Enterprise Vault for Exchange: Unable to manually store in vault from Enterprise Vault Outlook Add-In

Enterprise Vault for Exchange: Unable to manually store in vault from Enterprise Vault Outlook Add-In

Article: 100045900
Last Published: 2020-05-28
Ratings: 0 1
Product(s): Enterprise Vault

Problem

It is not possible to manually archive (Store | Store selected items or Store | Store selected folder) from Enterprise Vault Outlook Add-In.

Error Message

The operation fails with the error message:

You do not have permission to store items in the Vault that is used for this folder

The Enterprise Vault client log contains the following: 

01/01/2019 12:43:34.960[9104][H]: StoreInVaultDlgLogic::Initialize: Default Archive ID (1B8461A0BF54ED94686F1CD804B8D84431110000evserver) not found in list of accessible archives returned from DesktopClientSettings.aspx

01/01/2019 12:42:45.093[9104][M]: The EV property page change button will not be displayed because the user cannot access the target archive

The Enterprise Vault Mailbox Archiving task works normally; archived items can be retrieved or restored without any errors.

The same issue does not occur if in the Desktop policy (Policies | Exchange | Desktop | Advanced the Outlook Add-in behaviour is set to 'Light'

Cause

The aforementioned occurs if the ASP.NET Impersonation is Disabled for the EnterpriseVault virtual directory

The code to execute the manual archiving uses HTTP requests, if the ASP.NET Impersonation is disabled it is executed under the identity of the related application pool (EnterpriseVaultAppPool) which runs by default with 'LocalSystem'.

The manual archiving from the client is therefore executed under LocalSystem account and the identity "NT AUTHORITY\SYSTEM" queries the accessible vaults returning 0 archives and the error 'You do not have permission to store items in the Vault that is used for this folder'

Solution

1. Stop all Enterprise Vault services by stopping the Enterprise Vault Admin service

2. open Internet Information Services (IIS) manager, open Site | Default Web Site | EnterpriseVault 

3. from the right pane select 'Authentication', notice the ASP.NET Impersonation is Disabled

4. right click on ASP.NET Impersonation and click Enable

5. close Internet Information Services (IIS) manager 

6. restart the 'World Wide Web Publishing Service' from Services 

7. start Enterprise Vault Services 

References

JIRA : CFT-2052

Was this content helpful?