EV 5.0 cp1a there was a change made.
Permission synchronization
Previously, the default Enterprise Vault behavior was to include the Defaultand Anonymous permissions when synchronizing each mailbox with its default archive. If these user settings had been modified this had the side-effect of allowing users to view other users' archives.
Now, by default, Enterprise Vault does not synchronize the Default and Anonymous permissions.
There are now two registry entries you can use on the Archiving Service computer to control the behavior. After you install 5.0 CP1a, Enterprise Vault will automatically remove existing Default and Anonymous user settings from archives unless you use the registry entries to specify otherwise.
Create the registry entries under the following key:
HKY_LOCAL_MACHINE
\Software
\KVS
\Enterprise Vault
\AgentsThe entries are as follows:
Name Description Possible values
IncludeDefOrAnonPermsFromSynch DWORD.
Controls whether Enterprise Vault synchronizes the Default and Anonymous permissions.
0 (Default) � Do not synchronize Default or Anonymous permissions
1 � Synchronize Default and Anonymous permissions
NoWarnForDefOrAnonPerms DWORD
Controls whether Enterprise Vault creates a warning entry in the Application Event log for each folder it finds that has Default or Anonymous permissions set.
0 (Default) � Warn when a folder has Default or Anonymous permissions set
1 � Do not warn when a folder has Default or Anonymous permissions set
The Application Event log entries look similar to the following:
Date: 29/06/2004 Source: Enterprise Vault
Time: 18:00:42 Category: Archive Service
Type: Warning Event ID: 3284
User: N/A
Computer: DEMODescription:
The folder has Anonymous permissions set that grant all users access to
this folder. By default, this has not been synchronized to the users archive.MailboxDn: /o=Admin/ou=First Administrative
Group/cn=Recipients/cn=HardyO
FolderPath: Inbox