Some mailboxes with disabled Active Directory user accounts may stop archiving. Event ID 41133 is logged in the Enterprise Vault event logs

book

Article ID: 100001608

calendar_today

Updated On:

Cause

Enterprise Vault enabled mailboxes that are not being processed by archiving could be due to entries in the Enterprise Vault SQL Database tables which prevent the mailboxes from being processed. Relevant event logs may not be generated to report this condition, other than event log entries related to the Provisioning Task.

During the Provisioning Task run, Enterprise Vault collects and updates mailbox information from Active Directory (AD) and Exchange. Even though the task appears to run successfully, it may still generate events including Event ID 41133, advising that mailboxes were found that are not part of any Provisioning Group and therefore will not be processed.

Though this event ID may not be applicable or cause archiving to actually stop, there are other events generated that will stop the archiving and will not allow the Provisioning Task to fully complete, and therefore need to be addressed and resolved accordingly.

If no other Provisioning Task event errors appear, then reviewing the ExchangeMailboxEntry table in SQL will confirm that the affected mailboxes still exist and are enabled correctly, but other entries in this table are preventing these mailboxes from being processed.

One of the reasons why a mailbox may stop archiving can be seen when a review of this table shows that the ADMbxFlags column has a value which is set to 2. This means that the AD account associated with this mailbox is Disabled"and it will not be archived. When mailboxes are enabled or synchronized, this SQL table is populated/updated with the attributes from AD. This behavior is by design.
The following ADMbxFlags settings are applicable:
 
  • ADMbxFlags = 0 - Normal
     
  • ADMbxFlags = 1 - Mailbox is hidden
     
  • ADMbxFlags = 2 - AD Account is disabled
     
  • ADMbxFlags = 3 - mailbox is hidden and AD account is disabled

Resolution

An Active Directory account might be disabled for security reasons. Enterprise Vault will not process them by default. In order to resolve this issue, it is required to add the following Registry entry and set its value to zero to allow the mailboxes to continue to be archived even if they are disabled within AD.

Warning: Incorrect use of the Windows registry editor may prevent the operating system from functioning properly. Great care should be taken when making changes to a Windows registry. Registry modifications should only be carried-out by persons experienced in the use of the registry editor application. It is recommended that a complete backup of the registry and workstation be made prior to making any registry changes.

Location

Windows 32 bits:

HKEY_LOCAL_MACHINE
\SOFTWARE
 \KVS
  \Enterprise Vault
   \Agents
 
Windows 64 bits:
 
HKEY_LOCAL_MACHINE
\Software
 \Wow6432Node
   \KVS
    \Enterprise Vault
      \Agents
 
Content
 
ExcludeDisabledADAccounts (DWORD value)
 
  • 0 - Enterprise Vault tries to synchronize all mailboxes, regardless of whether they are associated with disabled Active Directory accounts. If a synchronization attempt fails, Enterprise Vault records an error in the event log.
     
  • 1 - (Default) Enterprise Vault does not synchronize mailboxes that are associated with disabled Active Directory accounts.
 
Description
 
Specifies whether Enterprise Vault tries to synchronize mailboxes that are associated with disabled Active Directory accounts.
 

 

Issue/Introduction

Some mailboxes with disabled Active Directory user accounts may stop archiving. Event ID 41133 is logged in the Enterprise Vault event logs.
Powered by Wolken Software