Error Message

Type : Warning
Event : 6287
Source : Enterprise Vault 
Category : Web Application (WP)
User : N/A
Computer : EVServer1.TestDomain.local
Description: Unable to fetch item from "evserver1.testdomain.local".
Reason: Access denied      (0xc0041801)
Saveset Id: XXXX-XXXXX-XX-X-XX
Archive Name: User1 Path: ?Inbox
Reference: [GOAFS]
V-437-6287

2 different possible scenarios:

Scenario 1:
EV shortcuts from one mailbox (user 1) have been copied to the mailbox of another user (user 2).  If user 2 has not been granted access to the archive of user 1, Évent 6287 is logged and the archived item will not open successfully

Scenario 2:
The issue is caused by some Public Folder subfolders not inheriting the permissions of their parent folders.

For Scenario 1:

This event can be logged if EV shortcuts from one mailbox have been copied to the mailbox of another user.  If this second user has not been granted access to the first user's archive by an administrator then he or she will be prompted for credentials when trying to retrieve the archived item via this copied shortcut.  Event ID 6287 will be logged in the EV event log when this happens, and this is indicative of EV correctly respecting the permissions that have been set on the archive and preventing unauthorised users from accessing this archived content.  If it is desirable to allow the second user access to the first user's archive then these permissions can be assigned, either via the first user's mailbox permissions that are then synced with Enterprise Vault, or manually via the Permissions tab within the properties of the first user's archive.

For Scenario 2:

1. Log on to EV Sever using Enterprise Vault Service Account
2. Open Vault Admin Console.
3. Select Exchange Public Folder Policy > Advanced Tab > List settings from: Archiving General
4. Click Inherited Permissions: On.
5. Restart the Public Folder Archiving Task.
6. Then Run the Public Folder Archiving Task.