Enterprise Vault™ Installing and Configuring

Last Published:
Product(s): Enterprise Vault (15.1)
  1. About this guide
    1.  
      When to use this guide
    2.  
      Introducing this guide
    3. Where to get more information about Enterprise Vault
      1.  
        Enterprise Vault training modules
  2. Section I. Enterprise Vault requirements
    1. Enterprise Vault hardware requirements
      1. Hardware requirements for Enterprise Vault server
        1.  
          Running Enterprise Vault on a virtual server
        2.  
          Additional processing capacity for initial archiving
      2.  
        Hardware requirements for SQL Server
      3.  
        Network requirements for Enterprise Vault
      4. About the storage requirements for Enterprise Vault
        1. Storage for vault stores
          1.  
            Preparing WORM storage devices
          2.  
            Required amount of storage for vault stores
          3.  
            Migration of archived data to secondary storage
        2.  
          Storage for Enterprise Vault indexes
        3.  
          Storage for Enterprise Vault index snapshot location
        4. Storage requirements for SQL databases
          1.  
            Storage required for the Enterprise Vault Directory database
          2.  
            Storage required for the vault store databases
          3.  
            Storage required for the fingerprint databases
          4.  
            Storage required for the Monitoring database
          5.  
            Storage required for the FSA Reporting databases
          6.  
            Storage required for the audit database
        5.  
          Storage requirements for the Enterprise Vault cache folder
        6.  
          Local storage requirements for temporary files
        7.  
          TEMP folder security requirements
        8.  
          Granting additional users and groups access to the TEMP folder
    2. Enterprise Vault required software and settings
      1.  
        About the Enterprise Vault required software and settings
      2.  
        About valid computer names for Enterprise Vault servers
      3.  
        About the Enterprise Vault Deployment Scanner
      4. Basic software requirements for Enterprise Vault
        1. Required operating system components for Enterprise Vault
          1.  
            Installing MSMQ
          2. Internet Information Services (IIS)
            1.  
              Enterprise Vault requirements for IIS
          3.  
            PowerShell
          4.  
            MSXML
          5.  
            Windows IFilter
        2.  
          SQL Server software
        3.  
          SQLXML
        4.  
          Net.Tcp port sharing on Index Servers
      5. Best practice settings for Enterprise Vault servers
        1.  
          Message queue cleanup interval: MessageCleanupInterval
        2.  
          Message queue message storage limit: MachineQuota
        3.  
          Disable opportunistic locking: OplocksDisabled
        4.  
          Disable loopback check: DisableLoopbackCheck
        5.  
          Disable strict name checking: DisableStrictNameChecking
        6.  
          Maximum Outlook attachments and recipients: AttachmentMax and RecipientMax
        7.  
          TCP/IP maximum ports and TCP timed wait delay
      6. Preinstallation tasks for Enterprise Vault server
        1.  
          Creating the Vault Service account
        2.  
          Creating a SQL login account
        3. About assigning permissions and roles in SQL databases
          1.  
            Assigning permissions and roles in SQL Server databases
        4.  
          Assigning the required SQL Server roles and permissions to an Active Directory group
        5.  
          Locking down Enterprise Vault SQL databases
        6.  
          Creating Enterprise Vault DNS aliases
        7.  
          Turning off or reconfiguring Windows Firewall
        8.  
          Securing data locations
        9.  
          About User Account Control (UAC)
    3. Additional requirements for Operations Manager
      1.  
        About additional requirements for Operations Manager
      2.  
        Where and when to install Operations Manager
      3.  
        Additional required software for Operations Manager
      4.  
        Additional preinstallation tasks for Operations Manager
    4. Additional requirements for classification
      1.  
        Prerequisites for classification
      2.  
        Roles-based administration (RBA) and the classification feature
    5. Additional requirements for Enterprise Vault Reporting
      1.  
        About the requirements for Enterprise Vault Reporting
      2.  
        Where and when to install Enterprise Vault Reporting
      3.  
        Prerequisites for Enterprise Vault Reporting
      4.  
        Enterprise Vault reports that require monitoring or auditing to be enabled
      5.  
        Preparing for the installation of Enterprise Vault Reporting
    6. Additional requirements for Exchange Server archiving
      1.  
        About Exchange Server archiving
      2. Preinstallation tasks for Exchange server archiving
        1.  
          Installing Outlook on the Enterprise Vault server
        2.  
          Creating the Enterprise Vault system mailbox
        3.  
          Removing the restriction on NSPI connections to a Windows Server domain controller
        4.  
          Creating a user profile on the Enterprise Vault server
        5.  
          Creating a mailbox for the Vault Service account
        6.  
          Configuring the Exchange throttling policy on the Vault Service account
        7.  
          Granting the Vault Service account Send As permission on the system mailboxes
        8. Assigning Exchange Server permissions to the Vault Service account
          1.  
            Microsoft Exchange permissions assigned to the Vault Service account
      3. Enterprise Vault client access with Exchange Server archiving
        1.  
          Requirements for the Enterprise Vault Outlook Add-In
        2.  
          Requirements for Enterprise Vault Client for Mac OS X
        3.  
          Requirements for the Enterprise Vault Office Mail App
        4.  
          Requirements for OWA
        5.  
          Customized shortcuts
        6.  
          Browser-based access to archives
    7. Additional requirements for Domino Server archiving
      1.  
        Domino Server archiving requirements for all Enterprise Vault servers
      2. Requirements for Domino mailbox archiving
        1.  
          Required software for Enterprise Vault Domino Gateway
        2.  
          Required software for target Domino mail servers
        3.  
          Requirements for Enterprise Vault extensions for Notes clients
        4.  
          Preinstallation tasks for Domino mailbox archiving
        5. Register the Enterprise Vault Domino Gateway
          1.  
            Configuring the Internet port on the Enterprise Vault Domino Gateway
          2.  
            Configuring server security for the Enterprise Vault Domino Gateway
          3.  
            Configuring Single Sign-On on the Enterprise Vault Domino Gateway
          4.  
            Configuring Time-based One-Time Password on the Enterprise Vault Domino Gateway
          5.  
            Clustering Enterprise Vault Domino Gateway servers
          6.  
            Configuring an alias URL for web connections to the Enterprise Vault Domino Gateway server
        6. About the user ID for Domino mailbox archiving
          1.  
            Creating the Domino archiving user
          2.  
            Granting the Domino archiving user access to all mail files
        7.  
          Configuring the server document for each target Domino mail server
        8.  
          Install and configure Enterprise Vault Domino Gateway
      3. Requirements for Domino journaling archiving
        1. Requirements for Enterprise Vault archiving from Domino Journaling databases
          1.  
            Support for Enterprise Vault archiving from clustered Domino journal databases
        2.  
          Configuring access for Enterprise Vault to Domino domain, server, and Journaling location
        3.  
          Domino mailing list groups
        4.  
          Client access for Domino journal archiving
    8. Additional requirements for File System Archiving (FSA)
      1.  
        About the requirements for FSA
      2.  
        Enterprise Vault server requirements for FSA
      3. About FSA shortcuts
        1.  
          Placeholder shortcut requirements
      4.  
        About the FSA Agent
      5.  
        Preparing file servers for FSA
      6.  
        Client requirements for FSA
    9. Additional requirements for SharePoint Server archiving
      1.  
        About the Enterprise Vault server requirements for SharePoint Server archiving
      2. Requirements for SharePoint Servers
        1.  
          About SharePoint security certificates
    10. Additional requirements for Skype for Business Archiving
      1.  
        About the requirements for Skype for Business Archiving
      2.  
        Prerequisites for Skype for Business Archiving
      3.  
        Roles-based administration (RBA) and Skype for Business Archiving
      4.  
        Assigning the permissions required for exporting conversations from Skype for Business
    11. Additional requirements for SMTP Archiving
      1.  
        Additional requirements for Enterprise Vault SMTP servers
    12. Additional requirements for Enterprise Vault Search
      1.  
        Server requirements for Enterprise Vault Search
      2. Requirements for installing Enterprise Vault Search Mobile edition on a proxy server
        1.  
          Disabling unsafe cryptographic protocols and cipher suites
    13. Additional requirements for a standalone Enterprise Vault Administration Console
      1.  
        About the requirements for a standalone Enterprise Vault Administration Console
    14. Additional requirements for the Archive Discovery Search Service
      1.  
        About additional requirements for the Archive Discovery Search Service
      2.  
        Additional required software for the Archive Discovery Search Service
      3.  
        Configuring SSL for the Archive Discovery Search Service
      4.  
        Using Operations Manager to monitor the Archive Discovery Search Service
    15. Additional requirements for Single Sign-On
      1.  
        Configuring Single Sign-On
  3. Section II. Installing Enterprise Vault
    1. Licenses and license keys
      1.  
        Overview of Enterprise Vault licensing
      2.  
        Obtaining license keys for Enterprise Vault
      3.  
        Installing Enterprise Vault license key files
      4.  
        Replacing Enterprise Vault licenses and installing additional licenses
    2. Installing Enterprise Vault
      1.  
        About installing Enterprise Vault
      2.  
        Installing Enterprise Vault (wizard)
      3.  
        Installing Enterprise Vault (command line)
    3. Repairing, modifying, or uninstalling Enterprise Vault
      1.  
        About repairing, modifying, or uninstalling Enterprise Vault
      2.  
        Modifying Enterprise Vault
      3.  
        Repairing Enterprise Vault
      4.  
        Uninstalling Enterprise Vault
  4. Section III. Configuring Enterprise Vault
    1. About configuring Enterprise Vault
      1.  
        About configuring Enterprise Vault
    2. Running the Enterprise Vault configuration wizard
      1.  
        When to run the Enterprise Vault configuration wizard
      2.  
        What the Enterprise Vault configuration wizard does
      3.  
        Running the Enterprise Vault configuration wizard
      4.  
        Troubleshooting configuration of the Enterprise Vault Monitoring database
      5.  
        Troubleshooting default SSL configuration issues
    3. Securing Enterprise Vault Web Access components
      1.  
        Default security for the Enterprise Vault Web Access components
      2.  
        Customizing the port or protocol for the Enterprise Vault Web Access components
      3.  
        Customizing authentication for the Enterprise Vault Web Access components
      4. Customizing security for the Web Access components on client computers
        1.  
          Configuring Internet Explorer to use the proxy bypass list
        2.  
          Configuring a web browser to trust the Enterprise Vault Web Access components
        3.  
          Publishing Enterprise Vault server details to USGCB-compliant computers
        4.  
          Enabling remote access to the Enterprise Vault Web Access computer
      5.  
        Encrypting session cookies
    4. Running the Enterprise Vault Getting Started wizard
      1.  
        What the Enterprise Vault Getting Started wizard does
      2.  
        Preparing to run the Enterprise Vault Getting Started wizard
      3.  
        Running the Enterprise Vault Getting Started wizard
      4. About the express and custom modes of the Enterprise Vault Getting Started wizard
        1. About indexing configuration with the Enterprise Vault Getting Started wizard
          1.  
            Automatic indexing configuration in express mode
        2. About storage configuration with the Enterprise Vault Getting Started wizard
          1.  
            Storage configuration information you must supply in express mode
          2.  
            Automatic storage configuration in express mode
        3.  
          About policy definition with the Enterprise Vault Getting Started wizard
        4.  
          About Exchange target configuration with the Enterprise Vault Getting Started wizard
        5.  
          About Domino target configuration with the Enterprise Vault Getting Started wizard
        6.  
          About file target configuration with the Enterprise Vault Getting Started wizard
      5.  
        Planning for the Enterprise Vault Getting Started wizard
    5. Configuring Enterprise Vault Operations Manager
      1.  
        When to run the Enterprise Vault Operations Manager Configuration utility
      2.  
        Running the Enterprise Vault Operations Manager Configuration utility
      3.  
        Accessing Enterprise Vault Operations Manager
      4.  
        Troubleshooting Enterprise Vault Operations Manager
    6. Configuring the Archive Discovery Search Service
      1.  
        Before you begin
      2.  
        Running the Archive Discovery Search Service configuration wizard
      3.  
        Manually configuring the request endpoint for the Archive Discovery Search Service
      4.  
        Manually configuring a result endpoint for the Archive Discovery Search Service
  5. Section IV. Initial Enterprise Vault setup
    1. Initial Enterprise Vault setup
      1.  
        License keys
      2. Using the Enterprise Vault Administration Console
        1.  
          Starting the Enterprise Vault Administration Console
        2.  
          About administration roles in the Enterprise Vault Administration Console
      3.  
        Adding core Enterprise Vault services with the Administration Console
      4. Creating Enterprise Vault retention categories
        1.  
          About the properties of Enterprise Vault retention categories
        2.  
          About retention plans
        3.  
          Creating retention plans
      5.  
        Performance issues when Enterprise Vault has limited or no access to the Internet
    2. Setting up storage
      1.  
        About setting up storage for Enterprise Vault archives
      2. About Enterprise Vault single instance storage
        1.  
          About sharing levels and sharing boundaries
        2.  
          How Enterprise Vault single instance storage works
        3.  
          About the fingerprint database
        4.  
          Deletion of SIS parts
        5.  
          Requirements for Enterprise Vault single instance storage
        6.  
          About Centera device-level sharing
        7.  
          About sharing partitions on storage devices that support the Enterprise Vault storage streamer API
      3.  
        Developing a suitable sharing regime for Enterprise Vault single instance storage
      4.  
        Creating vault store groups
      5. About creating vault stores
        1. About Enterprise Vault safety copies
          1.  
            Choosing when to remove Enterprise Vault safety copies
          2.  
            Checking that the partition has been backed up before Enterprise Vault removes safety copies
          3.  
            Using the archive attribute to determine whether a partition has been backed up
          4.  
            Using the trigger file mechanism to determine whether a partition has been backed up
        2.  
          Creating a vault store
      6. Creating vault store partitions
        1. Initial states of vault store partitions
          1.  
            About closed Enterprise Vault partitions
        2. About collections and migration
          1.  
            Collections on Dell EMC Centera devices
        3.  
          Creating a standard vault store partition
        4.  
          Setting up smart partitions
        5.  
          Partition network shares for NTFS partitions with local paths
      7.  
        Configuring sharing for a vault store group
    3. Configuring index locations
      1.  
        About Enterprise Vault index location
      2.  
        Creating an Enterprise Vault index location
    4. Setting up Index Server groups
      1.  
        About Index Server groups
      2. Do I need to create Index Server groups?
        1.  
          Do you have more than one Enterprise Vault server?
        2.  
          Do you use or plan to use journal archiving or File System Archiving?
        3.  
          Do you use or plan to use Compliance Accelerator or Discovery Accelerator?
        4.  
          Is the server loading evenly distributed across existing Enterprise Vault servers?
        5.  
          Are there more than approximately 5,000 mailbox archives per Enterprise Vault server?
      3.  
        Creating an Index Server group
      4.  
        Adding an Index Server to an Index Server group
      5.  
        Removing an Index Server from an Index Server group
      6.  
        Assigning a vault store to an Index Server group
      7.  
        Unassigning a vault store from an Index Server group
      8.  
        Assigning a vault store to a different indexer
    5. Reviewing the default settings for the site
      1. Reviewing the default settings for the Enterprise Vault site
        1.  
          Setting the archiving schedule for the Enterprise Vault site
        2.  
          About the Web Access application settings
    6. Setting up Enterprise Vault Search
      1.  
        About Enterprise Vault Search
      2.  
        Defining search policies for Enterprise Vault Search
      3.  
        Allowing privileged Enterprise Vault Search users to restore items to other users' mailboxes
      4. Setting up provisioning groups for Enterprise Vault Search
        1.  
          Changing the order in which Enterprise Vault processes the search provisioning groups
      5.  
        Creating and configuring Client Access Provisioning tasks for Enterprise Vault Search
      6. Configuring user browsers for Enterprise Vault Search
        1.  
          Configuring the Block Untrusted Fonts feature in Windows 10
      7.  
        Configuring Enterprise Vault Search for use in Forefront TMG and similar environments
      8. Setting up Enterprise Vault Search Mobile edition
        1.  
          Carrying out preinstallation tasks for Enterprise Vault Search Mobile edition
        2.  
          Installing Enterprise Vault Search Mobile edition
        3.  
          Configuring the maximum number of permitted login attempts to Enterprise Vault Search Mobile edition
        4.  
          Verifying the installation of Enterprise Vault Search Mobile edition
    7. Managing metadata stores
      1.  
        About metadata stores
      2.  
        About metadata store PowerShell cmdlets
      3.  
        About fast browsing and metadata store indexes
  6. Section V. Clustering Enterprise Vault with VCS
    1. Introducing clustering with VCS
      1.  
        Supported VCS configurations and software
      2.  
        About Enterprise Vault and the VCS GenericService agent
      3.  
        Typical Enterprise Vault configuration in a VCS cluster
      4.  
        Order in which to install and configure the components in a VCS environment
    2. Installing and configuring Storage Foundation HA for Windows
      1.  
        Installing and configuring Storage Foundation HA for Windows with Enterprise Vault
      2.  
        Managing disk groups and volumes in a Storage Foundation HA environment
    3. Configuring the VCS service group for Enterprise Vault
      1.  
        About configuring the VCS service group for Enterprise Vault
      2.  
        Before you configure the VCS service group for Enterprise Vault
      3.  
        Creating a VCS service group for Enterprise Vault
      4.  
        Modifying an existing VCS service group
      5.  
        Deleting a VCS service group
    4. Running the Enterprise Vault Configuration wizard
      1.  
        Before you run the Enterprise Vault Configuration wizard
      2. Setting up Enterprise Vault in an active/passive VCS configuration
        1. Adding VCS cluster support in a first-time Enterprise Vault installation
          1.  
            Troubleshooting configuration of the Monitoring database
        2. Upgrading an existing Enterprise Vault installation to a VCS cluster
          1.  
            Moving Enterprise Vault data to highly-available locations
        3.  
          Adding SMTP Archiving to an existing clustered Enterprise Vault server
      3. About setting up Enterprise Vault in a VCS N+1 configuration
        1.  
          Configuring two Enterprise Vault server nodes and a spare node in a VCS N+1 cluster
        2.  
          Configuring two Enterprise Vault servers to run on any of the three nodes in a VCS cluster
        3.  
          Disallowing two Enterprise Vault servers on the same node in a VCS cluster
    5. Implementing an SFW HA-VVR disaster recovery solution with Enterprise Vault
      1.  
        About installing and configuring SFW HA-VVR with Enterprise Vault
      2.  
        Overview of the steps for installing and configuring SFW HA-VVR
      3.  
        Setting up the VCS cluster on the primary site
      4.  
        Setting up the VCS cluster on the secondary site
      5.  
        Adding the VVR components for replication
      6.  
        Adding the GCO components for wide-area recovery
    6. Troubleshooting clustering with VCS
      1.  
        VCS logging
      2.  
        Enterprise Vault Cluster Setup wizard error messages
      3.  
        Viewing the clustered message queues for an Enterprise Vault virtual server
  7. Section VI. Clustering Enterprise Vault with Windows Server Failover Clustering
    1. Introducing clustering with Windows Server Failover Clustering
      1.  
        About clustering Enterprise Vault with Windows Server Failover Clustering
      2.  
        Supported Windows Server Failover Clustering configurations
      3.  
        Required software and restrictions on clustering Enterprise Vault with Windows Server Failover Clustering
      4.  
        Typical Enterprise Vault configuration in a Windows Server failover cluster
      5. Control of Enterprise Vault services in a Windows Server failover cluster
        1.  
          About cluster services and Enterprise Vault service resources in a Windows Server failover cluster
        2.  
          What happens at failover in a Windows Server failover cluster
    2. Preparing to cluster with Windows Server Failover Clustering
      1.  
        Preparing to cluster Enterprise Vault with Windows Server Failover Clustering
      2.  
        Setting up the shared disks and volumes for a Windows Server failover cluster
      3.  
        Setting up the Enterprise Vault cluster services for a Windows Server failover cluster
    3. Configuring Enterprise Vault in a Windows Server failover cluster
      1.  
        About configuring Enterprise Vault in a Windows Server failover cluster
      2. Setting up a new Enterprise Vault installation with Windows Server Failover Clustering support
        1.  
          Configuring a new Enterprise Vault server with Windows Server Failover Clustering support
        2.  
          Configuring a failover node in a Windows Server failover cluster
        3.  
          Troubleshooting configuration of the Enterprise Vault Monitoring database
        4. Examples of Enterprise Vault installations in various Windows Server Failover Clustering modes
          1.  
            Clustering Enterprise Vault in an active/passive failover configuration
          2.  
            Clustering Enterprise Vault in a 2+1 configuration without "any-to-any" support
          3.  
            Clustering Enterprise Vault in a 2+1 "any-to-any" configuration
      3. Converting an existing Enterprise Vault installation to a Windows Server failover cluster
        1. Converting an existing Enterprise Vault server to a server with Windows Server Failover Clustering support
          1.  
            Moving Enterprise Vault data to highly available locations
      4. Modifying an existing Enterprise Vault cluster
        1.  
          Adding a node to an existing Windows Server failover cluster
        2.  
          Adding shared storage to an existing Windows Server failover cluster for an Enterprise Vault cluster server
        3.  
          Adding Enterprise Vault SMTP Archiving to an existing clustered Enterprise Vault server
    4. Troubleshooting clustering with Windows Server Failover Clustering
      1.  
        About this chapter
      2.  
        Enterprise Vault event messages and the failover cluster log
      3.  
        Resource ownership and dependencies when configuring Enterprise Vault in a failover clustered environment
      4.  
        Registry replication on failover clustered nodes
      5.  
        Viewing the clustered message queues for an Enterprise Vault cluster server
      6.  
        Starting and stopping Enterprise Vault services in a Windows Server Failover Clustering environment
      7.  
        Potential failover issue in a Windows Server cluster
  8. Appendix A. Automatically preparing an Enterprise Vault server
    1.  
      About automatically preparing an Enterprise Vault server
    2.  
      Windows features enabled by the Prepare My System option
    3.  
      Running the Prepare My System option

Creating the Vault Service account

The Vault Service account is used by Enterprise Vault processes to access the Windows server operating system. The account is shared by all the Enterprise Vault computers in the Enterprise Vault directory. If you are managing multiple Enterprise Vault sites, you can use the same Vault Service account for more than one Enterprise Vault site.

The Vault Service account must be a member of the local Administrators group on each Enterprise Vault computer. The account must be a domain-based Windows security account that belongs to the local Administrators group on all servers in the Enterprise Vault directory. The account password must not be blank. If you create more than one Enterprise Vault site in the same Enterprise Vault directory you must use the same Vault Service account for all sites.

We recommend that you do not make this account a Domain Administrator. It is better to assign required permissions explicitly. This section describes the basic permissions that you need to set for this account. Different types of archiving require additional permissions for the Vault Service account. For details of these, see the section on the type of archiving that you are implementing.

If possible, create the account so that it is in the same domain as the Enterprise Vault computers. If it is necessary for the Vault Service account and the Enterprise Vault computers to be in different domains, create the account so that it is in a domain that is trusted by the Enterprise Vault computers' domain.

Ensure that the Microsoft Message Queue security has been set up to grant the Administrators group access to the Enterprise Vault queues.

You must be logged in to the Vault Service account when you install Enterprise Vault and when you run the Enterprise Vault Configuration wizard.

Some pages of the Configuration wizard require you to specify the locations for SQL Server database files. You can specify the locations explicitly, by entering the path from the perspective of the SQL Server computer. The wizard also provides Browse buttons to let you browse the SQL Server computer to select the locations. However, folder browsing is only available if the Vault Service account has access to the administrative shares on the SQL Server computer. Note that some wizards in the Administration Console provide similar Browse buttons. To use those Browse buttons, the account that you use to run the Administration Console also requires access to the SQL Server's administrative shares.

Unless you assign the SQL system administrator (sysadmin) role to the Vault Service account, you must perform some additional steps before you run the Enterprise Vault Configuration wizard for the first time.

See About assigning permissions and roles in SQL databases.

During configuration, you are asked to provide the name and password of the Vault Service account. Enterprise Vault automatically grants the account the following advanced user rights:

  • Log On As a Service

  • Debug programs

  • Replace a process-level token

Note that you may need to wait for Active Directory replication to complete. The account cannot be used until the replication is complete.

To create the Vault Service account

  1. On the domain controller, start Active Directory Users and Computers.
  2. In the left-hand pane of Active Directory Users and Computers, double-click the Domain container.
  3. Double-click the Users container.
  4. On the Action menu, click New and then User. The New Object - User screen is displayed.
  5. Complete the New Object - User screen and click Next. The next screen asks for password details.
  6. Enter a password and confirm it. You must set a password; the Vault Service account password cannot be blank.

    Note:

    If you ever change the password of the Vault Service account, and you have installed an Enterprise Vault add-on, you may also need to change the user account credentials of the Vault Service account in the add-on. See the documentation that accompanies the add-on for more information.

  7. Select the Password never expires check box.

  8. Leave the remaining check boxes clear:

    • User must change password at logon

    • User cannot change password

    • Account is disabled

  9. Click Next to move to the summary screen.
  10. Click Finish to create the new user.

To add the new Vault Service account to the local Administrators group

  1. Log on to the Enterprise Vault computer as Administrator.
  2. In Control Panel, open Administrative Tools and start the Computer Management console.
  3. Expand System Tools and then Local Users and Groups.
  4. Select Groups, and then double-click the Administrators group in the right-hand pane.
  5. Use Add to add the Vault Service account to this group.
  6. Click OK.
  7. Repeat these steps on each computer which will have Enterprise Vault installed.
To make the Vault Service account non-interactive

For enhanced security, if you wish to make your Vault Service account non-interactive, include the Vault Service account in the Deny log on Locally and Deny log on through Remote Desktop Services lists on the Enterprise Vault servers and standalone Enterprise Vault Administration Console servers using security policies.

Once the Vault Service account has been set to non-interactive, use the existing Enterprise Vault roles-based administration (RBA) roles by assigning users to their relevant roles.

For example, to run Enterprise Vault Policy Manager (EVPM), use the Exchange Administrator role; for the EVSVR utility, use the Storage Administrator role; for VQA, use the Power Administrator role, and so on.

Critical tasks such as upgrading Enterprise Vault, which require Vault Service account credentials, must be carried out by temporarily granting interactive privileges to the Vault Service account.

Note:

If you face issues with temporary folder security checks, see https://www.veritas.com/content/support/en_US/article.100014060.

Before performing EVSVR operations involving users assigned the Storage Administrator RBA role, ensure that Read and Write permissions are re-applied to the existing partitions for those users.