cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

EV 11.0.1 Search - Session Expired Problem

Go to solution
O_Schmidt
Level 5

‎03-06-2015 05:53 AM

Hi @all,

we´ve updated our test environment to 11.0.1. 

Now we have a big problem.

When you open the search page in outlook or browser we´ve got the message: "Session Expired"

Symantec has published a techarticle http://www.symantec.com/business/support/index?page=content&id=TECH227564, but the article no longer exists.

There is a workaround described on this article, but we cannot use this workaround because of our security configuration for IE Cookies.

Is there a fix planned for the future?

Where is the techarticle TECH227564?

 

24 REPLIES 24

Go to solution
GertjanA
Moderator
Moderator
Partner    VIP    Accredited Certified

‎04-08-2015 04:08 AM

Technote: http://www.symantec.com/docs/TECH227564

 

Regards. Gertjan
0 Kudos

Go to solution
it-info1220
Level 2

‎04-08-2015 08:12 AM

I did log a case with the result that the issue was unknown and "the IIS guy is out of office until next week".

The hint with the Internet Explorer 1A10 registry for restricted sites was the solution. We had an old user group policy which was created with IE9 and now those settings are invisible if you have IE10 or greater. Manually editing the corresponding GPO-file (InternetSettings.xml) did the trick.

Anyway, thanks for the help...!

0 Kudos

Go to solution
eggbert
Level 2
Partner

‎04-10-2015 01:51 AM

I have had a call open with Symantec since beginning of March regarding this issue. 

The orginal article was pulled, as I pointed out that it was incorrect technically, and insecure.

Setting the relevant zone 1A10 to a value of 3 actually sets it to block cookies, and not allow them.  Without cookies you get the error experienced.

The value of 1A10 actually needs to be '0' to allow ALL cookies.

From Microsofts site:-

Privacy Settings (1A10) is used by the Privacy tab slider. The DWORD values are as follows:

Block All Cookies: 00000003
High: 00000001
Medium High: 00000001
Medium: 00000001
Low: 00000001
Accept all Cookies: 00000000
 
The issue I had was that it would only work if Zone 4 1A10 was set to 0. This means allowing all cookies from the restricted zone, which is insecure if you have other sites which are meant to be restricted....
 
Unfortunately for us, when setting zone 4 1A10 to 3 as the article now states, we would still get the issue.  Configuring UseRestrictedSecurity to 0 has allowed this to work.
 
As a side note, whilst the UseRestrictedSecurity is set to its default of 1, IE would place the site in the 'unknown "mixed zone" '.  This shows that even though the address was set as an intranet zone via GPO, it was being flagged in the restricted zone at the same time, hence why zone 4 needed to allow cookies to allow it to work.  With UseRestrictedSecurity set to 0, IE now correctly displays the site in the Intranet Zone, and thus uses the 1A10 setting from zone 1, which is allow all cookies.... thus the site works as it should, without having to allow cookies in the restricted zone.
 
0 Kudos

Go to solution
eggbert
Level 2
Partner

‎04-10-2015 01:53 AM

As per my post above, I thought Id place at the end also to make chronological sense....

:)

 

I have had a call open with Symantec since beginning of March regarding this issue. 

The orginal article was pulled, as I pointed out that it was incorrect technically, and insecure.

Setting the relevant zone 1A10 to a value of 3 actually sets it to block cookies, and not allow them.  Without cookies you get the error experienced.

The value of 1A10 actually needs to be '0' to allow ALL cookies.

From Microsofts site:-

Privacy Settings (1A10) is used by the Privacy tab slider. The DWORD values are as follows:

Block All Cookies: 00000003
High: 00000001
Medium High: 00000001
Medium: 00000001
Low: 00000001
Accept all Cookies: 00000000
 
The issue I had was that it would only work if Zone 4 1A10 was set to 0. This means allowing all cookies from the restricted zone, which is insecure if you have other sites which are meant to be restricted....
 
Unfortunately for us, when setting zone 4 1A10 to 3 as the article now states, we would still get the issue.  Configuring UseRestrictedSecurity to 0 has allowed this to work.
 
As a side note, whilst the UseRestrictedSecurity is set to its default of 1, IE would place the site in the 'unknown "mixed zone" '.  This shows that even though the address was set as an intranet zone via GPO, it was being flagged in the restricted zone at the same time, hence why zone 4 needed to allow cookies to allow it to work.  With UseRestrictedSecurity set to 0, IE now correctly displays the site in the Intranet Zone, and thus uses the 1A10 setting from zone 1, which is allow all cookies.... thus the site works as it should, without having to allow cookies in the restricted zone.
0 Kudos

Go to solution
O_Schmidt
Level 5

‎04-13-2015 01:07 AM

Now, i´ve got an answer from symantec support.

The support referred to the updated TECH article (http://www.symantec.com/docs/TECH227564)

This works for me.

0 Kudos