How to remove all permissions from an archive using Enterprise Vault Policy Manager (EVPM)

Problem

Sometimes permissions are erroneously applied to an archive and must be removed. This might happen as a result of:

- Incorrect use of the manual permissions settings in the Vault Administration Console (VAC)

- Unexpected or undesired inheritance of permissions from Exchange

Regardless of the cause, it is necessary to identify what is causing undesired permissions to be applied, and removing all permissions can help to determine that.

Solution

Removal of permissions can be achieved via the Enterprise Vault Policy Manager (EVPM). Create the following EVPM .ini file, substituting the particular details of the environment for the italicized values.

[Directory]
DirectoryComputerName=kvsvault
SiteName=archivesite

[ArchivePermissions]
ArchiveName=John Doe
Zap=True


Notes:
   a. Instructions on running EVPM with an .ini script file can be found here.
   b. The Archive name can be copied from the Properties page of the relevant archive in the VAC
   c. Edit the file in Notepad and save in UNICODE format with the extension ini.
   d. Synchronizing the mailbox will reapply all Exchange inherited permissions to the archive, which can be a useful troubleshooting step after all the archive's permissions have been zapped.
   e. After zapping the archive, refresh the view in the VAC to see the changes reflected in the archive's Properties page.
   f. The [ArchivePermissions] section, introduced in Enterprise Vault 4.1, replaces the earlier [VaultPermissions] section. Existing scripts containing a [VaultPermissions] section will still work, but it is recommended to use [ArchivePermissions] in all new scripts.
   g. The ArchiveName value must be one of the following:

  • The name of an archive

  • An ArchiveID

  • ALL (Permissions are zapped from all Journal, Shared, and Mailbox Archives in the specified Enterprise Vault Site)

  • ALL_JOURNAL (Permissions are zapped from all Journal Archives in the specified Enterprise Vault Site)

  • ALL_SHARED (Permissions are zapped from all Shared Archives in the specified Enterprise Vault Site)

  • ALL_MAILBOX (Permissions are zapped from all Mailbox Archives in the specified Enterprise Vault Site)

Terms of use for this information are found in Legal Notices.

Search

Survey

Did this article answer your question or resolve your issue?

No
Yes

Did this article save you the trouble of contacting technical support?

No
Yes

How can we make this article more helpful?

Email Address (Optional)