Chatta subito con l'assistenza
Chat con il supporto

Archive Manager for Files 8.9 - ArchiveWeb Guide

Roles

The Roles page displays permissions categorized by roles. These permission sets can be granted to users and groups either globally or by server and location. The Roles page helps you revoke or grant a specific permission to one or more users and groups. See the Permissions page to revoke or grant one or more permissions to a specific user or group.

Steps to access the Permissions page

1.Log in to ArchiveWeb.

2.From the main menu, click the username dropdown and then select Manage settings.

3.From the local toolbar, click Roles.

Steps to grant a permission to users or groups:

info

NOTE:

If the UseGlobalPermissionsForAllServers key is set to true or this key does not exist in the web.config file, the Roles page lists Global settings. In this case permissions for users and groups are set globally and are applicable to all servers.

If the UseGlobalPermissionsForAllServers is set to false in the web.config file, all available servers will be listed and permissions can be set for users or groups for a selected server or location. Using this option can slow down the login process because all accessible servers and locations must be searched for role assignments.

1.Either click Global or select a server to display the permissions in the right-hand pane.

2.Select a permission from the right-hand pane. In the Group and Username section, Default indicates the default settings for this permission. Specific users and groups can be added to this  section to change their default permissions setting.

img-530

3.To add a user or group:

a.Click ico-120-add-user in theGroup and Username section.

b.In the Find Users or Groups window, enter a group or user name in the search field. You can use the asterisk (*) as a wildcard in the search criteria or leave the field blank to include all entities. Users can be searched by user-name, logon-name or display-name.  To search for Microsoft 365 users, select Office 365 user and then search for the user.

c.Select the users or groups to add. You can use Select all to add all users and groups in the search result.

d.Click OK to add the selected users and groups to the permission.

4.Set the toggle switch to ico-160-toggle-on to grant the permission. Set the toggle switch to ico-150-toggle-off to revoke the permission.

5.To remove a user or group, click ico-170-delete-user next to the user or group. The default setting will be applied to all removed users and groups.

 

Permissions

The Permissions page helps you to revoke or grant one or more permissions to a specific user or group.

In this topic:

·Opening the Permissions page

·Adding users or groups

·Removing users or groups

·Synchronizing groups and sub-groups

·Viewing group members

·Granting permissions to users or groups


To open the Permissions page

1.Log in to ArchiveWeb.

2.From the main menu, click the username dropdown and then select Manage settings.

3.From the local toolbar, click Permissions.


To add users or groups:

1.Click ico-120-add-user in the left-hand pane.

2.In the Find Users or Groups window, enter a group or user name in the search field. You can use the asterisk (*) as a wildcard in the search criteria or leave the field blank to include all entities. Users can be searched by user-name, logon-name or display-name.  To search for Microsoft 365 users, select Office 365 user and then search for the user.

img-510

info

NOTE: Microsoft 365 users, groups and subgroups must be imported into Archive Manager for Exchange.

3.Select the users or groups to add. You can use Select all to add all users or groups.

4.Click OK to add the selected users and groups to the Permissions page. The user of group will remain on the Permissions page if a permission of the user or group is modified in the current ArchiveWeb session.

5.If a group has subgroups a confirmation window opens. Select Yes to add the subgroup. Only subgroups of the parent group will be added. If a subgroup has more subgroups, they will not be added. Select No to ignore the subgroup and add the parent group only.

img-512


To remove users or groups:

1.Click ico-130-remove-user in the left pane.

2.In the Remove users or groups window, select the users or groups to remove. You can remove only users or groups if a permission of the user or group has been modified in the current ArchiveWeb session.

3.Click OK.


To synchronize groups and sub-groups:

1.Click Refresh All in the left pane. The Refresh window opens.

img-580

2.Click the toggle buttons to enable additional synch features as described below:

a.<No toggle button enabled> - all imported groups will be synchronized with the Active Directory (only content in the right-hand pane will be updated).

b.Process sub-groups - all imported groups will be synchronized with the Active Directory and new subgroups will be imported.

c.Remove deleted groups/mailboxes - all imported groups will be synchronized with the Active Directory and deleted groups or mailboxes will be removed from the left-hand pane.

3.Click Process to begin the sync process.


To view group members:

1.Click ico-140-view-group-members next to the group for which you want to view the members. The members are listed in the right-hand pane.

2.Enter a search criteria for any of the columns and click the search filter ico-110-filter to select a search operation. You can set search criteria for multiple columns. The Result count indicates the number of members in the group.

3.Click Refresh to get the latest list of members if users or subgroups are added or removed from the group in active directory while you are logged in to ArchiveWeb. If users or groups are added or removed, a confirmation window opens. Click Yes to confirm whether you want to add or remove a user or subgroup.

4.If groups have more members than can be displayed on the page, they are presented in multiple pages. You can use the scroll buttons at the bottom of the right-hand pane to scroll through multiple pages.

img-500


To grant permissions to users and groups:

1.Select the user or group from the left-hand pane. If the user or group is not listed, click ico-120-add-user and use the Find user or group window to add the user or group.

2.The permissions available for the user or group are listed in the right-hand pane. They are categorized for ease of use.

3.Locate the permission that you want to grant or revoke. Set the toggle switch to ico-160-toggle-on to grant the permission. Set the toggle switch to ico-150-toggle-off to revoke the permission. For example, all users are allowed to log in to ArchiveWeb because the Logon to ArchiveWeb permission is granted by default. Only the super-user or administrator has the ability to grant or revoke this permission for a user or group.

img-520

4.You can grant or revoke all permissions for a user or group by setting the Allow all permissions toggle switch at the bottom of the right-hand pane.

5.You can reset the permissions to default settings when you click ico-180 next to the user of group in the left-hand pane.

 

Permissions list

The table below lists default ArchiveWeb permissions categorized by roles.

Permission

Default value

Auditing

Access all mailboxes

Denied

Apply tags

Denied

Auditor access

Denied

Export auditing logs

Denied

Export results to ZIP

Denied

Show auditing logs

Denied

Compliance

Allow policy managed download

Denied

Compliance management

Denied

Exchange

Add comments to mails

Denied

Apply tags

Allowed

Compare mailbox with archive

Allowed

Delete item

Denied

Restore items

Denied

Set "Legal Hold" flag

Denied

Show "Legal hold" flag

Denied

Show comments

Denied

Show lost data

Allowed

Show own mailbox

Allowed

Show public folders

Allowed

Show shared mailbox

Allowed

File

 

Add comments to files

Denied

Apply tags

Allowed

Delete files

Denied

Restore files

Denied

Set "Legal Hold" flag

Denied

Show "Legal hold" flag

Denied

Show comments

Denied

Show files server

Allowed

Journaling

Access journal

Denied

Management

Configure Files servers

Denied

Extend retention time

Denied

File management

Denied

Logon in ArchiveWeb

Allowed

Manage scheduler

Denied

Search servers management

Allowed

Retention

 

Approve retention change requests

Denied

Create retention change request

Denied

Search

Delete saved result

Allowed

Export to mailbox

Denied

Export to PST

Denied

Export to ZIP

Denied

Restore items

Denied

Save search result to database

Allowed

Search files

Allowed

Search mails

Allowed

Statistics

Export statistics

Allowed

Files - Show statistics

Denied

Mails - Show statistics

Denied

 

Auditor Access

Journals in Exchange Server are used to enforce legal, regulatory, and organizational compliance in organizations by recording all or targeted email messages. In addition to journals, mailbox audit logs are also used to track who logs on to the mailboxes in your organization and what actions are taken by delegate users.

Auditor Access grants users the ability to view all mailbox journals that are imported, audit logs, retentions and search. Use this powerful feature with discretion.

To use this feature you must grant Auditor access permissions to at least two users. The two-user authentication mechanism works as follows: If John wants to log in as an auditor, he must have the Auditor access permission, and he must able to specify the username of another user who has the Auditor access permission, before he can successfully log in as an auditor.

Steps to grant the Auditor access permission to a user

1.Log in to Archive Manager ArchiveWeb with the credentials of a user who has the ability to grant permissions to other users.

2.From your account name dropdown, select Manage Settings. Then select the Permissions tab.

3.Click the Add User icon and locate the user from the Find Users or Groups search window.

4.Select the user from the user list on the left to display the permission set in the right-hand pane.

5. Set the toggle switch to ico-160-toggle-on to grant the Auditor access permission to the user.

info

NOTE: No user is granted this permission by default. As a result auditor access is denied to all users including the super-user or the administrator.

6.In the confirmation dialog that appears, click Yes to grant the Auditor access permission.

info

NOTE: Granting the Auditor access permission automatically grants all permissions of type Auditing.

7.Repeat the above steps to grant the Auditor access permission to at least one or more users as needed.

Steps to log in as an auditor

1.If you have the Auditor access permission, enter your username and password in the ArchiveWeb log in page.

2.Toggle the Auditor access button to turn on the feature. Notice that the username field label changes to Auditor 1 username. This is the account that will be used to log in as an auditor.

3.Click Log in. The Auditor 2 username field appears.

auditor-access-step-4

4.Enter the username of another user who has the Auditor access permission in the format domain\username.

5.Click Log in again.

6.If the two-user authentication succeeds, the Archive Manager workspace appears.

7.From the top bar, click archive to open the archive view.

8.Click the Exchange tab.

9.Expand the Mailboxes node and select a journal to view its contents.

auditor-access-step-5

info

NOTE: If you have added a journal mailbox but cannot see its contents, check the Mailbox type property of the mailbox.

To specify a journal type mailbox follow the steps below:

1.Select the journal mailbox, and right-click to open the context menu

2.From the context menu select Properties to open the Properties window.

3.In the General tab, locate the Mailbox type property.

4.Set this value to Journal by selecting the value from the dropdown.

5.Click OK to confirm the change and return to the mailbox.

auditor-access-step-6

 

Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione