Description

In the Enterprise Vault (EV) Compliance Accelerator / Veritas Advanced Surveillance (CA/VAS) or Discovery Accelerator (DA) products, users can be added to the Role Assignment tab at the Application and / or CA/VAS Department / DA  Case levels to grant them access to the CA/VAS or DA Customer and perform required functions per the permissions granted to any Role(s) to which they have been assigned. There may be instances where a request has been submitted to remove a user from the Role Assignment tab.

Actual user removal from the Role Assignment tab is not permitted. Users can only be removed from any assigned Roles, as this will prevent their access to the CA/VAS or DA Customer.

This article provides guidance on how to remove a user's assigned Roles from the Role Assignments tab.

To remove a user from the Role Assignments tab in a CA/VAS or DA Customer, follow these steps:

1. Open the CA or DA client application or the VAS website.
2. Navigate to the Role Assignment tab.
   1. For Application level Roles, navigate to the Application tab | Role Assignment sub-tab in the Client or the Application widget | Role Assignment tab on the VAS website.
   2. For CA/VAS Department or DA Case level roles, navigate to the Departments (for CA) or Cases (for DA) tab or the Departments widget (for VAS).
3. Locate the user to be removed from any or all Roles in the Users and Groups panel.
4. Click on the user's name to select them.
5. In the Assigned Roles panel, click the Role to be removed. If all Roles are to be removed from the user and there are multiple Roles assigned to them:
   1. Click the top Role to select it.
   2. Press the Ctrl key, then press the A key to select all Roles.
6. Click the Remove button in the lower left of the Assigned Roles panel.
7. Click the Save button, also in the lower left of the Assigned Roles panel, to save the change(s).

If the user is a member of an Active Directory (AD) Security Group (SG) or Distribution List (DL that has been assigned a role within the Role Assignments tab, removing the user from that SG or DL will revoke their access to CA/VAS / DA, but the security group will still be listed under the Role Assignments tab.

If the requirement exists to actually remove the user from the list, this is not possible, as stated above. If it is absolutely essential the user not be listed, the only way to do this is to create and use a new CA/VAS / DA Customer. The new Customer will then only list users who have been granted Role assignments from that point in time forward.

Please note that removing users from the Role Assignments tab is not allowed as it could be seen as an attempt to hide information. The design of CA/VAS / DA ensures that any user who attempts to access the Customer is added to the Role Assignments tab for easier Role assignments by administrators. Once listed, the user will always be listed, even if they have no Role assignments. If the user's account has no Role assignment, no further action is needed.

It is important to follow the recommended procedures and not to attempt to remove users from the Role Assignments tab through manual SQL database manipulation or any other means, as this can lead to unintended consequences, potential data integrity issues, potential Review chain-of-custody issues, and potential legal ramifications if audited.