This issue occurs when a "Specific User" is set in the 'Physical Path Credential' setting of the EnterpriseVault virtual directory. As a result some user other than the end user's credentials are being used. 

Set the Physical Path Credentials on the EnterpriseVault virtual directory to use 'Application user (pass-through authentication)' setting instead of the 'Specific User' setting:

1. Access Internet Information Services (IIS) Manager on the EV server.

2. Navigate to the EnterpriseVault virtual directory.

3. Right click on the EnterpriseVault virtual directory.

4. Select the Manage Application option.

5. Select the Advanced Settings... option.

6. Select the Physical Path Credentials option.

7. Click on the ellipsis [...] at the right side of the option.

8. Select the Application user (pass-through authentication) radio button.

9. Click the OK button to save the change.

10. Click the OK button to close the Advanced Settings page.

11. Close IIS Manager.

12. Reset IIS

  12.1. Open an Administrative Command Prompt.

  12.2. Type and execute the command iisreset.

13. Test the Vault Cache synchronization to ensure it works properly.

 

1. When attempting to access the https://EVServername/EnterpriseVault/ListArchives.aspx, the non-working output below is displayed: - <MDCSyncResponse hr="0" msg="SUCCESS">
- <ListArchivesResponse>
<Archives Date="1576506177" />
</ListArchivesResponse>
</MDCSyncResponse> 2. The client trace log shows the following: 11/12/2019 15:15:02.612[13540][L]: HDR: ~EVServerConnection::Get: 0x0
11/12/2019 15:15:02.613[13540][L]: HDR: EVServerConnection::LoadXMLResponse: 0x0
11/12/2019 15:15:02.613[13540][M]: HDR: LoadXMLResponse dataLen = 170
11/12/2019 15:15:02.614[13540][M]: HDR: LoadXMLResponse is <?xml version='1.0' encoding='utf-8'?><MDCSyncResponse hr='0' msg='SUCCESS'><ListArchivesResponse><Archives Date="1576077302" /></ListArchivesResponse></MDCSyncResponse>
11/12/2019 15:15:02.617[13540][L]: DesktopCommonUtil::GetXMLDOMDocumentObj: 0x0
11/12/2019 15:15:02.618[13540][M]: ------ Loaded DOMDocument6
11/12/2019 15:15:02.623[13540][L]: HDR:SYNC: MDC::ServerResponseHandling::Response: 0x0
11/12/2019 15:15:02.624[13540][M]: HDR:SYNC: MDCSyncResponse hr: 0x0
11/12/2019 15:15:02.625[13540][M]: HDR:SYNC: MDCSyncResponse msg: SUCCESS
11/12/2019 15:15:02.626[13540][L]: HDR:SYNC: ~MDC::ServerResponseHandling::Response: 0x0
11/12/2019 15:15:02.627[13540][L]: HDR:SYNC: ~MDC::ServerResponseHandling::Request: 0x0
11/12/2019 15:15:02.628[13540][M]: HDR:SYNC: ListArchives:<ListArchivesResponse><Archives Date="1576077302"/></ListArchivesResponse> 3. Dtrace of the w3wp and AuthServer processes contain the following: (w3wp) <43204> EV-L {FullSync.GetFullIndexChunk} FullSync.GetFullIndexChunk - VEID:15B30E2DAB6A0B244B1D0F4A0F947A7011110000vault01, Slot:842059aa-2018-4079-bd2e-9ccf34e6a02c
(AuthServer) <35836> EV:L {CClientAuthIntImpl::RegisterClientIdentity} Registering COM client identity... Flags[None (0x0)]
(AuthServer) <35836> EV:L {CLinkedUserAccounts::DoLinkedAccountChecks:#71} Linked account checks enabled [False]
(AuthServer) <35836> EV:L {CClientAuthIntImpl::RegisterClient} Completed registration. Client [A2\SA-A2-LIEC-EntVault], AuthToken [vault01.Z1.loc o19p2NWE/H*****], SIDs count [20], Cancel Id [20801].
(w3wp) <43204> EV:L {ClientAuthImpl::RegisterClientToken} Windows token [00000000], Flags [None (0x0)], AuthToken [vault01.Z1.loc o19p2NWE/H*****]
(w3wp) <43204> EV~I DirectoryConnection: Function call: CVersionUpdate::NewInstallation |
(w3wp) <43204> EV:L {CBaseDirectoryServiceWrapper::CreateDirectoryService} Directory Name [VAULT01], Try Local Service [True]
(w3wp) <43204> EV:L {VaultCreateTrustedInstanceRequest::CreateLocalInstance} Successfully connected to local service
(w3wp) <43204> EV:L {VaultCreateInstanceRequest::CreateInstance} CLSID [{F4D3EB5B-C7C5-11D1-90DB-0000F879BE6A} (EnterpriseVault.DirectoryService.1)] Server Name [VAULT01] Used Server Name [VAULT01] Num of attempts [1] Total elapsed [0.000s] Result [Success (0)]
(AuthServer) <35836> EV:L {CClientAuthIntImpl::ConfirmClientIdentity} AuthToken [vault01.Z1.loc o19p2NWE/H*****] ==> User [evlab\evservice] SID count [20], Use once token [False], Server identity SSPI Token [TlRMT...QVkEy]
(AuthServer) <35836> EV:L {CClientAuthIntImpl::ConfirmServerIdentity} Result [Success (0)]. Server identity SSPI Token [TlRMT...AAAAA => TlRMT...D/Q==]
(w3wp) <43204> EV:L CAuthHelper::Reset Cancel registration? True CancelId: 20801
(AuthServer) <35836> EV:L {CClientAuthIntImpl::CancelClientIdentity} AuthToken [vault01.Z1.loc o19p2NWE/H*****], Cancel Id [20801]. Result [Success (0)].
(w3wp) <43204> EV:L {ClientAuthImpl::CancelClientIdentity} AuthToken [vault01.Z1.loc o19p2NWE/H*****]. Token existed [True]
(w3wp) <43204> EV-H {Common.DTraceExceptionAndVEID} Exception: No access to archive Info:VEID:15B30E2DAB6A0B244B1D0F4A0F947A7011110000vault01 Diag: Type:System.UnauthorizedAccessException ST: at DesktopClientCacheWeb.FullSync.GetFullIndexChunk(IAutoJournalAccessor ja)| at DesktopClientCacheWeb.FullSync.GetFullIndexChunkAndCheckSlot()| at DesktopClientCacheWeb.FullSync.Page_Load(Object sender, EventArgs args) Inner:None
(w3wp) <41000> EV-L {Slot.Page_Load} Slot.Page_Load
(w3wp) <41000> EV-L {Slot.ReleaseSyncSlot} Slot.ReleaseSyncSlot - SlotID: 842059aa-2018-4079-bd2e-9ccf34e6a02c, VEID:15B30E2DAB6A0B244B1D0F4A0F947A7011110000vault01
(w3wp) <41000> EV:L {CAutoJournalAccessor::ReleaseSyncSlot} (Entry)

Cause:

This issue occurs when a "Specific User" is set in the 'Physical Path Credential' setting of the EnterpriseVault virtual directory. As a result some user other than the end user's credentials are being used.