cancel
Showing results for 
Search instead for 
Did you mean: 

Permissions Issue with evault 8.0 SP3

HiveFives
Level 3
Hello All,

I have a question and I'm hoping someone has seen this issue before. We've just installed Evault 8.0 SP3 on a Windows 2003 box and we've vaulted a few mailboxes for testing.
Every user that's been vaulted gets the same error: "There was an error loading this item -- some functionality may not be available".

When we grant an individual user local adminstrator on the evault server, the message opens fine. For obvious reasons, we can't use that solution for our users.  The service account has local administrator on the EV server, and full permissions on the user's accounts.  

Has anyone seen this before? Any help is greatly appreciated.

Thanks in advance!

1 ACCEPTED SOLUTION

Accepted Solutions

JosephRodgers
Level 4
Employee Accredited Certified
Are your client machines configured to use a proxy for web access?  Is EV traffic routed through the proxy?

Also check this article:

http://support.microsoft.com/kb/832981

-Joe

View solution in original post

11 REPLIES 11

GertjanA
Moderator
Moderator
Partner    VIP    Accredited Certified
Hello HF.

What are the permissions on the archives themselves?
Doubleclick an archive, tab permissions.

If the account is in there they should be able to open the messages fine.

You don't vault, you archive ;)

What you might want to do is to check your provisioning group, run it in normalmode, doubleclick mbx-archiving task, and sync the mailboxes. Then try again.


Make sure the VSA (vault service account) has full control on the index and storage folder location.
Regards. Gertjan

TonySterling
Moderator
Moderator
Partner    VIP    Accredited Certified
If you click "There was an error loading this item -- some functionality may not be available". do you get an info box?  If yes, what is it?  There can be a few things that cause this and knowing what the info box says will help narrow it down.

HiveFives
Level 3

Thanks for your responses!

Permissions for each user is ‘granted’ for read, write and delete (automatic, but also tried manual).

When I click on the error, I get ‘an internal error occurred on the web server’.

When I click on the link, I’m prompted for username/password and get ‘The Local Security Authority cannot be contacted’.

IIS permissions are Enabled Anonymous and integrated windows.

“What you might want to do is to check your provisioning group, run it in normalmode, doubleclick mbx-archiving task, and sync the mailboxes.”

Tried this and still get the errors.

The VSA has full control on the index… we’re still looking into the permissions on the storage folder location because we don’t control that – but we’re told everything was set up correctly.

 

JosephRodgers
Level 4
Employee Accredited Certified
What are the results when a users access their vaults via the webs earch (http://<evserver>/enterprisevault/search.asp) ?

Do users have to authenticate when starting Outlook?

-Joe

TonySterling
Moderator
Moderator
Partner    VIP    Accredited Certified
You said "IIS permissions are Enabled Anonymous and integrated windows."  Anonymous should NOT be enabled on the EnterpriseVault virtual directory! 

Only Basic and IWA.

HiveFives
Level 3
When trying to access via web search: The Local Security Authority cannot be contacted - not prompted for username/password.

When trying to access an archived item via owa, I get prompted for username/password 3x, then I get a 401 error.

I've changed the IIS permissions to basic and iwa (restarted IIS and all evault services), and still get the same error. 

Thanks again for your ideas/suggestions. =)

TonySterling
Moderator
Moderator
Partner    VIP    Accredited Certified
Did you run a synch of the archive task after you restarted?

JosephRodgers
Level 4
Employee Accredited Certified
Are your client machines configured to use a proxy for web access?  Is EV traffic routed through the proxy?

Also check this article:

http://support.microsoft.com/kb/832981

-Joe

HiveFives
Level 3
Tony, we ran the sync as you suggested, but that hasn't helped.

Joe, we've tried both with and without a proxy... neither have worked.

If we use an network admin account, it works. We just tried using a regular user account and granted it local admin on the client box (to see if it was IE) and that hasn't worked either. Looks like something in IIS. :?

JesusWept3
Level 6
Partner Accredited Certified
yup
have a look at your EV Server installation directory and make sure Authenticated users has been granted permissions
https://www.linkedin.com/in/alex-allen-turl-07370146

HiveFives
Level 3
@ Joe!!! OMG! Thank you!!!! I went with the article you posted and it worked!!! MANY THANKS!!!!!!!!1