This section outines the steps that are necessary to complete the migration of an archive shared amongst a group of users. The migration will be from one Enterprise Vault environment to another.
In Enterprise Vault, this may simply be a regular mailbox archive so that is maintains the structure from the mailbox where the data comes from. The mailbox itself will ultimately have one true owner in Active Directory, but a number of other users and/or groups may also have access to both the mailbox and the archive.
Capture Permissions on the Source
There a number of ways in which the permissions can be shown for an archive, including the following:
·Open the properties of the archive in the Vault Administration Console, and check the entries on the permissions tab
·Use a script similar to the one provided on the Symantec Connect web site:
Build an EVPM File
From the list of permissions on the source archive an EVPM file should be built. There are details about the way to use EVPM in the Enterprise Vault Utilities Guide. At a high level the steps are:
·Directory section should contain information about the Enterprise Vault Directory computer and Enterprise Vault site name.
·A section should be added called ArchivePermissions
·The Archive Name property should be added to this section with the name of the archive.
·The Grant Access property should be added to this section with a list of people to grant access to the archive. This should be listed one per line.
Perform the Migration
The migration of the archive/container can then be performed. Particular care should be taken in relation to migrating these types of archives/containers because the migration has an impact on a number of people.
Apply the EVPM File
Following the successful migration of the Shared Mailbox / Archive, the EVPM file that was created previously should be run to grant permissions on to the target/new archive.
Archive Shuttle can manage a pool of licenses to provision and migrate data to Office 365 mailboxes or archives whose source archives have been retained but owners have left the organization. It can even treat an archive as though it is ownerless, and migrate it using this process, even if an owner is shown in the user interface.
The general process for doing this is:
1.Define the naming scheme for the target. It is suggested to prefix or postfix names, ex. AL-<archivename> or <archivename>-Departed. This makes the data easier to find in the target after the migration has completed.
2.Define the allowed number of rolling licenses.
3.Perform the mappings.
In the background what will happen is:
1.A user account is created according to the naming scheme.
2.A Personal Archive is created if it was required in the mapping.
3.A license is assigned from the pool.
4.The mailbox/personal archive is placed on the selected type oflegal hold.
5.A license is assigned from the pool.
6.The data from Office 365 about the user is synchronized into Archive Shuttle.
1.Data is exported after the provisioning process is done.
2.Data is imported soon after its exported.
1.The familiar parts of the workflow still occur, such as renaming the source archive, doing a final delta, and so on.
2.The user associated with the mailbox targeted is removed; resulting Office 365 processes are to reclaim the license and treat regard the mailbox in an inactive status.
How to set this up is described below.
The normal Office 365 migration requirements are necessary (see the earlier section). In addition, note that Azure management tools are required. These can be downloaded from: https://msdn.microsoft.com/en-us/library/azure/jj151815.aspx
If these components are not installed, the normal Office 365 migrations will still be successful, but processing of leavers will not be successful. They can be added at any time during the migration; it is not necessary to reinstall or modify the Office 365 module following their installation.
This determines how mailboxes and accounts will be created, using a token system. The following tokens can be used:
·Container Mapping ID
NOTE: PST ID and PST Number are applicable if PSTs are the source environment.
In addition to those, alphanumeric characters can be appended or prepended to the name of the mailbox in Office 365.
This is the location related to license allocation and is required to be chosen from the drop-down list. For a list of license restrictions by region, click here.
This should be a valid email domain that will be used to create mailboxes. Ex. @something.onmicrosoft.com
Hide from GAL
If enabled, the mailbox/user will be hidden from the Global Address List.
Prevent account for being used for interactive authentication.
Legal Hold Type
Permits a selection of the type of hold being used by the leaver process. Only 'Litigation Hold is available.
Licenses can be loaded by clicking the Load Licenses button on the Archive Shuttle ribbon. These will also be loaded after adding a new Office 365 link.
Set Rolling License Count
A specific number of licenses can be used to process leavers. That number should be configured by clicking Set Rolling License Count. Licenses will be consumed up to that limit to migrate users, and will be freed up when Stage 2 completes on those users. When mailboxes are created, personal archives are also created.
The migration of the archive/container can then be performed. The process of mapping the users is the same as with a normal Office 365 migration, however, there is an additional option in the Mapping Wizard where you can select to use Leavers, and you should select an Office 365 Leavers Workflow.
A container can be processed as a leaver if one or more of the following is satisfied:
·It is ownerless in the user interface
·The Active Directory account is disabled
·The Active Directory account is deleted and exists in the Active Directory Dumpster. Note: The account running the AD Collector module must have permissions to read the contents of the dumpster.
NOTE: Archives will be exported, but only the configured number of rolling licensed users will ingest data into the target.
The Stage 2 workflow (EnterpriseVault to Office 365 Leavers) functions in a similar manner to the normal Office 365 workflows. There is an additional step in the workflow (Office365RemoveUser) that handles the removal of the user, resulting in an inactive mailbox appropriate for a naturally occurring leaver. Once the license has been reclaimed from the removed user, additional users that require migration via the leavers process will begin.
Handling Users Who Leave During a Migration
During a migration, if Archive Shuttle detects that a mailbox is no longer present, the user is marked IsDeleted.
Then, you can select the user and select the Enable to Recreate button on the Bulk Mapping page. This enables the leaver mailbox to be created. The users data then gets ingested into the leaver mailbox, as described above.
Or, you can automate the process by selecting the option to Enable auto-recreate deleted O365 Users as Leavers located on the Office 365 Module page within System Configuration under the Configuration section of the UI.