Chat now with support
Chat with Support

Metalogix Archive Manager for Files 8.3 - ArchiveWeb Manual

ArchiveWeb Settings

ArchiveWeb is configured and ready for use right after installation. No user action is required. However, should the need arise, default configuration can be adjusted in Configuration tool.

The Configuration tool is available on the ArchiveWeb server under <installdir>/Program Files (x86)/Common Files/PAM/PAMConfig/PamConfig.exe. Its ArchiveWeb tab list available configuration options. (For more information on the Multi-factor authentication tab see the section Multi-factor authentication (MFA).)

img-030

 

Tenant service location - URL for MultiTenantWS web service

AM for Exchange service - URL for ExchangePAMWS web service

AM for Files service - URL for FilePAMWebService web service

Search service location - URL for PamSearch web service

Search cache folder - user's temporary storage folder to store e.g. messages downloaded from Exchange server for preview functionality

Export folder - folder where exported files (PST export, ZIP export) are stored (download link points to this folder)

Export folder auto-cleanup [days] - files older than the specified number of days will be deleted from the Export folder.

Export one version per document during PST export - indicates whether to export one version per document during PST export

Auditing server name & port - machine where auditing component is installed

Log-off time - time in minutes to log off when inactive

Show offline server caption - check to show [OFFLINE] suffix for decommissioned servers in servers' list (Archive Manager for Files)

Hide location server - unchecked by default; indicating whether to hide Location Server Name from user's mailbox displayed in Mailboxes tree-view; if not checked, Location Server Name will be displayed as a suffix to user's email, e.g. administrator@[VMMVC5]

Check linked mailboxes - checking whether currently logging user has a linked mailbox associated. When unchecked, the entire login process can be accelerated because no additional Active Directory search is performed

Check trusted domains - checking trusted domains and reading information from trusted relationships. When unchecked the entire login process can be accelerated because no additional reads (from trusted domains) are performed

Use cache for views - when checked, all grid source data are cached after first load. Then all operation on grid that do not change the data will be performed quicker

Use Single Sign-On - when this option is checked, it will set Single Sign-On feature for ArchiveWeb login.

Multi-factor Authentication

ArchiveWeb supports multi-factor authentication (MFA) for O365 user accounts. Setting up MFA is a two-step process:

1.Create a new application in the Azure portal.

2.Configure ArchiveWeb with the Archive Manager configuration tool.


Create a new application in the Azure portal

ArchiveWeb requires a specific Azure site to be created that is used to return an authentication token back to the ArchiveWeb after a user is authenticated via Microsoft portal.

1.Login to your Azure Portal using your administrator credentials (https://portal.azure.com). If your account gives you access to more than one tenant, select your account in the top right corner, and set your portal session to the Azure AD tenant that you want.

2.In the left-hand navigation pane, select the Azure Active Directory service, and then select App registrations > New registration. The App registrations page appears.

3.Click New registration. The Register an Application page appears.

mfa-010

4.Provide the information on this page as described below:

a.Name - Enter a meaningful application name that will be displayed to users. For example, Archive Manager ArchiveWeb.

b.Supported account types - Select the account type you would like your application to support that best meets your company policy.

c.Redirect URI - from the application type drop down select Web. In the URI field enter the ArchiveWeb URI where the user will be redirected after multi-factor authentication (eg. https://<fullservername>/ArchiveWeb/Login/Login/Login)

info

NOTE: The HTTPS protocol is required for MFA to work with O365. To ensure the HTTPS can be used, follow the steps below;

1.On the ArchiveWeb server, open the IIS Management Console.

2.Expand the server node and then expand the Sites node.

3.Select Default Web Site and right-click to open the context menu. Then select Edit Bindings. The Site Bindings window opens.

4.Click Add. The Add Site Bindings window opens.

5.Select https from the Type drop down and fill in the other details as required.

6.Click OK to save the https site binding.

7.Restart the IIS service from the server node and then close the IIS Management console.

5.Click Register. Azure AD assigns a unique application (client) ID to your app, and the application's Overview page opens.

mfa-020

6.From the navigation menu, click Branding. Enter the URLs that your organization may use for the different branding artifacts.

7.From the navigation menu, click Authentication and verify that the Redirect URI parameters are as expected.

mfa-030

8.From the navigation menu, click Certificates & Secrets.

9.In the Client secrets section click New client secret. the Add a client secret page opens.

mfa-040

10.Enter values as described below:

a.Description - enter a meaningful description. For example, ArchiveWeb Client Secret.

b.Expires - set the expiry term that best meets your company policy.

11.Click Add. the client secret is displayed on the Certificates & Secrets page.

info

IMPORTANT: Copy and save the client secret in a safe place. It will not be available when you navigate away from this Azure blade.

12.From the navigation menu, click API Permissions. and then click Add a permission. The Request API permissions page appears.

13.From the Microsoft APIs category, scroll down to the Supported legacy APIs section and select Azure Active Directory Graph.

mfa-060

14.From the Request API permissions page for Azure Active Directory Graph that appears, select Delegated permissions.

mfa-070

15.Click Add permission.

16.From the navigation menu, click Expose an API.

17.In the Scopes defined section, click Add a scope. The Add a scope page opens.

mfa-080

18.Microsoft Azure generates an Application ID URI automatically. It is a globally unique URI used to identify this web API. It is the prefix for scopes and in access tokens,and is also referred to as an identifier URI. You can keep this value or specify a unique value in the same format.

info

IMPORTANT: Copy and save this value in a safe place.

19.Click Save and continue. The Add a scope page displays more options.

mfa-090

20.Click Add scope to complete the registration.


Configure ArchiveWeb with the Archive Manager configuration tool

1.Open the Archive Manager Configuration Tool from C:\Program Files (x86)\Common Files\PAM\PAMConfig\PamConfig.exe

2.From the sidebar, click ArchiveWeb.

3.Click the ArchiveWeb tab. The ArchiveWeb Configuration page appears.

mfa-100

4.Select the Use Multi-factor Authentication check box to enable the fields in the Multi-factor authentication Configuration window.

5.Click the Multi-factor authentication tab. The Multi-factor authentication Configuration window appears.

mfa-110

6.Enter the field values as described below:

a.Organization Name in Office365 - enter the name of your O365 organization URL. For example, democorp.onmicrosoft.com

b.Client ID - enter the Client Id that you saved from the Azure application registration steps.

c.Client Secret - enter the Client Secret that you saved from the Azure application registration steps.

7.Click Apply.

info

IMPORTANT:

When at least one user in an organization has MFA set, the Organization, Client ID and Client Secret should be set in Multi-factor authentication tab as a readiness exercise.

If only a few users in your organization have MFA enabled, the Use Multi-factor Authentication check box should stay unchecked. The settings in the Multi-factor authentication tab will persist when the Use Multi-factor Authentication check box is unchecked. The users who have MFA enabled will be prompted to enter the credentials (user email and password) and then they will be redirected to the Microsoft site where the user has to authenticate again. After a successful authentication by Microsoft, the user will be redirected back to ArchiveWeb.

When all users accounts in an organization have MFA enabled, the Use Multi-factor Authentication check box can be selected. This will force ArchiveWeb to use multi-factor authentication for all users that log in to ArchiveWeb. Users will be prompted to enter only the login email address and they will be redirected to the Microsoft login form to finish the login process.

ArchiveWeb Interface and conventions

After browsing the ArchiveWeb URL (http://<ArchiveWebServerName>/archiveweb), the Login window gets displayed. Users are asked to enter their name (or “domain name\user name” or “email address”) and password. Email address should be:

·Office365 email address

·Active Directory Domain email address in format <name>@domain.com

Please note: johnSmith@ateam.com is equivalent to ateam\johnSmith.

Default language depends on the Windows local setting of the Archive Manager server.

NOTE: When Integrated Windows authentication is turned on, the login page is skipped and the logged-in user’s credentials are used. This is set in C:\Program Files\ Common Files\ PAM \ Web \ ArchiveWeb \ Web.config where <authentication mode = “windows”>.

clip0005

After logging in correctly, the ArchiveWeb application opens. The top-page main bar contains search box (fulltext searching in e-mail body, attachments, file content) and tabs – archive, search, report – representing the activated features of Archive Manager. Once you click one, the grey sub-bar under the main pane displays additional options.

Further, in the right upper corner you may see the logged on user. Click it to unfold the drop-down menu offering the following options:

·Manage settings option provides access to further settings based on user permissions:

·Log out option is to be used when logging off

After clicking Manage Settings, the following menu options appear on the displayed menu bar:

The Roles option is available if the user has necessary permissions. Under this option you can manage user/ArchiveWeb roles assignment based on roles (see the “Roles” section).

The Permissions option is available if the user has necessary permissions. Under this option you can manage user/ArchiveWeb roles assignment based on users (see the “Permissions” section).

The Profile option enables you to adjust ArchiveWeb layout to your liking (see the “Profile Settings” section).

The Shared Mailboxes option is available only when Archive Manager for Exchange is installed and configured for ArchiveWeb.

When shared mailboxes are set for a currently logged user in Archive Manager for Exchange -> Tools -> Mailbox Rights Manager the grid will be populated and a user can select which mailbox(es) he/she likes to be listed in Archive’s mailboxes tree and in searchable mailboxes.

Under the Tags option one can create tags for archive or auditing items (see the “Tags” section).

The File Management option is available if the user has necessary permissions. Under this option you can manage file servers and scheduled jobs (see the "File Management" section).

Snap5a

The Search text box in the upper part of the window was designed for fast and easy searching in archives - Archive Manager for Exchange archive as well as Archive Manager for Files archive. Enter the desired expression and click Enter.

NOTE: Email attachments, email bodies and file contents are searched through only if fulltext search is installed.

 

List view conventions

With advanced list view functionality provided with every ArchiveWeb list view you can easily search even in huge lists of items and adjust the list to your specific needs. List view functions are the same as for all ArchiveWeb lists. In the main pane you can switch between these types of items by clicking on the respective filter:

·archived - all folder archived items except items marked for deletion

·shortcutted - archive items with shortcut in mailbox

·lost - archived items with no reference in mailbox/file system

·tagged - archived items with tag(s)

·locked - locked archived items

·for deletion - archived items that are marked for deletion, i.e. they will be deleted when their retention period expires (and delete job runs)

Preview (if available) of any item you click on appears below the list view. To open More actions menu for the item click the More actions link (MENU) on the right bottom below the list.

Pop-up preview feature is also available for Exchange, Files, Auditing and Search results items. When a user double-clicks anywhere in the item's line, the item opens in pop/up window full screen mode with all functionality as in normal view, such as multi/action menu (MENU), and comments area.

clip0007

 

Check boxes are designed for multi-select. If MORE THAN ONE item is selected, More actions menu appears automatically below the list.

 

clip0008

 

Batch selection/unselection of items is done by clicking the Select all rows (Select all items in folder)/Clear selection action links just above the list. When Select all rows/Select all items in folder action links are selected, operations are performed over all items in the given folder. (See more under "Simple Grid" section.)

It is also possible to change the column order by simple drag-and-drop action. Individual columns can be shown or hidden - these settings are managed in user profile after clicking <UserName> / Manage Settings / Profile in Columns section.

Further, lists can be:

Øsorted

Change the column sorting order by selecting the given column header and clicking its down/up arrow on the right (in case the arrow is not visible adjust the width of the column by dragging the line)

Øgrouped

Group table data by any column. To do so, drag the column header to the bar right above the table. Generated groups can be expanded by clicking the arrows next to them. As usual, the sorting order can be changed by clicking the little arrow in the dragged column header

NOTE: In case of SIMPLE grid (see the Profile settings section) Grouping apply just for items on the current page.

Øfiltered

Create filters as described in detail in “Filter Builder” section below.

 

Simple Grid

Simple Grid is specific type of grid available for Archive\Exchange, Archive\Files and Report\Auditing list view. It allows customization of the list view and offers some specific features for handling the list items as described further. Simple Grid option can be set under <Logged-on User> / Manage settings / Profile / Settings. When you select Use grid view / Simple option for the list view (e.g. for Exchange/Archive list view), the given list view will have page navigation controls and will allow user to set number of items to be displayed per page (Items per page) as shown in the screenshot below.

Snap4

 

Asynchronous folder operations over folder are available for Simple Grid. Click the Select all items in folder link to perform operation over all items in a specified folder.

NOTE: The link does not appear on filter tabs such as “shortcutted”, “lost”, “tagged”, “locked” and “for deletion”.

 

 

clip0058

 

When a user clicks on the Select all items in folder link, the Total rows selected label will show the same number as Result count label shows. No item will be selected (see picture below).

clip0059

 

Additionally, the preview pane displays folder operations menu (according to user permissions) except “Restore” functions. (“Restore” operations are not allowed as folder operations.)

 

 

 

Exchange

Files

Audit

clip0060

clip0061

clip0062

 

By selecting any operation from “FOLDER OPERATIONS” action menu, a confirmation dialog appears:

 

clip0063

 

Only when a user confirms this dialog the desired operation will be added to the Task list queue. The Task list is regularly checked for new tasks. When task arrives and no other is running, the given task will be run. Otherwise the task will wait in a queue.

NOTE: Only one task can be performed at a time.

 

 

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating