To prepare Enterprise Vault servers for anonymous connections from Exchange 2007 CAS servers, or Exchange 2000 or Exchange Server 2003 back-end servers, perform the following steps as described in this section:
If Enterprise Vault is installed on Windows Server 2008, you need to ensure that IIS Roles and Feature Delegation rights are configured as described in the section, OWA Prerequisites, in the manual, Installing and Configuring.
On each Enterprise Vault server that may receive connection requests from OWA servers, create an ExchangeServers.txt file in the Enterprise Vault installation folder. This file contains a list of the IP addresses for all the Exchange 2007 CAS servers, and any Exchange 2000 or Exchange Server 2003 back-end servers, that will connect to the Enterprise Vault server.
Additional entries are needed if you are configuring this file for clustered Exchange Virtual Server configurations.
See About configuring OWA and RPC Extensions in clustered configurations.
Create or select a domain account to be used for anonymous connections from Exchange Servers to the Enterprise Vault server. This is the Data Access account, which is also used for anonymous connections to the Domino Mailbox Archiving Web application. The steps required to configure the Data Access account for OWA Extensions and Domino Mailbox Archiving are different. To configure the account for OWA, you run a command line script. To configure the Data Access account for Domino Mailbox Archiving, you specify the account on the tab of Directory properties.
If you are configuring both Enterprise Vault OWA Extensions and Domino Mailbox Archiving, it is important to use the same account as the Data Access account for both features.
On each Enterprise Vault server on which you have created an ExchangeServers.txt file, run the script, owauser.wsf, to configure the Data Access account
Synchronize mailboxes and restart the Enterprise Vault Admin service.
To create the ExchangeServers.txt file
Type the IP address of each Exchange 2007 CAS server, and Exchange 2000 server or Exchange Server 2003 back-end server that will connect to the Enterprise Vault server, one entry per line.
Save the file as ExchangeServers.txt in the Enterprise Vault installation folder (typically C:\Program Files\Enterprise Vault).
To configure the Data Access account for OWA
Create or select a domain account to be used for anonymous connections to the Enterprise Vault server. This is the Data Access account. The account should be a basic domain account; a local machine account cannot be used. The account should not belong to any administrator group, such as Administrators or Account Operators.
If you are configuring both Enterprise Vault OWA Extensions and Domino Mailbox Archiving, it is important to use the same account as the Data Access account for both features. If you have already set up Domino Mailbox Archiving, note the details of the account specified on the Data Access Account tab of Directory properties in the Administration Console. Configure this account for OWA as described in this section.
Log on to the Enterprise Vault server as the Vault Service account.
Open a Command Prompt window and navigate to the Enterprise Vault installation folder.
If you are a Windows 2008 user, you must open the Command Prompt window with administrator privileges. To do this, right-click the Command Prompt shortcut on the Windows Start menu and then click Run as Administrator.
Enter the command line that is appropriate to your system. If you have both OWA 2000 and OWA 2003 in your organization, use the OWA 2003 command line.
The file owauser.wsf is installed in the Enterprise Vault installation folder.
For domain, give the domain of the Data Access account.
For username, give the username of the Data Access account.
For password, give the password of the Data Access account.
To display help for the cscript command, type
cscript owauser.wsf /?
The progress of the script execution is displayed in the command prompt window.
The configuration changes made by the script are described in the following technical note on the Symantec Enterprise Support site: http://entsupport.symantec.com/docs/321591.
When the configuration script finishes, you are prompted to restart the Enterprise Vault Admin service and synchronize mailboxes.
If there are multiple
Enterprise Vault servers in your environment, logon to each server
on which you created an ExchangeServers.txt file, and run the script,
owauser.wsf
, using the instructions
given in this section.
If you add another
Exchange 2007 CAS server, or an Exchange 2000 or Exchange Server
2003 back-end server to your environment at a later date, add the
IP address of the server to the ExchangeServers.txt file on the Enterprise Vault
server to which the Exchange Server will connect, and then rerun
the owauser.wsf
script.