Please note that this Archive Admin role will give a user full access to any and all files and emails archived to storage, with the ability to restore the data to their account (or another user).
If you want to only allow an admin the ability to only restore data from users that belonged to a specific OU (or a child OU under it) when they were archived, please refer to the Create and assign an Archive Restore role for a specific OU article.
Create an Archive Admin Role
You can add the required permissions to any existing role. However, we recommend creating a new role so that you have more control over which users can view archived data and restore, if required.
To create an Archive Admin role:
- Sign in to CloudM Manage, using an account with permission to manage other users.
- Select Settings > Roles.
- Click on Create new Role.
- If you cannot see the Create new Role option, select the x button at the top of the screen.
Set the Name of the new role to Archive Admin.
Leave the Create from template checkbox unticked.
Add a Description of the Archive Admin role, if required.
Assign the Scope of the new role to Global to apply to the whole organization.
Select Create New Role.
- The Archive Admin role will now appear in the list of roles.
- Select the role from the list.
- On the Permissions tab, scroll down to each of the required permissions (Edit Archive Config and Manage Archive Restoration) in the Unused Permissions column (on the left) and use the right arrow to move it into the Assigned Permissions column (on the right).
- The Edit Archive Retention permission allows assigned users to change the data retention policy for the domain. This means that they can specify the amount of time that data (Mail or Drive) will be stored before it is automatically purged (permanently deleted) from Archive.
- You can add the permission to the Archive Admin role if you want to allow all assigned users to carry out this task, or you may want to apply this permission to a Domain / Root Administrator role to limit its usage.
- The Manage Archive Restoration permission is a global permission. If you only want the admin to have the ability to restore data for users archived from a specific OU, use the Manage Archive Restoration for OU permission instead.
- Permissions can be applied to any other role or role template, if required, and will only be visible after the Archive option has been enabled for your domain by CloudM.
- Select Save to confirm the changes.
Assign the Archive Admin Role to a user
To assign the Archive Admin role to a user or users:
- Select the role from the list,
- On the Assigned Users tab, click on the downwards facing arrow next to Assignment. This will prompt the Assignment section to be displayed.
- Click on the Assign To field and choose whether you are assigning the role to an Org Unit, User Profile, Group, Service Account, External Profile or External Group.
- Click on the Name field to choose the name of the Holder that you want to apply the role to.
- Set Org Unit to the top level Organizational Unit / domain.
- Click on Add.
The Holder will appear in the Role Assignments list. This list shows all the holders that are assigned to the selected role.
- Once the role is assigned to a user, they will see the Archive option displayed in the Functions bar (which is persistently displayed on the left side of the screen).
Please sign in to leave a comment.