Forum Discussion

Ozboz's avatar
Ozboz
Level 2
11 years ago

Enterprise Vault - PST Import button prompts for authentication

I am preparing for a company roll out of EV client and will be using the PST imnport feature. During initila deployment to 20 machines - 3 out of 4 users enabled for PST import are prompted for credentials when clicking the PST button in EV toolbar and also at intervals during normal Outlook usage.

The one machine where this is working has allowed me to make a comparision of network streams using wireshark to analyse capture from netMon.

The key seems to be that a session cookie is not being set on the machines that have this issue. The issue is machine based as it stays with the machine independent of the users that logs on.

The below is a comparison of 2 tcp streams - the left one on 484 works and the cookie is being set - the right hand causes the authentication popup to be displayed and no cookie is set.

I have checked all IE settings and permissions for cookies and removed all group policies from test machine & reset IE to Defauts etc.., but still get this issue. I am at a loss to find differences between these 2 test machines as they have the same build.

Outlook 2010, EV 11, IE11 and IE9, Exchange 2013 (In exchange resouirce forest)

Really need some help here!

 

 

  • what about the other aspects of EV functionality? do they prompt for auth too? such as: double clicking on an EV shortcut, accessing the EV search page, accessing Archive Explorer, manually archiving an email, etc.

  • Hi AndrewB, Thanks for the reply - yes all other aspects of EV client function OK without an authentication prompt. Searching the archive, accessing archived emails, manually archiving an email. Connecting directly to the EV URL using IE also doesn't prompt for dcredentials - the URL has been added to Group policy to specify the zone as Local Intranet.

    The same prompting for credentials occurs on machines with IE9 and IE11. The assumption is that the majority of our machines will have this behaviour and the 1 good machine is an exception.

    The EV log (set to maximum logging) shows the same 401 error then:

    11/07/2014 15:13:03.193[4300][L]: CInternetSendDataBase::DisplayLoginDialog

    which I imagine is a failback mechanism when the authentication session cookie is not set.

     

    =============================================

    11/07/2014 15:13:03.114[4300][L]: ~CInternetSendDataBase::AddFieldsAndFiles: 0x0

    11/07/2014 15:13:03.183[4300][L]: CInternetSendDataBase::ReadResponse: 0x0

    11/07/2014 15:13:03.183[4300][L]: CInternetSendDataBase::ReadStatusCode: 0x0

    11/07/2014 15:13:03.183[4300][M]: HttpQueryInfo text is 'Unauthorized' status code is '401'

    11/07/2014 15:13:03.184[4300][L]: ~CInternetSendDataBase::ReadStatusCode: 0x0

    11/07/2014 15:13:03.184[4300][L]: CInternetSendDataBase::ReadResponseHeaders

    11/07/2014 15:13:03.184[4300][L]: Received HTTP/1.1 401 Unauthorized

     

    Cache-Control: private

     

    Content-Type: text/html

     

    Server: Microsoft-IIS/8.0

     

    X-AspNet-Version: 2.0.50727

     

    WWW-Authenticate: Negotiate

     

    WWW-Authenticate: NTLM

     

    WWW-Authenticate: Basic realm="Enterprise Vault"

     

    X-Powered-By: ASP.NET

     

    Date: Fri, 11 Jul 2014 15:13:02 GMT

     

    Content-Length: 1293

     

     

     

     

    11/07/2014 15:13:03.186[4300][L]: ~CInternetSendDataBase::ReadResponseHeaders

    11/07/2014 15:13:03.186[4300][L]: CInternetSendDataBase::ReadResponseBody

    11/07/2014 15:13:03.186[4300][M]: Body is <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

     

    <html xmlns="http://www.w3.org/1999/xhtml">

     

    <head>

     

    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>

     

    <title>401 - Unauthorized: Access is denied due to invalid credentials.</title>

     

    <style type="text/css">

     

    <!--

     

    body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}

     

    fieldset{padding:0 15px 10px 15px;}

     

    h1{font-size:2.4em;margin:0;color:#FFF;}

     

    h2{font-size:1.7em;margin:0;color:#CC0000;}

     

    h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}

     

    #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"treb

    11/07/2014 15:13:03.189[4300][M]: Body is uchet MS", Verdana, sans-serif;color:#FFF;

     

    background-color:#555555;}

     

    #content{margin:0 0 0 2%;position:relative;}

     

    .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}

     

    -->

     

    </style>

     

    </head>

     

    <body>

     

    <div id="header"><h1>Server Error</h1></div>

     

    <div id="content">

     

    <div class="content-container"><fieldset>

     

      <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>

     

      <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>

     

    </fieldset></div>

     

    </div>

     

    </body>

     

    </html>

     

     

    11/07/2014 15:13:03.192[4300][L]: ~CInternetSendDataBase::ReadResponseBody

    11/07/2014 15:13:03.192[4300][L]: StatusCode = 401

    11/07/2014 15:13:03.193[4300][L]: CInternetSendDataBase::DisplayLoginDialog

    11/07/2014 15:13:03.193[4300][L]: DesktopCommonUtil::GetOutlookWindowHandle: 0x0

    11/07/2014 15:13:03.193[4300][L]: CComAutoUnlock<class ATL::CComAutoCriticalSection>::CComAutoUnlock

    11/07/2014 15:13:03.194[4300][L]: ~CComAutoUnlock<class ATL::CComAutoCriticalSection>::CComAutoUnlock

    11/07/2014 15:13:03.194[4300][L]: CComAutoLock<class ATL::CComAutoCriticalSection>::CComAutoLock

    11/07/2014 15:13:03.194[4300][M]: Acquiring lock: 0x6B2F7ADC

    11/07/2014 15:13:03.195[4300][M]: Acquired lock: 0x6B2F7ADC

  • Hi, Yes all other functionality for EV works as expected. I can also use IE to connect direct to the URL and perform archive searches.