Error Message

Log Name: Veritas Enterprise Vault
Source: Enterprise Vault
Event ID: 4289
Task Category: None
Level: Warning
Description: Unable to connect to server 'EVDirectoryServer' using Kerberos authentication.
Reason: The RPC server is unavailable. (0x800706ba)

The DCOM connection was attempted with:
CLSID: {F4D3EB5B-C7C5-11D1-90DB-0000F879BE6A} (EnterpriseVault.DirectoryService.1)
Server name: 10.1.1.100
Server Principal Name: dcom/EVServer.local

The connection was made using WinNT authentication. Check that the server name identifies a known server.
There may be a problem with Kerberos authentication or a security issue. An unknown server could indicate a man-in-the-middle attack.
V-437-4289

CA and DA perform vault synchronizations using the Directory DNS alias specified in the EVBAAdmin webpage and the Vault Service Account running the Enterprise Vault Accelerator Manager Service (EVAMS).  When the synchronization is run, a call is made to DNS to translate the alias and to Active Directory to authenticate the Service Principal Name (SPN) of the Enterprise Vault Directory Service that is being run on the Enterprise Vault Directory Server.  The IP address was returned successfully, but the SPN for the Enterprise Vault Directory Server was not returned.

1.  Run SETSPN -S dcom/servername servername on the domain controller server.

For example, the command below will add the specific service (dcom) / name (EVServer.local) to the hostname of EVServer as an SPN to Active Directory:

     SETSPN -S dcom/EVServer.local EVServer

2.  Restart the EVAMS on the Accelerator server.

Note: To verify current SPN listings, run the following command where servername is the name of the Accelerator server:

3.  Run SETSPN -L servername

For additional information refer to Microsoft TechNet Article: cc731241