Overview
This article describes the process to view emails of deleted users.
Diagnosis
Deleted users can occur within Archiver for multiple reasons. Most commonly a user has left a company and their Active Directory account was deleted. Alternatively, moving domains would also change the id, and would require restoring access to the now deleted old domain id.
- When GFI Archiver archives emails for a specific user, ownership is assigned in the databases as the user's
objectGUID
in AD, not username or anything else - If an account is deleted and recreated or migrated to another AD, then the
objectGUID
attribute is expected to be different and the old user will be shown by Archiver as deleted
Solution
Below we will discuss the occurrences for deleted users and the solutions depending on the reason for the user having been deleted.
Employee is no longer with the company or User ID has been changed/recreated
When a user is deleted from Microsoft Active Directory, Archiver can be configured so another user can view that archived emails for the deleted user. This can be achieved as follows:
- Open the Archiver User Interface.
- Navigate to: Configuration > Access control
- Click Configure User Access Control:
- In the User field, type the name of the user which should have access to the archived emails of the deleted account.
- In the Has Access to User field, type the login name of the deleted account. The user will be listed in square brackets and will have (Deleted) next to it.
- Click Add.
- Click Save at the bottom of the page.
New Domain but User ID is the same
The above solution can be used again to give access the same way, but if the user ID is the same on a new domain Archiver is capable of combining the accounts.
This tool can only be used if the users' logon name in the new domain is identical to the logon name in the old domain (attribute: sAMAccountName)
- Example of an entry that can be updated by this tool:
- Old username: OLDDOMAIN\JohnDoe
- New username: NEWDOMAIN\JohnDoe
Follow the steps in Using the Archiver Update Users Tool to restore access to the original user in the old domain while accessing the new user content going forward.
Testing
After performing one of the sets of steps above the user should now be able to access the Archiver web console, and see the original user as an additional user to search, or their content should be accessible under the new domain logon.