When going to the Browser Search page (http://Enterprise Vault server/EnterpriseVault/search.asp), the Vaults drop down list is expected to hold the list of Archives that the user has access to. But under certain condition, it shows up the archives that only the Vault Service Account (VSA) has access to.
DTrace AuthServer will include the following message:
EV:M CClientAuthIntImpl::RegisterClientIdentity Registering currently impersonated client. User:<Your Domain>\<Your VSA Account> Flags:None (0x0) (hr=Success (0))
The DTrace log line (shown above) indicates that the page was accessed by the Vault Service Account's privilege. The impersonated client user should be the user accessing the page, not the Vault Service Account.
This can occur if the settings in IIS on the Enterprise Vault server are not passing through authentication and are using a specific user (Vault Service Account in this case).
1. Log into IIS on the Enterprise Vault server
2. Under the EnterpriseVault directory select Basic Settings
3. Select Connect as...
4. Select Application user (pass-through authentication) and click OK
5. Reset IIS
Once this has been changed and IIS has been reset you can refresh the Browser Search (search.asp) page, and you will see the correct archives showing.