cancel
Showing results for 
Search instead for 
Did you mean: 

Enterprise Vault and the AD/Exchange Domain Story

The_Boulon
Level 5
Partner

A few days ago I was installing Enterprise Vault 11 for a customer and got a little suprise when I started the Exchange archive task for the first time.


There were some warnings in the event veiwer telling me that Enterprise Vault couldn't connect to Exchange. 


We checked everything: connection point, certificates, dns,... Just everything. Everything was correctly set up.

Nothing to do, we always got the same warning.

 

Now, take a look a the trace below.

 

934 13:07:02.952 [8680] (EVExchangeWebServicesProxy) <7052> EV-L {EVExchangeWebServicesProxy.UpdateConnectionPointDetails} started updating connection point [9]

936 13:07:02.952 [8680] (EVExchangeWebServicesProxy) <7052> EV:L CBaseDirectoryServiceWrapper::CreateDirectoryService() - Entry [m_nNumTries = 40]

937 13:07:02.952 [8680] (EVExchangeWebServicesProxy) <7052> EV:L CBaseDirectoryServiceWrapper::CreateDirectoryService() - Successfully communicated with an EV Directory Service on the local machine

938 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV-L {ExchangeConnectionPoint.ReadAllowSelfSignedFromConfig} Allow Self-Signed certificates set to default [True]. Not set in the Config File.

939 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV-L {ExchangeConnectionPoint.GetExchangeConnectionPointDetailsRequiredByEV} started to get connection point details from exchange

940 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV-M {ExchangeConnectionPoint.GetExchangeConnectionPointDetailsRequiredByEV} system mailbox [ENTERPRISEVAULTMBX2013@other_internal_domain.LOCAL]

941 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV-L {ExchangeConnectionPoint.ReadOverridesFromConfig} proxy server [] certificate principal [] authentication [0] personalised server []

942 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV-H {EVGCHelper.ExecuteGetGCFromEmailAddressSP} In parameters ( System Mailbox ) is [SMTP:ENTERPRISEVAULTMBX2013@other_internal_domain.LOCAL], Site Id = [1172E1B26F4F2604190FA65F10D6341EF1d10000EVSharepoint]

944 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV:L CBaseDirectoryServiceWrapper::CreateDirectoryService() - Entry [m_nNumTries = 40]

945 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV:L CBaseDirectoryServiceWrapper::CreateDirectoryService() - Successfully communicated with an EV Directory Service on the local machine

946 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV-H {EVGCHelper.GetGCFromEmailAddress} Database lookup results: For SystemMailbox [ENTERPRISEVAULTMBX2013@other_internal_domain.LOCAL], GC is []

947 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV:M DirectoryHelper::GetDcName() - Domain = [other_internal_domain.LOCAL]

948 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV:M DirectoryHelper::GetDcName() - Unable to contact GC; trying nearest DC

949 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV:M DirectoryHelper::GetDcName() - Error: unable to connect to specified domain

950 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV-H {SCPUrlLister.GetSearchStartPoint} An exception occurred looking up the GC [Unable to get DC for domain [other_internal_domain.LOCAL] - GetDcName() returned error code [1355]] but will fall back to base search

951 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV-M {SCPUrlLister.GetSCPUrls} Starting SCP lookup for domain [other_internal_domain.LOCAL] with LDAP query []

952 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV-L {SCPUrlLister.CheckAndDecrementHops} Hops remaining = [9]

953 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV-L {SCPUrlLister.QueryADforSCPUrls} Using [LDAP://RootDSE] to find configuration naming context

954 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV-L {SCPUrlLister.QueryADforSCPUrls} Using [LDAP://CN=Configuration,DC=my_ad_domain,DC=root] to find SCP entries

955 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV-L {SCPUrlLister.QueryADforSCPUrls} LDAP search filter [(&(objectClass=serviceConnectionPoint)(|(keywords=67661d7F-8FC4-4fa7-BFAC-E1D7794C1F68)(keywords=77378F46-2C66-4aa9-A6A6-3E7A48B19596)))]

956 13:07:02.968 [8680] (EVExchangeWebServicesProxy) <7052> EV-L {SCPUrlLister.QueryADforSCPUrls} Searching for SCP entries in [LDAP://CN=Configuration,DC=my_ad_domain,DC=root]

957 13:07:02.984 [8680] (EVExchangeWebServicesProxy) <7052> EV-L {SCPUrlLister.QueryADforSCPUrls} Found [2] SCP entries

958 13:07:02.984 [8680] (EVExchangeWebServicesProxy) <7052> EV-M {SCPUrlLister.GetSCPUrls} Checking all SCP entries for pointers

959 13:07:02.984 [8680] (EVExchangeWebServicesProxy) <7052> EV-M {SCPUrlLister.GetSCPUrls} No SCP pointers found for domain [other_internal_domain.LOCAL] in the config path [CN=Configuration,DC=my_ad_domain,DC=root]

 

So, Enterprise Vault will connect with ENTERPRISEVAULTMBX2013@other_internal_domain.LOCAL. But, @other_internal_domain.local doesn't exist. This is not the original Active Directory domain expected by Enterprise Vault.

It will then return an error/warning.


When asking the customer about the domain I got my answer: we removed the Active Directory email domain (@my_ad_domain.root) as we do not want to use it. We replaced it by @other_internal_domain.local and my_external_domain.com!


That is when everything became clear! 


I asked the customer to add the my_ad_domain.root to the email adress, changed the EV System Mailbox in the VAC, restarted the Exchange archive task and the error was gone.


Again, I did learn something :)