Enterprise Vault mailboxes have "Automatically set" permissions
Hi everyone,
Question for the group. This could be something I'm missing easily, but wanted some clear guidance on dealing with the issue.
So I've got users who have access to everyone's vault. When I attempt to remove their access, I am told they cannot be removed as they have "automatically set" permissions associated with it. Now I've read that I can "zap" the permissions. What I want to do is make it so everyone has access to their own vaults and no one elses. I found the EVPM.exe and a folder called EVPMScripts that has a file called GrantVSAAccess.ini in it.
[Directory]
DirectoryComputerName=Server Name
Site Name= Site
[ArchivePermissions]
ArchiveName = ALL
GrantAccess = delete read write,Service Account
I'm assuming this is where I need to go access the permissions so not everyone and their mother access to everyone's vaults. Do I need to make a new ini file and run that? How exactly do I zap these permissions and reset everyone to just have their own?
Thanks everyone!
You'll need to use the Exchange Management Console (ECM) and remove the permissions from the associated mailboxes. EV automatically assigns the permissions that are on the mailbox. Inherited permissions being uncheck only prevents container level permissions from being set on the archive, but any addiitonal permissions set directly on the mailbox will automatically be assigned.