Microsoft KB Archive/915673

= How to recover an absent employee's data and reset an employee's passphrase on a Groove Workspace 2.0 client in a managed Groove domain =

Article ID: 915673

Article Last Modified on 6/21/2006

-

APPLIES TO


 * Groove Enterprise Management Server 2.0
 * Groove Enterprise Management Server 2.1
 * Groove Enterprise Management Server 2.5
 * Groove Enterprise Management Server 3.0
 * Groove Enterprise Management Server 3.1
 * Groove Hosted Management Services 3.1
 * Groove Virtual Office 3.0 File Sharing Edition
 * Groove Virtual Office 3.0 Professional Edition
 * Groove Virtual Office 3.0 Project Edition
 * Groove Workspace 2.5 Preview Edition
 * Groove Workspace 2.5 Professional Edition
 * Groove Workspace 2.5 Project Edition
 * Groove Workspace 2.5 Standard Edition
 * Groove Virtual Office 3.0 Trial Edition

-



INTRODUCTION
This article describes how to perform the following tasks on a Groove Workspace 2.0 client in a managed Groove domain:
 * Recover an absent employee's data.
 * Reset an employee's passphrase.



MORE INFORMATION
If an employee forgets their passphrase or leaves the company, you can access the employee's Groove data if you are a Groove administrator of a Groove domain. You can use either of the following options to access this data without knowing the employee's passphrase:
 * The Data Recovery option and the Passphrase Reset option in Groove Enterprise Management Server 2.0.
 * The Manual Password Reset (and data recovery) option in Enterprise Management Server 3.0.

You can use these options if the employee is on a managed device on the domain. Make sure that the managed device on the domain is enabled and that the Manual Password Reset policy is set.

You can use either of the following options in the Manual Password Reset policy for data recovery:
 * Data Recovery (without Passphrase Reset): If you are an administrator, you can use this option to access a user's shared workspace data only. You will not have complete access to the user's account. You cannot use this option to access an employee's private cryptographic information, such as private and secret keys. Therefore, you cannot impersonate the user. For example, you cannot send Groove instant messages and shared workspace updates on behalf of the user. Administrators cannot gain full entry to the user's account after this kind of data recovery. Therefore, if you want to use the user's shared workspaces in the future, you must copy the shared workspaces from the user's account into another location, such as another account or another folder on disk. Even though an administrator can use this option to access the user's account, you can only perform a limited recovery of the user's data.
 * Passphrase Reset: If you are an administrator, you can use this option to reset a user's passphrase so that you can log on to the user's account to gain complete access to the user's account and shared workspaces. This includes the use of the user's private cryptographic information. However, you cannot use the new passphrase to perform any action that requires that you reenter the user's passphrase. When you reset the user's passphrase, you can only use the changed passphrase to log on. If you use this option, you can impersonate the user. Because of this ability, make sure that administrators in your domain can be trusted not to impersonate a user. You can use this option to perform a full recovery of a user's account so that the account can be reactivated.

Additional query words: TCN-01971

Keywords: kbinfo kbexpertiseinter kbtshoot KB915673

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.