Solved

External Access to Enterprise Vault (Outlook, Archive Explorer and Serach)

Posted on 2008-10-22
7
6,141 Views
Last Modified: 2013-12-08
Howdy All,

I'm having dramas with accessing Enterprise Vault when a user is offsite. Basically I think it's an IE7 issue with it not detecting the EV site as an Intranet Site. I have other company sites being detected as Intranet sites fine e.g. OWA.

The workaround I'm using is to take the EV sites out of the Intranet Zone which obviously prompts the user for their credentials, user authenticates and is able to access EV.

Everything works as it should when connected to the network just not externally.

I have done the following:
    * Referenced http://seer.entsupport.symantec.com/docs/295039.htm
    * Downgraded to IE6 from IE7
    * Disabled 'Automatically detect Intranet Sites' in IE7
    * Installed XP SP3 and the latest MS updates
    * Checked the WebApp.ini file

Environment is as follows:
    * Clustered Exchange 2007 MDB
    * Single Exchange 2007 CAS
    * EV 2007 SP3 (7.5-RG2138) upgraded from EV 6.0 SP5

Basically I'm at a loss as to 1 what's causing it and 2 how to resolve it. Any ideas?

Cheers,
Ric
0
Comment
Question by:Riqsta
  • 4
  • 3
7 Comments
 
LVL 1

Author Comment

by:Riqsta
ID: 22776491
Further to this I'm seeing this error in the IIS Log - Enterprise+Vault 401 2 2148074254
0
 
LVL 42

Expert Comment

by:paulsolov
ID: 22846838
Which client are you using, HTTP Only, or the full client?
0
 
LVL 1

Author Comment

by:Riqsta
ID: 22848696
For testing I'm using the HTTP client.
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 42

Expert Comment

by:paulsolov
ID: 22861894
Have you added all the entries that EV likes to use such as:

http://servername
http://cname_of_servername
http://fqdn_of_servername
http://fqdn_of_cname
\\servername
\\cname
http://*.domain

Give that a shot first, if it doesn't work we'll look at IIS

From you description I am not sure what method of access the user is using for access
0
 
LVL 1

Author Comment

by:Riqsta
ID: 23409475
Been awhile since the last update. Almost a year in fact!

But I'm using ISA publish OWA, Outlook Anywhere and Enterprise Vault. OWA and EV shortcuts works perfectly as the http session is authenticated with ISA.

However I'm having an issue with accessing EV shortcuts using Outlook 2003 connecting with RPC/HTTPS through ISA. Basically I'm getting asked to authenticate when I open an archive shortcut or Archive Explorer from Outlook.

I've followed these procedures
http://seer.entsupport.symantec.com/docs/305637.htm
http://www.shudnow.net/2008/06/24/publishing-symantec-enterprise-vault-in-isa-2006/
and checked that all EV sites are in the Intranet Zone, checked IIS permissions on EV server and tried the Outlook HTTP-only/Full clients.

Any suggestions?
0
 
LVL 42

Assisted Solution

by:paulsolov
paulsolov earned 300 total points
ID: 23410042
Opening with Archive Explorer may be a diffrent issue all together, depending on the configuration it may be trying to open a separate stream and a separate IE window and unless you have Layer 3 VPN access it may not work.  

If you get a prompt for the first time while using RPC/HTTP and it stays up unless you close all IE and Outlook sessions this is normal behavior from what I've seen.  Most of the security personnel I've talked to want at least some type of authentication when connecting to an internal system.

As a baseline you may also try installing full client on a machine and giving it a go
0
 
LVL 1

Accepted Solution

by:
Riqsta earned 0 total points
ID: 23468194
I have finally resolved this issue, I had to set the IIS authentication by running this script.
cscript C:\Inetpub\AdminScripts\adsutil.vbs set w3svc/NTAuthenticationProviders "NTLM"
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question