I am not sure if this is possible or not (thought we had it working before we reveiwed some policy settings and attempted a export), but we want to set our EV environment so that users cannot delete messages from the Vault but an "Export to PST" or "Export to original mailbox" will remove them from the Vault.
We are using EV 11.0
With the configuration as follows, we logged into the VAC and attempted to "export to PST" or "export to original mailbox" with the "Remove exported items from archive" enabled. When doing this, a copy of the items shows up in the mailbox or the PST, but a copy of the messages also stays in the Vault.
Configuration during attempted export:
Site Settings/Archive Settings = "Users can delete from their archives" is not checked.
Desktop Policy = "Delete from Vault" is not enabled.
Retention Categories = "Prevent automatic deletion of expired items with this category" and "Prevent user deletion of items with this category" are checked.
The only way we were able to get it to work was to uncheck the two "Prevent..." options in the Retention Category and then the messages would export to PST or the mailbox and also be removed from the Vault. I thought that the vault service account would be exempt from any of these settings, but I guess it is still treated as a normal user?
By changing the settings of a specific retention category, did we end up giving users the ability to delete from the Vault while we were doing the export? Or were they not able to since the desktop policy has "Delete from Vault" disabled so the users wouldn't see a button to delete?
