Hi all

We are running EV7.5 SP4 and archiving Exchange 2003SP2. We have a large number of public folders with vast amounts of data in them. The public folders are set up to be archived.

We are having major issues with permissions when end-users (without domain admin rights) try to recover items from the archive. Our folders are set up on a project-basis and when a user receives a mail that corresponds to a particular project they drag and drop the mail into the particular folder. We have specifically set up the public folders so that users can only delete their own items as we have had major problems with people accidentally moving emails into the wrong folder or accidentally deleting them and not noticing until months later.

What we are finding is that, when a user tries to open a mail that has been put into a public folder by another user, they are getting permissions errors. I ran a test this morning and this is what I discovered:

If User A drag and drops a mail into a public folder and then a month later (after it has been archived) User B comes along and tries to open the item they will get a permissions error. I tried giving User B "Delete Items" All (rather than "Delete Items" Own) in the public folder permissions and then giving him access rights to User A's mailbox. At this point he was able to recover items from the public folder archive.

If I remove the "Delete Items" All and change back to Own he then gets a permissions error "Failed to process 1 item(s) because you do not have sufficient privileges to perform this operation". If I add the "Delete Items" All back and then remove access to User A's mailbox I don't get an error on the client but nothing happens, the items icon doesn't change and the item isn't restored from the archive. If I then look in the EV server's Enterprise Vault Event Log, I find an event from the Retrieval Task (6941) saying that User B doesn't have access rights to User A's Sent Items.

I have two questions arising from this:

1) Why does the user need delete permissions to other people's items in order to recover from archive items that were put there by somebody else? I have read in one of the numerous knowledge base articles that this might be down to removing the shortcut when the item is recovered and is by design. Is this true, and if so, why is it like this? We really don't want to change the way we use our mail system to support a 3rd-party product.

2) Why is EV using the permission on User A's mailbox to decide whether to retrieve mail that is in a Public Folder? As far as I know, the Public Folder store is a completely separate database from the store containing the user's mailboxes and moving items from one to the other doesn't create pointers, it physically moves the mail.

Does anyone know of any workarounds for these problems or are we going about things in the wrong way?

Many thanks in advance

Oliver Tansley