Enterprise Vault™ Upgrade Instructions

Last Published:
Product(s): Enterprise Vault (12.3)
  1. About this guide
    1.  
      Introducing this guide
    2. Where to get more information about Enterprise Vault
      1.  
        Enterprise Vault training modules
  2. Before you begin
    1.  
      Server upgrade paths
    2.  
      Documentation
  3. Points to note when upgrading
    1.  
      Order of upgrade in an environment with Compliance Accelerator or Discovery Accelerator
    2.  
      Silently installing Enterprise Vault from the command line
    3. Installing Outlook on the Enterprise Vault server
      1.  
        Upgrading to Outlook 2013 SP1 or 2016
    4.  
      Securing Enterprise Vault web applications
    5.  
      Weak protocols and ciphers are blocked
    6. Improved consistency when applying a retention period to items
      1.  
        Limiting the impact when updating moved item locations
    7.  
      Classification using Microsoft File Classification Infrastructure on Windows Server 2016
    8.  
      Data Classification Services does not support all the types of retention categories available in Enterprise Vault 12.3
    9.  
      eDiscovery Platform compatibility with Enterprise Vault
    10. Additional points to note when upgrading from Enterprise Vault 11.0 or 11.0.1
      1.  
        Vault Service account requires a new SQL permission
      2.  
        Enterprise Vault 12.3 requires uniform SQL collation
      3.  
        Enabling fast browsing for Enterprise Vault Search
      4.  
        Automatic migration of content conversion settings
  4. Steps to upgrade your system
    1.  
      Overview of the upgrade process
  5. Enterprise Vault server preparation
    1.  
      About Enterprise Vault server preparation
    2. Backing up the system
      1.  
        Backing up Enterprise Vault data
      2.  
        Backing up changed language files
    3.  
      Updating required Windows features
    4.  
      Running Enterprise Vault Deployment Scanner
    5.  
      Setting database permissions
    6.  
      Allowing the MSMQ queues to empty
    7.  
      Checking the archiving and expiry schedules
  6. Single server: upgrading the Enterprise Vault server software
    1.  
      About upgrading a single Enterprise Vault server
    2.  
      Installing on a single server
    3.  
      Upgrading the Enterprise Vault databases
    4.  
      Backing up the upgraded Enterprise Vault databases
    5.  
      Starting all the Enterprise Vault services
  7. Multiple servers: upgrading the Enterprise Vault server software
    1.  
      About upgrading multiple Enterprise Vault servers
    2.  
      Installing on multiple servers
    3.  
      Upgrading the Enterprise Vault databases
    4.  
      Backing up the upgraded Enterprise Vault databases
    5.  
      Starting all the Enterprise Vault services
  8. Veritas Cluster Server: upgrading the Enterprise Vault server software
    1.  
      About upgrading a Veritas cluster
    2.  
      Installing the Enterprise Vault server software
    3.  
      Upgrading the Enterprise Vault databases
    4.  
      Backing up the upgraded Enterprise Vault databases
    5.  
      Starting all the Enterprise Vault services
  9. Windows Server Failover Clustering: upgrading the Enterprise Vault server software
    1.  
      About upgrading a Windows Server Failover Cluster
    2.  
      Installing the Enterprise Vault server software
    3.  
      Upgrading the Enterprise Vault databases
    4.  
      Backing up the upgraded Enterprise Vault databases
    5.  
      Starting all the Enterprise Vault services
  10. Upgrading standalone Administration Consoles
    1.  
      About upgrading standalone Administration Consoles
    2.  
      Upgrading a standalone Administration Console (wizard)
    3.  
      Installing Enterprise Vault (command line)
    4.  
      Creating an activation configuration file (Windows 7 only)
  11. Upgrading Enterprise Vault Reporting
    1.  
      Upgrading Enterprise Vault Reporting
    2.  
      Installing the Enterprise Vault Reporting component
    3.  
      Running the Enterprise Vault Reporting Configuration utility
  12. Upgrading MOM and SCOM
    1.  
      Upgrading MOM
    2. Upgrading the Enterprise Vault SCOM management pack
      1.  
        About the supplied management packs
      2.  
        About the upgrade procedure
  13. Upgrading Exchange Server forms
    1.  
      About upgrading Exchange Server forms
  14. Upgrading Domino mailbox archiving
    1.  
      About upgrading Domino mailbox archiving
    2.  
      Domino client version required to run EVInstall.nsf
    3.  
      Preparing for the upgrade of Domino mailbox archiving
    4.  
      Upgrading Domino mailbox archiving
    5.  
      Granting the Domino archiving user access to mail files
    6.  
      Identifying internal mail recipients
    7.  
      Run the Domino provisioning task
  15. Upgrading the FSA Agent
    1.  
      Compatible versions of the FSA Agent and Enterprise Vault server
    2.  
      About upgrading the FSA Agent
    3.  
      Upgrading FSA Agent services that are clustered for high availability
    4.  
      Upgrading the FSA Agent on a target Windows file server from the Administration Console
    5.  
      Upgrading the FSA Agent on an FSA Reporting proxy server from the Administration Console
    6.  
      Upgrading the FSA Agent manually
  16. Upgrading Enterprise Vault Office Mail App
    1.  
      About upgrading Enterprise Vault Office Mail App
  17. Upgrading OWA Extensions
    1.  
      About upgrading OWA Extensions
    2.  
      Upgrading Enterprise Vault OWA 2010 Extensions
  18. Upgrading SharePoint Server components
    1.  
      About upgrading the SharePoint components
    2.  
      Upgrading the Enterprise Vault SharePoint components
  19. Upgrading SMTP archiving
    1.  
      Required and optional tasks when upgrading SMTP Archiving
    2. Checking the SMTP journaling type configuration
      1.  
        Finding SMTP targets that are assigned to unsupported archive types
    3.  
      Checking the permissions of the SMTP Archiving task account
    4.  
      Checking the 'Journal report processing' advanced SMTP policy setting
    5.  
      Checking the 'Selective Journal Archiving' site setting
    6.  
      About upgrading legacy SMTP archiving components
    7.  
      Migrating existing targets to provisioning groups
    8.  
      Reconfiguring targets that are configured for target address rewriting to use multiple archives
  20. Upgrading your Enterprise Vault sites to use Enterprise Vault Search
    1.  
      About Enterprise Vault Search
    2.  
      Server requirements for Enterprise Vault Search
    3.  
      Defining search policies for Enterprise Vault Search
    4.  
      Allowing privileged Enterprise Vault Search users to restore items to other users' mailboxes
    5. Setting up provisioning groups for Enterprise Vault Search
      1.  
        Changing the order in which Enterprise Vault processes the search provisioning groups
    6.  
      Creating and configuring Client Access Provisioning tasks for Enterprise Vault Search
    7. Configuring user browsers for Enterprise Vault Search
      1.  
        Configuring the Block Untrusted Fonts feature in Windows 10
    8.  
      Configuring Enterprise Vault Search for use in Forefront TMG and similar environments
    9. Setting up Enterprise Vault Search Mobile edition
      1. Carrying out preinstallation tasks for Enterprise Vault Search Mobile edition
        1. Requirements for installing Enterprise Vault Search Mobile edition on a proxy server
          1.  
            Disabling unsafe cryptographic protocols and cipher suites
      2.  
        Installing Enterprise Vault Search Mobile edition
      3.  
        Configuring the maximum number of permitted login attempts to Enterprise Vault Search Mobile edition
      4.  
        Verifying the installation of Enterprise Vault Search Mobile edition
  21. Upgrading Enterprise Vault API applications
    1.  
      Upgrading any applications that use the Enterprise Vault API Runtime

Weak protocols and ciphers are blocked

In a new installation of Enterprise Vault 12.3, or an upgrade to Enterprise Vault 12.3, the Enterprise Vault installer now disables weak protocols and ciphers. Enterprise Vault disables the following protocols, if you have not enabled them manually:

  • SSL 2.0

  • SSL 3.0

Weak protocols are managed using registry settings under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols. If you have manually enabled the weak protocols listed above, a registry setting will exist under the Protocols subkey. Enterprise Vault does not disable a protocol that you have enabled in this way.

Note:

You can also manually disable the TLS 1.0 protocol by following the instructions in this article:

https://www.veritas.com/docs/100041638

By disabling TLS 1.0, you may prevent some Enterprise Vault functionality from working properly. The article above describes how to ensure that this functionality continues to work as expected.

Enterprise Vault disables the following ciphers:

  • TLS_RSA_WITH_RC4_128_SHA

  • TLS_RSA_WITH_RC4_128_MD5

  • TLS_RSA_WITH_3DES_EDE_CBC_SHA

Ciphers are managed using registry settings under HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002. Enterprise Vault disables all of the weak ciphers listed above, even if you have enabled any of them using a registry setting under the Ciphers subkey.