Creating our user accounts to access the archive.
VIPRE - Email Archive has multiple level of user accounts, in this guide we'll setup two different level's of users - Privileged and Data Guardian user types. We'll briefly go into these user types below.
? What is a Privileged User?
Privileged Users are also called e-Discovery Users, are users who are able to search across the archives and do their e-discovery investigations. This user can search across all emails in that VIPRE - Email Archive system (or that VIPRE - Email Archive company, when in multi-tenant mode) unless one or more searchable domains are added. Any searches made by Privileged users will raise an audit transcript that is sent to the Data Guardian(s).
? What is a Data Guardian User?
A Data Guardian is, in VIPRE - Email Archive, an email address to which transcripts of administrator access and privileged user searches will be sent. At least one data guardian must be added, before adding any local user accounts.
Setting up a Privileged User
Let's proceed to setup a privileged user for our archive.
- Navigate to Basic Configuration > Local User Accounts.
- Click the Create New Account button.
- Enter / Select the required values in the fields. Refer to the table below for field names and descriptions.
- Review all the values that you have entered / selected and click Save Changes.
The user account will be created and the password for the account will be displayed on the screen.
Setting up a Data Guardian User
Now that we've setup a privileged user that can search the entire archive, let's setup a Data Guardian to police those actions.
- Navigate to Basic Configuration > Data Guardians.
- Look for the Data Guardians Section
- Enter / Select the required values in the fields. Refer to the below field descriptions.
- Click Add
- Review all the values and click Save.
The data guardian will be created and they will now have access to data guardian features.
Privileged User
Username | Refers to the unique username of the account. It is recommended that the name is different to a user’s network login id name and you append _admin / _priv / _basic to the username to ensure that it is different to a user’s standard login name, and it also indicates the type of user. |
First Name | Refers to the first name of the user. |
Last Name | Refers to the last name of the user. |
Admin Level | Refers to the type of user being created. |
Account Status | Specifies whether the account is active or not. |
Last log-in date | Refers to the date on which the user last logged into the account. |
Account creation date | Refers to the date on which the account was created. |
Primary Email Address | Refers to the email address to which all emails, to the user, from VIPRE - Email Archive will be sent. This will include reset Password and Forward-to-inbox emails. Once a new account is saved, a random password is assigned and emailed to the new user’s primary email address. If VIPRE - Email Archive is unable to send this email, then the password will be displayed on this screen. |
Authentication type | Refers to any of the 3 authentication types which the user will be required to fulfill to log into the account |
Searchable Domains | Refers to the domains, to send and receive emails, to which you want to restrict the Privileged user(s).Leave this field blank for un-restricted searches. |
Exclude Addresses | Refers to the email addresses which you want to prevent from being included in search results. Leave this field blank for un-restricted searches. |
Requires another Priv User/Data Guardian to authorise searches | Specifies whether the user account needs authorization for searches, from another privileged user or data guardian |
Other Auditors | Refers to the email addresses, in addition to the data guardians, on which you want to receive summary search transcripts. |
Data Guardian:
Transcript reference retain period | Number of days the details of each email viewed by a Privilege User, and summarised under a transcript reference, will be held in VIPRE - Email Archive. The default is 0 (the transcript reference details will never be deleted). If a value other than 0 is used, then the Data Guardian will not be able to review a Privilege User search that was performed more than that number of days ago. |
Data Guardians |
Email address(es) that will be the data guardians. who will oversee the activities of Administrators and Privilege users. Recommended data guardians are:
|
Priv Transcripts |
Specifies whether or not the data guardian will receive privileged user transcripts. |
Admin Transcripts |
Specifies whether or not the data guardian will receive administrator transcripts. |
Enable user identity switching |
Specifies whether or not a data guardian is allowed to switch identity. |
Require Password Re-entry |
Specifies whether or not re-entering a password is required to switch identity. If a password re-entry is needed, then the password of the original login (usually your LDAP Network password) may be entered OR the password of the account you are switching to. |
Auto Logout |
Time, in minutes, after which the user will be logged out of their session. This can be set individually for each user type. |
Carlos Rios
Comments