4️⃣Creating User Accounts

Creating our user accounts to access the archive.

Solar Archive has multiple level of user accounts, in this guide we'll setup two different level's of users - Privileged and Data Guardian user types. We'll briefly go into these user types below, if you'd like to dig into more detail please see the Managing Users section.

🕵 What is a Privileged User?

Privileged Users are also called e-Discovery Users, are users who are able to search across the archives and do their e-discovery investigations. This user can search across all emails in that Solar Archive system (or that Solar Archive company, when in multi-tenant mode) unless one or more searchable domains are added. Any searches made by Privileged users will raise an audit transcript that is sent to the Data Guardian(s).

👮 What is a Data Guardian User?

A Data Guardian is, in Solar Archive, an email address to which transcripts of administrator access and privileged user searches will be sent. At least one data guardian must be added, before adding any local user accounts.

Note: For versions 9.0.2 and above, different guardians for each of administrative or privilege usage audit transcripts can be specified.

Setting up a Privileged User

Let's proceed to setup a privileged user for our archive.

Navigate to Basic Configuration > Local User Accounts.
Click the Create New Account button.
Enter / Select the required values in the fields. Refer to the table below for field names and descriptions.
Review all the values that you have entered / selected and click Save Changes.

The user account will be created and the password for the account will be displayed on the screen.

Setting up a Data Guardian User

Now that we've setup a privileged user that can search the entire archive, let's setup a Data Guardian to police those actions.

Navigate to Basic Configuration > Data Guardians.
Look for the Data Guardians Section
Enter / Select the required values in the fields. Refer to the below field descriptions.
Click Add
Review all the values and click Save.

The data guardian will be created and they will now have access to data guardian features.

Field	Description
Username	Refers to the unique username of the account. It is recommended that the name is different to a user’s network login id name and you append _admin / _priv / _basic to the username to ensure that it is different to a user’s standard login name, and it also indicates the type of user.
First Name	Refers to the first name of the user.
Last Name	Refers to the last name of the user.
Admin Level	Refers to the type of user being created.
Account Status	Specifies whether the account is active or not.
Last log-in date	Refers to the date on which the user last logged into the account.
Account creation date	Refers to the date on which the account was created.
Primary Email Address	Refers to the email address to which all emails, to the user, from Solar Archive will be sent. This will include reset Password and Forward-to-inbox emails. Once a new account is saved, a random password is assigned and emailed to the new user’s primary email address. If Solar Archive is unable to send this email, then the password will be displayed on this screen.
Authentication type	Refers to any of the 3 authentication types which the user will be required to fulfill to log into the account
Searchable Domains	Refers to the domains, to send and receive emails, to which you want to restrict the Privileged user(s). Leave this field blank for un-restricted searches.
Exclude Addresses	Refers to the email addresses which you want to prevent from being included in search results. Leave this field blank for un-restricted searches.
Requires another Priv User/Data Guardian to authorise searches	Specifies whether the user account needs authorization for searches, from another privileged user or data guardian
Other Auditors	Refers to the email addresses, in addition to the data guardians, on which you want to receive summary search transcripts.

Field

Description

Username

Refers to the unique username of the account. It is recommended that the name is different to a user’s network login id name and you append _admin / _priv / _basic to the username to ensure that it is different to a user’s standard login name, and it also indicates the type of user.

First Name

Refers to the first name of the user.

Last Name

Refers to the last name of the user.

Admin Level

Refers to the type of user being created.

Account Status

Specifies whether the account is active or not.

Last log-in date

Refers to the date on which the user last logged into the account.

Account creation date

Refers to the date on which the account was created.

Primary Email Address

Refers to the email address to which all emails, to the user, from Solar Archive will be sent. This will include reset Password and Forward-to-inbox emails. Once a new account is saved, a random password is assigned and emailed to the new user’s primary email address. If Solar Archive is unable to send this email, then the password will be displayed on this screen.

Authentication type

Refers to any of the 3 authentication types which the user will be required to fulfill to log into the account

Searchable Domains

Refers to the domains, to send and receive emails, to which you want to restrict the Privileged user(s).

Leave this field blank for un-restricted searches.

Exclude Addresses

Refers to the email addresses which you want to prevent from being included in search results. Leave this field blank for un-restricted searches.

Requires another Priv User/Data Guardian to authorise searches

Specifies whether the user account needs authorization for searches, from another privileged user or data guardian

Other Auditors

Refers to the email addresses, in addition to the data guardians, on which you want to receive summary search transcripts.

Field	Description
Transcript reference retain period	Number of days the details of each email viewed by a Privilege User, and summarised under a transcript reference, will be held in Solar Archive. The default is 0 (the transcript reference details will never be deleted). If a value other than 0 is used, then the Data Guardian will not be able to review a Privilege User search that was performed more than that number of days ago.
Data Guardians	Email address(es) that will be the data guardians. who will oversee the activities of Administrators and Privilege users. Recommended data guardians are: HR Manager Compliance Manager/Officer IT Manager CEO / senior staff Union Leader
Priv Transcripts	Specifies whether or not the data guardian will receive privileged user transcripts.
Admin Transcripts	Specifies whether or not the data guardian will receive administrator transcripts.
Enable user identity switching	Specifies whether or not a data guardian is allowed to switch identity.
Require Password Re-entry	Specifies whether or not re-entering a password is required to switch identity. If a password re-entry is needed, then the password of the original login (usually your LDAP Network password) may be entered OR the password of the account you are switching to.
Auto Logout	Time, in minutes, after which the user ser will be logged out of their session. This can be set individually for each user type.

Field

Description

Transcript reference retain period

Number of days the details of each email viewed by a Privilege User, and summarised under a transcript reference, will be held in Solar Archive. The default is 0 (the transcript reference details will never be deleted). If a value other than 0 is used, then the Data Guardian will not be able to review a Privilege User search that was performed more than that number of days ago.

Data Guardians

Email address(es) that will be the data guardians. who will oversee the activities of Administrators and Privilege users. Recommended data guardians are:

HR Manager
Compliance Manager/Officer
IT Manager
CEO / senior staff
Union Leader

Priv Transcripts

Specifies whether or not the data guardian will receive privileged user transcripts.

Admin Transcripts

Specifies whether or not the data guardian will receive administrator transcripts.

Enable user identity switching

Specifies whether or not a data guardian is allowed to switch identity.

Require Password Re-entry

Specifies whether or not re-entering a password is required to switch identity. If a password re-entry is needed, then the password of the original login (usually your LDAP Network password) may be entered OR the password of the account you are switching to.

Auto Logout

Time, in minutes, after which the user ser will be logged out of their session. This can be set individually for each user type.

PreviousImporting Old Email NextChecking Live Mail Receipts

Last updated 1 year ago