How to configure access restrictions for Microsoft Exchange file level recovery

SUMMARY

This article explains how to configure access restrictions for Microsoft Exchange file level recovery.

ISSUE

Version 10.1 introduces the option to create credentials for Microsoft Exchange file level recovery objects and restrict access to these recovery objects to specific hosts. 

RESOLUTION

To configure access restrictions, log on to the appliance via ssh and follow the instructions below:

TASKS

To configure access restrictions

1. Create a user list:
/usr/bp/bin/exchange_settings.sh user <enter one or more users>
You will be prompted to create a password for each new user.  

2. Create a host list:
/usr/bp/bin/exchange_settings.sh host <enter one or more hosts
A host can be entered as either an IP address or a hostname that is resolvable from the appliance. You will only be able to access the recovery object from the hosts specified in this list.
​ 
Other commands

​To view users:
/usr/bp/bin/exchange_settings.sh user

To view hosts: 
/usr/bp/bin/exchange_settings.sh host

To re-enable guest access for users:
/usr/bp/bin/exchange_settings.sh user guest

To re-enable guest access for hosts:
/usr/bp/bin/exchange_settings.sh host guest

To reset a password:
/usr/bp/bin/exchange_settings.sh pass <enter a user>
You will prompted to create a new password for the user you selected. 

To append a user list:
/usr/bp/bin/exchange_settings.sh user <enter one or more users, including all previously created users>
You will be prompted to create passwords for the new users you have added to the list. 

To append a host list: 
/usr/bp/bin/exchange_settings.sh host <enter one or more hosts, including all previously added hosts
A host can be entered as either an IP address or a hostname that is resolvable from the appliance. 

NOTES

  • If you modify users or passwords in the exchange_settings.sh script while the recovery object is still running, these new credentials will not be recognized until you tear down the recovery object and stand it back up. 
  • Users that are no longer included in the user list may continue to have access until the relevant authentication tokens expire. 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us