allowed in the Enterprise Manager are displayed under the list view. In case the desired user is not visible, click the Find users and groups icon (ARCHIV~1_img14) to add it to the list. Current status of user/groups in respect to the given role is marked by a check mark.

If you click the Delete icon (ARCHIV~1_img15) the user disappears from the list and will be assigned only the default roles.

NOTE: Users deleted in Active Directory but still existing in Archive Manager are displayed as strikethough.

 

clip0012

 

To assign users/groups to roles:

1.In the left pane the Global option is selected by default; i.e. the configured settings apply to all Archive Servers (File Archive or Exchange Archive) in the environment. Should you wish to apply settings only for a specific server, click it in the left pane; e.g. if you want to allow Legal Hold only for one File Archive Server and not for others.

2.Select the desired role in the list of roles.

3.If the desired user/group does not appear among associated users under the list view, you can add it. Click the plus sign (ARCHIV~1_img17) on the bottom. The Find users or groups pop-up dialog appears. In the Domain drop-down box select the domain in which you want to search. Then search for the user/group.

4.Check the users/groups you want to manage and click OK.

5.The selected users/groups are displayed in the main pane. Manage their roles by checking Allow / Deny.

 

IMPORTANT NOTE:

If UseGlobalPermissionsForAllServers key is set to TRUE or this key does not exist in web.config, the Roles page lists only Global setting. In this case roles for users are set globally, i.e. role set will be applicable to all servers.

Otherwise, if the UseGlobalPermissionsForAllServers is set to FALSE, all available servers will be listed and roles can be set on any server/location. Using this option can slower login process because all accessible servers/locations needs to be searched for roles.

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation