Error Message

<< ERROR: EVSearcher.log >>
 INFO  [EVSearcher] (27820:pid:30820:AABV (TEST ACCT) IVS:45522:) Ended Search with IndexPropSNUM Range(1-3498) Total ResultHits:3498 Total Items:3498
 WARN  [root] (20760:pid:30820:)  The process with PID:12345 could not be queried or is no longer active. OpenProcess error:5 Message:Access is denied.

<< Windows Security Event Log >>
Source Account failed with error 
'FailureReason %%2313 '

The Kerberos ticket is outside of the five minute restriction caused by the eDiscovery Server or the Enterprise Vault Server system times not being in synchronization with the domain.

Set the registry value on the eDiscovery server to synchronize with the Domain Controllers upon server start

Reference:
1. Use the Registry Editor and browse to  HKLM\SYSTEM\CurrentControlSet\Services\W32time\Parameters . 

2. Confirm the Type is not set to "NoSync"; it should either be set to "NTP" (a manually configured time source, set using the w32tm Windows command), or "Nt5DS" (synchronize with domain hierarchy). 

Note: A server restart will be required in the event that this value is modified.