VOX

Yes user has received encrypted mail before, he was able to open message prior to it being archived. Where can I check to see if RMS template was disabled?

User had to install Rights Management Add-on for Internet Explorer in order to view the "message.rpmsg" attachment.

I got clarification from user. The sender had used Outlook's "Do not Forward" permission prior to sending the protected email. The message class is ipm.note, so it got archived. Is there a way to bypass these types of messages from being archived?

I'm confused.  Why do you want them to not get archived?

I want users to be able to view original content within Outlook, not install additional software on their internet explorer in order to view it. Its going to cause some confusion and it wont be as seemeless as other emails that are archived...know what I mean?

This something I've not got setup.. but let me try to see what it is you're seeing.

On regular non-archived items, everything is good?  Double clicking one of those in Outlook shows the item properly?

On archived items, everything is good, unless the underlying was an RMS protected item?  What happens when you double click one of those?

Double-clicking on an archived message, works fine. To reproduce, create a new email in Outlook, use the "Do not forward" permission and send it to yourself, eventually that message will get archived by enterprise vault. Our current configuration is set to delete the original item and replaced with a shortcut after backup. If you double click the shortcut to open original email, you only get body content that says "You have received a message with restricted permission. Open this item to read its content. If you are not running an e-mail application that supports messages with restricted permission, such as Microsoft Office 2003 or 2007, you can view..." and has an attachment link to a "message.rpmsg" attachment. You are not able to open original email content. This is not using RMS, but rather Outlook's out of the box configurations to restrict permissions on viewing email.

Having battled for a while to get my (virtual) machines to correctly talk to the internet, I've reproduced the following :

Here is a regular message, with Outlook's Windows Rights Management (via my Windows Live ID) :

Obviously double clicking on that non-archived item, Outlook needs to go and do it's "thing" to validate the Rights..  but the item opens up nicely :

All good to there, right?

You can also see in the first screenshot, a second message which I've archived manually.  When I look at that item we see :

When you double click on that item, it should be correctly retrieved from the vault... just like before :

So.. that's what you should see.

Of course there might be an intermediate stage, when the item is "pending archive" :

When you open that item, you get what's there in that right hand pane.  That is unavoidable. As soon as your item turns fully archived (eg after a vault store backup, or if you vault store safety copy is set to "immediately after archive" - recommend the former, not the latter for obvious reasons) then it will be as before.

So what of this is it that you are seeing?

Thanks for testing Rob. Issue seems to be when Evault archives items after backup (safe copy enabled). Evault does the archiving, deletes original item and replaces with the stub (view contents is enabled), user can't open and view messge when double-clicking it. The last image in post is exact message in stub, if your user double-clicks, then they see error attached.

So when the item is fully archived, like in your screenshot, double clicking on it, should retrieve the archived item, and it should open properly.

Next steps would be :-

a/ A client trace showing what happens when you double click on a fully archived item.

File

hmm I can't work it out from that trace.

Can you set OVEnabled to 0 in the registry, which will disable Vault Cache.  And then do a client trace of :-

a/  Open Outlook, wait 2-3 minutes, double click on a NORMAL archived item, not one protected by RMS.

b/  Wait 2-3 more minutes, and double click on an archived item that is protected by RMS.

In your client trace I do not see ANY :-

We opened about 3 good ones - normal emails, one bad rms email (archived by server), one good rms email(manually archived)

I see 6 references to CStore::OpenShortcut in that trace... which is good.  What I can't tell is which is the bad one.  Can you do seperate traces of :-

a/  A fully archived RMS message

b/  A full archived normal (non-RMS) message

Also it wasn't clear before..  you're saying *some* of these messages do open and others don't?

By fully archived what I mean is ones which have changed to a shortcut - not a pending shortcut.  The pending ones we can't do anything about ..  they need to go through the full process to turn to a full shortcut, and then they should be retrievable.

In addition, since you're saying you see a difference in behaviour manually archived RMS messages, and server archived RMS message.. I'll give that a quick test on Monday.

If you can summarise which ones work, and which don't that might help.

Bad one, double-clicking doesn't open original item.

Good one, opens just fine. Store vault was used to archive this email.

Normal email, no special permissions.