About administrator security

Enterprise Vault provides the following mechanisms that you can use to control the access administrators have to the Administration Console:

Roles-based administration

Many administrative tasks do not require all the permissions that are associated with the Vault Service account. Roles-based administration enables you provide individual Enterprise Vault administrators with exactly the permissions that are required to perform their individual administrative tasks.

You can assign individuals or groups to roles that match their responsibilities, and they are then able to perform the tasks that are included in those roles. Because the permissions are associated with roles rather than individual administrators, you can control the role permissions without having to edit the permissions for each administrator

Admin permissions

You can grant or deny access to the following containers in the Administration Console tree:

File Server
Exchange Server
Domino Server
SharePoint Virtual Server
Enterprise Vault Server

You can control access by assigning roles, or by using admin permissions, or both.

When you install or upgrade to Enterprise Vault 8.0, only the Vault Service account has access the Administration Console. You can restrict the tasks administrators can perform by assigning roles. You can further restrict access by using admin permissions to restrict administrators to managing specific Administration Console containers.

An administrator's role also defines what that administrator can see when using Enterprise Vault Operations Manager.