How to Configure Proxy Access to Archives and Access them in Netmail Search
Posted by , Last modified by Donald Sloat on 07 May 2018 03:47 PM
A practical feature in Netmail Archive is proxy access to other user's archived data through Netmail Search. Although proxy access is generally used to view archives of retired accounts (e.g., those belonging to employees who have left an organization), it can also provide access to current user's archives. This article will explain how to manage proxy access rights and how to use the Proxy Access feature in Netmail Search.
Assigning Proxy Rights to Accounts
To configure proxy access rights, log in to the Netmail Administration console and navigate to the Archiving container. In the main page of the console, click the Proxies Rights tab.
1) To assign proxy access, start by clicking the Find button to list all user accounts:
2) A list of all accounts that have archives will be returned. In the left column/field, highlight the user to whom proxy access to other accounts will be granted and click the Select button to add that user account to the User box/field on the right. Note that it is possible to search for specific users by entering search criteria in the List users featuring field/box and clicking the Find button. This will generate a list of users matching the search criteria.
3) The next step is to select those users whose archives will be made accessible by proxy. To do this, highlight the user(s) in the list on the left whose archives should be accessible to the user selected in Step 2, and click the Add button. The selected user(s) will appear in the ‘Has access to the archives of users’ field on the right, as shown in the example below:
4) If proxy access to other user's archives is only needed on a temporary basis such as for a specific eDiscovery project or event, the system may be configured to auto-revoke proxy access after a predetermined time period. Temporary proxy access can either be configured when setting up initial proxy access rights or at any other time by selecting the Auto-revoke access check box and setting the desired number of days for which proxy access will be allowed. In the example below, the user danielch was assigned proxy rights to archives belonging to the Ludovic user account for a period of 5 days, after which rights will be automatically revoked:
5) When the assignment of proxy access rights is complete, click the Save button to write the changes to OpenLDAP, where a proxy rights attribute will be created and stored (described below in the OpenLDAP attributes section of this article). A Successfully updated configuration message will confirm that the changes were saved. Users assigned proxy rights will be able to see the archive of other users when logged in to Netmail Search (please refer to the Section below on Accessing Proxy Accounts in Netmail Search).
Listing All Users with Proxy Access Rights
To view the complete list of users assigned proxy access rights to other user’s archives (and the users whose archives they have access to), click the Get List button to generate this list. As shown in the example below, all users with proxy rights to other’s archives will be listed in the left column.
To view those users whose archives are accessible to a specific user with proxy rights, highlight the user who has rights in the left column (danielch@EX2010@DC@User in the example below) and click the Select button; this will add that user to the User field/box on the right; the box immediately below it (has access to the archives of users) will list all users whose archives are accessible by proxy:
OpenLDAP Attributes for Proxy Access - maProxies
Information about proxy access rights is stored as an attribute in OpenDLAP called maProxies. This section will explain how to view the maProxies attribute.
To view proxy access attributes in OpenLDAP, connect with an ldap browser to the Base DN (cn=archiving,o=netmail) with the netmail account DN (cn=netmail,cn=system,o=netmail). Find and expand the users container (cn=users) and locate the user that was assigned proxy rights to others’ archives (the danielch@EX2010@DC@User object in the example below):
When logged into Netmail Search, the logged in user's archives and the archives of the proxy users will be accessible. This is illustrated in the screenshot below in which the logged in user (DanielCh) has proxy access to his archives as well to the archives of another user (LuDoviC):
Managing Archives as a Proxy User
Users logged in to Netmail Search with the Proxy Access Role can filter, search, forward, print, etc. other user's archives just as they would do with their own archives.