HP IAP Version 2.0 Administrator Guide (July 2008)
Feature
Description
All Repositories
All repositories to which a user has access — either through direct access or
through group membership.
Proxies
Displays the email addresses that will route to the user’s primar y repository.
Check boxes
Active/Disabled
Select or clear this check box to enable or disable the user account on the IAP.
IAP Admin
Select this check b ox to grant the user administrative privileges on the PCC.
It’s best to cr
eate a new, local account for the administrator. Be sure to also define
a local passw
ord.
Compliance
Select this check box if the user is authorized to view all recipients (including
BCC addressees) in the repositories to which the user has access. This function is
generally limited to compliance officers. For a compliance officer to see any BCC
information, either BCC or envelope journaling MUST be enabled on the Exchange
Server and the corresponding setting must be enabled on the email miner. The
system must be running with Compliance archiving, as this feature is not available
with Selective Archiving.
IAP Remote
Authoriz ation
An IAP remote authorization user must be in the system for replication statistics to be
displayed properly in the Replication view. A user account is automatically created
for this purpose, with the username of AuthorizationUser and a randomly-generated
password.
You can change the password for this account. You can also create a new IAP
remote authorization user account and password if you want. If you create a new
account, be sure to clear this check box in the AuthorizationUser a ccount, or delete
AuthorizationUser from the system.
Administrati v e delete
The Administrative Delete functionality gives a user, who is granted with a designated privilege, the
ability to physically delete all references of a message that has been stored in the archive. This gives the
designated user the ability to remove inadvertently distributed messages from the archive. This feature will
typically be used in the Federal space for dealing with classified d ata; however, it does have application
outside this area. It is the responsibility of the customer to verify that using this feature does not interfere
with their corpora tion’s record retention policies. HP will not be held liable for the irresponsible use
of this feature. HP has m ade every effort to put the proper co ntrols and logging in place to prevent
unintentional removal of data from the system.
Enab
ling Administrative Delete
Administrative Delete is enabled or disabled at the domain level.
1. In the Domain.jcml file, use the AdminDeleteEnabled field to indicate whether a Domain
has
Administrative Delete enabled. If enabled, the system will allow a user who has appropriate
privilege to delete emails.
To enable Administrative Delete, AdminDeleteEnabled has to be set to true:
Adm
inDeleteEnabled=true
If the field doesn’t exist in the Domain.jcml file, add it.
If Ad
ministrative delete is enabled, Audit log must also be enabled as described in Audit log.
To di
sable Administrative Delete, set the AdminDeleteEnabled field to false.
2. After configuring Domain.jcml,runregloader.pl –cv –clearallConfirm=xxx on the
Kickstart server and /opt/bin/restart on PCC to restart the whole appliance.
The P
CC General IAP Configuration pa ge shows the enable status of the Administrative Delete Service.
52
Account Manager (AM)