Problem
Users that belong to many groups in Active Directory will fail to search in Mobile Search.
Error Message
In the Mobile Search GUI the following error:
You do not have access to archives. If the problem persists, contact your Enterprise Vault Administrator.
In a dtrace of the DirectoryService and W3WP processes the following 8418 and 41478 events are seen:
(DirectoryService) <18456> EV~I DirectoryService: GetAllUsersGroups: Getting Users Groups using DC = \\DC and a username of user6 |
(DirectoryService) <18456> EV:L CEventLog::EventIsAllowedByFilter - Thread event filtering - event [0xc00420e2] was filtered out
(DirectoryService) <18456> EV~I DirectoryService: ADO: GetNextLevelArchiveXMLBySite - GetUsersSids Failed |
(DirectoryService) <18456> EV:H {CDirectoryServiceObject::GetNextLevelArchiveXMLBySite} HRXEX fn trace : Error [0x8000ffff], [d:\builds\13_\ev\vh-12.4-m\sources\source\directory\directoryservice\directoryserviceobject.cpp, lines {10061,10071,10096}, built Mar 1 01:08:01 2019].
(DirectoryService) <18456> EV~E Event ID: 8418 Failed to get user groups with domain group error code 234 and local group error code . |
(w3wp) <11572> EV:H {CDirectoryConnectionObject::GetNextLevelArchiveXMLBySite} HRXEX fn trace : Error [0x8000ffff], [d:\builds\16_\ev\v-m-s\sources\source\directory\directoryconnection\directoryconnectionobject_1.cpp, lines {3354,3361,3363}, built Nov 1 13:11:07 2018].
(w3wp) <11572> EV~W |Event ID: 41478 User 'user6' does not have permission on any archive.
Cause
There is a character limit of the sum total of characters of each group the user belongs to. Users that belong to dynamic groups are more susceptible to this issue.
To identify the groups that the affected user belongs to run the following PowerShell command on the Domain Controller identified in the dtrace (i.e., DC):
Get-ADPrincipalGroupMembership -Identity user6 | fl name
Solution
Workaround is to reduce the amount of groups the user belongs to.
Issue has been identified in EV versions 12.3.1 and 12.4.2. It has been fixed in 12.5.3 and 14.References
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.