The instructions in this section are similar to the instructions for configuring Enterprise Vault servers for anonymous connections from OWA Exchange Servers. To support anonymous connections from an Enterprise Vault proxy server, you run the same script, owauser.wsf, but provide the details of connecting Enterprise Vault proxy servers instead of Exchange Servers.
To prepare Enterprise Vault servers for anonymous connections from an Enterprise Vault proxy server
If Enterprise Vault is installed on Windows Server 2008, ensure that IIS Roles and Feature Delegation rights are configured as described in the section, OWA Prerequisites, in the manual, Installing and Configuring.
On each Enterprise Vault
server that may receive anonymous connections from Enterprise Vault
proxy servers, create an ExchangeServers.txt
file as described in this
section. This file contains a list of the IP addresses for all the
Enterprise Vault proxy servers that connect to the Enterprise Vault
server.
On each Enterprise Vault
server on which you have created an ExchangeServers.txt
file, run the script,
owauser.wsf, as described in this
section. This script configures the Data Access account for
anonymous connections.
To configure the Data Access account for Outlook RPC over HTTP client connections
If you have already configured Enterprise Vault for OWA or Domino Server Archiving, then an account already exists for managing anonymous connections. This account is the Data Access account. If the account already exists, you must use the same account for anonymous connections from Enterprise Vault proxy servers.
For Domino Mailbox Archiving, the details of the Data Access account are specified on the Data Access Account tab of Directory properties in the Administration Console.
If the Data Access account does not exist, then create an account for this purpose. The account should be a basic domain account; a local machine account cannot be used. The account should not belong to any administrator group, such as Administrators or Account Operators.
Use the Vault Service account to log on to the Enterprise Vault server that receives anonymous connections from the Enterprise Vault proxy server.
Open a command prompt window and navigate to the Enterprise Vault installation folder.
If you are a Windows 2008 user, you must open the command prompt window with administrator privileges. Right-click the Command Prompt shortcut on the Windows Start menu and then click Run as Administrator.
Enter the following command line:
cscript owauser.wsf /domain:domain /user:username /password:password
The file owauser.wsf is installed in the Enterprise Vault installation folder.
For domain, give the domain of the Data Access account.
For username, give the user name of the Data Access account.
For password, give the password of the Data Access account.
To display help for the cscript command, type
cscript owauser.wsf /?
The progress of the script execution is displayed in the command prompt window.
The configuration changes made by the script are described in the following technical note on the Symantec Enterprise Support site: http://entsupport.symantec.com/docs/321591.
When the configuration script finishes, you are prompted to restart the Enterprise Vault Admin service and synchronize mailboxes.
Restart the Admin service using the Services console.
Use the Enterprise Vault Administration Console to synchronize mailboxes. In the Exchange Mailbox Archiving task properties, select the Synchronization tab. Synchronize Mailbox properties and permissions for all mailboxes.
Restarting the Admin service ensures that Enterprise Vault authentication knows the identity of the Data Access account. Synchronizing the mailboxes updates the client hidden message with the URL to use when connecting to the Enterprise Vault proxy server.
If there are multiple
Enterprise Vault servers in your environment, logon to each server
on which you created an ExchangeServers.txt
file. Run the script,
owauser.wsf
, using the instructions
that are given in this section.
If you add another
Enterprise Vault proxy server to your environment at a later date,
first add the IP address of the server to the ExchangeServers.txt
file. Then you rerun the
owauser.wsf
script.