VOX

Thank you for your reply.

I've tried to do exactly as told, but to no avail. I'm actually a bit puzzeld as I can create an outlook profile for the EvSysMbx and open it using the EvSvcAcc. The provisioning task also runs fine with the "Use vault service account" option.

I've also tried removing and adding the server using FQDN, NetBIOS or IP notation, but neither of them made a difference. I've tried retyping the EvSvcAcc details using all upper (or lower) caase without succes.

I've done a Dtrace for "Exchange Mailbox administration" and these are the erros I'm getting (corresponding entries in the eventlog obviously).

 520    16:16:58.171     [2284]    (ArchiveTask)    <6044>    EV:M    CAgentTask::Initialise - Opening a MAPI session to verify privileged access to Exchange server [%MyServer%] using mailbox [SMTP:ev_system_mailbox@%MyCustomer%.be]
521    16:16:58.171     [2284]    (ArchiveTask)    <6044>    EV:M    CMAPISession::GetMapiSessionFromPoolEx(AdditionalFlags = 0)
522    16:16:58.171     [2284]    (ArchiveTask)    <6044>    EV:M    CMAPISession::CreateMapiSession - Entering Routine
523    16:16:58.546     [2284]    (ArchiveTask)    <6044>    EV:M    CMAPISession::CreateMapiSession - Calling CreateProfileAndSessionEx
524    16:16:58.546     [2284]    (ArchiveTask)    <6044>    EV:M    CMailboxHelper::CPAS() - ProfileName=VaultMbxAgent-%MyServer%-6044-1314627418-0-546-0
525    16:16:58.546     [2284]    (ArchiveTask)    <6044>    EV:M    CMailboxHelper::CPAS() - CreateProfile
526    16:16:58.546     [2284]    (ArchiveTask)    <6044>    EV:M    CMailboxHelper::CPAS() - CreateMsgService
527    16:16:58.562     [2284]    (ArchiveTask)    <6044>    EV:M    CMailboxHelper::CPAS() - GetMsgServiceTable
528    16:16:58.562     [2284]    (ArchiveTask)    <6044>    EV:M    CMailboxHelper::CPAS() - QueryAllRows
529    16:16:58.562     [2284]    (ArchiveTask)    <6044>    EV:M    CMailboxHelper::CPAS() - ConfigureMsgService
530    16:16:58.562     [2284]    (ArchiveTask)    <6044>    EV:M    ConfigureMsgServiceAttempt - Trying ConfigureMsgService using PR_PROFILE_UNRESOLVED_SERVER=[%MyServer%], Attempt=[1]
531    16:16:58.655     [2284]    (ArchiveTask)    <6044>    EV:M    ConfigureMsgServiceAttempt - ConfigureMsgService successful
532    16:16:58.655     [2284]    (ArchiveTask)    <6044>    EV:M    ConfigureMsgServiceAttempt - Exiting [0x00000000]
533    16:16:58.655     [2284]    (ArchiveTask)    <6044>    EV:M    CMailboxHelper::CPAS() - MAPILogonEx(2)
534    16:16:58.718     [2284]    (ArchiveTask)    <6044>    EV:M    CMailboxHelper::CreateProfileAndSession(VaultMbxAgent-%MyServer%-6044-1314627418-0-546-0) - Profile successfully created
535    16:16:58.718     [2284]    (ArchiveTask)    <6044>    EV:M    CMAPISession::CreateMapiSession - Calling OpenMailbox
536    16:16:58.718     [2284]    (ArchiveTask)    <6044>    EV:L    {CMailboxHelper::OpenMailbox:#421} Opening primary mailbox associated with MAPI session. Getting list of message stores...
537    16:16:58.718     [2284]    (ArchiveTask)    <6044>    EV:L    {CMailboxHelper::OpenMailbox:#429} Reading message store table...
538    16:16:58.765     [2284]    (ArchiveTask)    <6044>    EV:H    {CMailboxHelper::OpenMailbox:#470} Could not open message store: [0x8004011d]
539    16:16:58.765     [2284]    (ArchiveTask)    <6044>    EV:M    CMAPISession::CreateMapiSession - Release Mutex(2)
540    16:16:58.765     [2284]    (ArchiveTask)    <6044>    EV:M    CMAPISession::ClearProfileCache()
541    16:16:58.765     [2284]    (ArchiveTask)    <6044>    EV:M    CMAPISession::CloseMapiSession - Entry
542    16:16:58.765     [2284]    (ArchiveTask)    <6044>    EV:M    CMAPISession::CloseMapiSession - [1]
543    16:16:58.765     [2284]    (ArchiveTask)    <6044>    EV:M    CMAPISession::CloseMapiSession - [2]
544    16:16:58.765     [2284]    (ArchiveTask)    <6044>    EV:M    CMAPISession::CloseMapiSession - [3]
545    16:16:58.765     [2284]    (ArchiveTask)    <6044>    EV:M    CMailboxHelper::DeleteProfile(VaultMbxAgent-%MyServer%-6044-1314627418-0-546-0): 0x0
546    16:16:58.765     [2284]    (ArchiveTask)    <6044>    EV:M    CMAPISession::GetMapiSessionFromPoolEx: Exit status: 0x8004011d
547    16:16:58.765     [2284]    (ArchiveTask)    <6044>    EV:M    CAgentTask::Initialise - Failed to open privileged MAPI session - aborting agent startup, error [8004011d]
548    16:16:58.780     [2284]    (ArchiveTask)    <6044>    EV:M    {IsCurrentUserADomainAdmin:#4550} User is domain admin: [False]
549    16:16:58.780     [2284]    (ArchiveTask)    <6044>    EV~E    Event ID: 3305 The Task 'Exchange Mailbox Archiving Task for %MyServer%' failed to log on to Exchange server '%MyServer%' using mailbox 'SMTP:ev_system_mailbox@%MyCustomer%.be'. Please ensure the mailbox has not been hidden, that the server is running and that the Vault account has sufficient permissions on the server. |

I've doublechecked that I'm running Outlook 2007 SP2 + KB2475891. Looked at the evenlogs of EV server, exchange server and domain controller. I've also done my share of googling, looking through the Symantec Connect and these community forums. All of the hits cover people who cannot connect to their exchange at all. Have not seen any mention of a similar issue.

I could obviously be something out of the EV server, but why would entering the same account details make a difference then?

I'm a bit puzzeld :-?

You might try running the deployment scanner again (using the VSA credentials) and see if there are any problems reported.

[2284]    (ArchiveTask)    <6044>    EV~E    Event ID: 3305 The Task 'Exchange Mailbox Archiving Task for %MyServer%' failed to log on to Exchange server '%MyServer%' using mailbox 'SMTP:ev_system_mailbox@%MyCustomer%.be'. Please ensure the mailbox has not been hidden, that the server is running and that the Vault account has sufficient permissions on the server.

When logged in with VSA, you can connect to the ev_system_mailbox correct?

Can you verify in AD the mailbox is not hidden, not that it has some quota? As suggested also, can you rerun Deployment Scanner?

Output of the deployment scanner:

No FSA reporting ==> no mxsml/sqlxml

I'm not aware of any sql connectivity issues and reporting services is up and running

Exchange shop; no domino archiving

The system mailbox is not hidden. The exchange server is up and running databases are mounted. Remember; if I specify the credentials for the service account under "use this account" than it does work.

I have manually setup up an outlook profile for the system mailbox and used the service account to log on to that mailbox without a problem. I was able to sent, receive and read mail like that.

The system mbx is set to use database defaults. I've tried removing all of the checkboxes under quota settings but to no avail; that doesn't change a thing.

That being said I've been progressing my deployment in the mean time and the Public Folder Archiving task exhibit the exact same behaviour; does not work with use "vault store account", specifying the EvSvcAcc manually does work.

However I'm unable to add "standard" public folders. Adding a autoenabler for "\" does work?? (Perhaps this is related?)

Hello,

our customer had a similar issue. The error message "Could not open message store: [0x8004011d]" is the same. The problem by customer was the access to the exchange server from ev server.

Do you create the outlook profil for the system mailbox on the ev server?

Are you sure, that the archiving task works properly when you specify the credentials  for the service account under "use this account"?
 

Yes, I have manually set up an outlook profile which connects to the system mailbox. It has been configured to prompt for credentials each time. If I provide the details of the service account it opens successfully.  I can open message, send e-mail internally and externally. I'm able to navigate the public folder tree, and can open the items that are stored in them.

Both the mailbox and public folder archiving task fail to start (immediately) when using selecting "Use vault service account" under properties > log on. If I try the second option "Use this account" and specify the details for the same service account than both of the tasks start properly. So far I've enabled about 100 mbx and archived about 40Gb (give or take a little) worth of mail using that workaround.

wait wait wait

they made you add the system mailbox for that task to the exchange admins group?
that is flat out wrong

did you verify the permissions manually? you can use this TN - it's part of the PS script that you can use to setup permissions,  http://www.symantec.com/docs/HOWTO57552   

Yes, they did. Perhaps it has something todo with the old Exchange 2003 server that is still in the org. It is only used for 1 or 2 specifc public folders. I didn't bother with setting prerequisites up for it as it does not contain any data that needs archiving. Perhaps it is still the "master" for some of the exchange stuff. Will need to check that on my next visit and perhaps compare with what is said in the Installing and Configuring guide for adding Exchange 2003 server. I'll also check the Microsoft TechNet article for removing the "first server in the site"; perhaps that gives me some clue.

I'll do that once more.

I was also thinking about the SQL table KeyStore (I think that's the name). It caches credentials, so may be worth looking into that. In the past I've truncated it, re-entered credentials and things have worked (not necessarily the same issue though)