are you still using TLS 1.0 / 1.1 ?? with Enterprise Vault

 I still come across clients with the older version of EV , there are many reason to upgrade to the latest version such as new features , official support from veritas ,Product enhancement but out of all these you first need to think about security and the reason why is

TLS 1.0 and 1.1 are already deprecated and if you still using it , you must need to aware about security risk which you have right now in your business critical environment . from Enterprise vault 12.4.1 , TLS 1.2 is flawlessly supported. so if you running lower version have you plan ready to upgrade !!.*&undefined&docRepo=true

How to Run Enterprise Vault Throttling Policy on Exchange Server

Exchange Server 2013 and 2010 have a default throttling policy which restricts user accounts to no more than 20 open connections to the server. This restriction on the Vault Service account would cause failures of the Enterprise Vault tasks that run under the account. To prevent these failures, you must remove the restriction from the Vault Service account when you archive from Exchange Server 2013 and 2010.

Enterprise Vault includes a PowerShell script called SetEVThrottlingPolicy.ps1 which creates a new policy and assigns it to the Vault Service account to remove the restriction. You must run SetEVThrottlingPolicy.ps1 against an Exchange 2013 or 2010 mailbox. If your Vault Service account already has a mailbox on Exchange Server
2007 or earlier, you must first move the mailbox to Exchange 2013 or 2010.

However, in certain circumstances it may be problematic to create and assign this policy via the powershell script provided. In those situations the below commands can be manually run to create and assign the policy to the Vault Service Account mailbox.


.\SetEVThrottlingPolicy.ps1 -user domainname\vsa -server EX2013-CAS.EV.Local

— After running the command if it is asking for user name & password
Please use exchange server credentials, using that currently you are logged in.
Example : domainname\exchangeadmin and password = *******

in my case i had issue with archving where the task was unable to archive item with the error Lie Mode Lock 

What’s new in Enterprise Vault 12.5

With the latest release of Enterprise Vault, supervision is now faster and more advanced, and classification has been extended with support for many new policies and countries.

Key enhancements:

  • Hotword hit counts direct reviewers to the most relevant content, and new Hotword workflow improvements guide reviewers to each Hotword hit.
  • Filtering on content source and Hotword lexicons filter review sets to focus on the most relevant content.
  • Targeted search by time range helps pinpoint insider trading by finding evidence of private information being communicated before it becomes public information.
  • Updated classification policies for the California Consumer Privacy Act, NYDFSS and Personal Data policies that now cover more than 70 countries worldwide.

All of this means an increased ability to locate the most relevant content quickly–minimizing risk, lowering cost and ensuring compliance for all the data in your organization.

New VERITAS Enterprise vault Role Based Access Managment

From Enterprise vault 12x . Roles based access configuration has moved to Enterprise Vault management Shell however still is simple to manage and configure, here quick note to manage

Available access Roles

  • Domino Administrator
  • Exchange Administrator
  • Extension Content Provider Administrator
  • File Server Administrator
  • NSF Administrator
  • Power Administrator
  • PST Administrator
  • SharePoint Administrator
  • SMTP Administrator


Each roles provide unique set of permission to user but most of the time you need  Power Administrator which basically provide all the permission to manage enterprise vault, check following link to find suitable roles for your needs

Steps :-

Get-EVRBARoleMember  –> This cmdlet lists the RBA roles that exist in the Enterprise Vault Directory

Get-EVRBARoleMember -Identity ” Power Administrator”  –> to find out the assigned user under the roles of Power administrator

Add-EVRBARoleMember -Identity “Power Administrator” -Members “Domain name\username”   –> to add the user to specific RBAROLE


Thanks for your support

Enterprise Vault clienttest.gif failed & EV URL redirected to Exchange RPC

Recently I was struggling to the fix the issue with the one of enterprise vault client computer where user was not able to access the archived email and search was not working from the outlook search button.

Client Trace logs and below was identified

28/01/2019 12:59:59.536[7088][M]: HaveConnection::ExecuteTest – Connection test to: xxxxx/EnterpriseVault/clienttest.gif failed

28/01/2019 12:59:59.538[7088][M]: HaveConnection::ExecuteTest (80184779) – Ending connection

28/01/2019 12:59:59.538[7088][L]: ~HaveConnection::ExecuteTest

28/01/2019 12:59:59.538[7088][H]: Could not contact the EV web server (https://serveralias/EnterpriseVault) directly

28/01/2019 12:59:59.539[7088][L]: DesktopCommonConfig::GetSetting: 0x0

28/01/2019 12:59:59.539[7088][M]: Desktop Setting: RPCOVERHTTPPROXYURL

28/01/2019 12:59:59.540[7088][M]: Value: https://serveralias/EnterpriseVault

28/01/2019 12:59:59.540[7088][L]: ~DesktopCommonConfig::GetSetting: 0x0

28/01/2019 12:59:59.541[7088][H]: Trying the Alternative Web Application URL (https://serveralias/EnterpriseVault)

so here EV tries to connect the vault server but due to some certificate related issue it was redirected to the exchange RPC URL.

i have tried all the possible troubleshooting and redirect URL to EV alias but none was helpful , after checking so many things below was the simple solution

remove the checkmark from the internet explorer setting

Check for Publisher’s certificate revocation

Check for server certificate revocation*

Check for signatures on downloading programs


error seeting

Thanks !!

Action Conquer Fear

Migrate Enterprise Vault Database to New SQL Server

Before beginning of database migration note down below important things

  1. SQL Server Name : –  SQL Server can be confirmed from the EV admin console and registry as below




Fingerprint database  :-  Run the “select *from FingerprintCatalogueDatabase” to check finger print database name


Vault store Database :-  expand directory database –> table –>  Right Click  dbo.vaultstoreGroup –> Select top 1000 Rows


Permission requirement on New sql Server

1. Confirm the Vault Service Account is a member of the local administrators group.

2. Confirm the Vault Service Account is assigned the dbcreator role.

            a. Open SQL Server Management Studio

            b. Expand Security Logins > right-click the Vault Service account and select Properties.

            c. Click Server Roles and confirm dbcreator is checked.

3. Grant the Vault Service account “Select” permissions on the following msdb tables:

  • sysjobs
  • sysjobschedules
  • sysjobservers
  • sysjobsteps.

Note: Use the following script to grant select permissions to the Vault Service Account over the MSDB tables. Replace DOMAIN\VSA by the Vault Service Account:



GRANT SELECT ON dbo.sysjobschedules TO “DOMAIN\VSA”

GRANT SELECT ON dbo.sysjobservers TO “DOMAIN\VSA”


4. Assign the database role “SQLAgentUserRole” to the Vault Service account.

5. Confirm TCP/IP and/or Named Pipes are enabled.

            a. Open SQL Server Configuration Manager

            b. Expand SQL Server Network Configuration and click Protocols for <instance name>.

            c. Confirm Named Pipes and/or TCP/IP is Enabled under the Status

  1. Check all other required permission from Enterprise vault installation and configuration guide

Backup and restore Database to new Server

Stop all the Enterprise Vault Service from all the EV Servers

Engage DBA (Database administrator) and backup and restore database to new sql Server

Now it’s time to update Entry for New SQL Server

Update the Fingerprint Database

Run attached script as mention in following article ,

Update the Monitoring Database

1. Open SQL Server Management Studio

2. Run the following query, substituting the New_SQL_Server value with the hostname of the new SQL server:

USE EnterpriseVaultDirectory

UPDATE MonitoringSettings

SET SQLServer = ‘New_SQL_Server’

Update the Directory Database in the registry

his step is performed on the Enterprise Vault Server.

1. Click Start > Run , type regedit and click OK .

For 32bit systems, HKEY_LOCAL_MACHINE\Software\KVS\Enterprise Vault\Directory\DirectoryService.

For 64bit systems, HKEY_LOCAL_MACHINE\Software\Wow6432Node\KVS\Enterprise Vault\Directory\DirectoryService

2. Double-click the SQLServer Name string value.

3. Enter the name of the new SQL server in the value data field and click OK.

4. Start the Enterprise Vault Directory Service, this will also start the Admin Service.

Update the Vault Store Database

This step is performed on the Enterprise Vault Server.

1. Open the Vault Administration Console (VAC), right-click the name of the Vault Store and select Properties.

2. Select the Database tab.

3. Next to SQL Server, enter the name of the new SQL server and click OK.

4. Repeat steps 1-3 for any remaining Vault Stores.

5. Start the remaining Enterprise Vault services

Update the Audit Database

This step is performed on the Enterprise Vault Server.

Note: No Enterprise Vault services need to be stopped for this step.

The EVAudit System DSN must be updated with the new location of the audit database.

1. For 32bit systems, Open Data Sources (ODBC) from the Administrative Tools panel on the Enterprise Vault Server. For 64bit systems, browse to %systemroot%\syswow64\odbcad32.exe

2. Select the System DSN tab.

3. Select the EVAudit entry.

4. Click the Configure button.

5. On the first page of the wizard, under Which SQL Server do you want to connect to?, enter the name of the new SQL server.

6. Continue through the wizard and click Finish to apply the changes.

Resume EV operations using the New SQL Server

  1. Start all EV Services on check event viewer for any error connecting to database

Base Source :-


Enterprise Vault Installation and configuration guide

Upgrade Veritas EnterpriseVault For Exchange 2010 Archiving From 11.0.1 to 12.2

Prerequisites :-



  1. Vault Service account requires a new SQL permission
  • The Vault Service account requires the VIEW ANY DEFINITION permission.


  1. Enterprise vault 12.2 requires uniform SQL collection


  1. Run Deployment scanner 12.2
  2. backup SQL and snapshot for VM
  3. Run updating required windows features if required
  4. Remove archiving schedule from task
  5. Allow MSMQ TO empty
  6. Set database permission and free space to upgrade
  7. Remove archive  expire from site properties
  8. Disable antivirus from server
  9. Disable UAC



Scope to upgrade :-


  1. Stop DA and CA service from other servers
  2. Disable enterprise vault admin service
  3. Stop other remote application service , DA CA
  4. Close any running application on server
  5. Run upgrade by selection upgrade existing server
  6. restart the server if setup ask for other wise no need to restart.
  7. after restart dont start enterprise vault services, first complete the database upgrade and restart the server


Database Upgrade :-

  1. Open Enterprise vault Management shell and run Start-EVDatabaseUpgrade
  2. Once upgrade complete review the report from Reports/DBUpgrade
  3. Backup upgraded database
  4. Start all enterprise vault service


Post upgrade task :-


  1. Check manual archive and restore from client
  2. Run the mailbox sync
  3. Run the provisioning task and review report
  4. Run now archive for one mailbox and check archived items and shortcut creating
  5. Configure the archiving schedule
  6. Install exchange OWA extension for exchange 2010 in cas server


if more details are required you can reach me on

Entperises vault dll register task Is not running during upgrading from enterprise vault 10 to 11

During upgrade form version 10 to 11 at the first reboot enterprise vault runs the dll registration process but some time it failed to start registration , these behavior is especially identified in tightly hardened servers.

Error :-

An error occurred in the thread control of enterprise vualt .net server processes

Reference :- LSM/CCI

additional info: KVS.enterprise vault. systemServer Manager


Because of above mention scenario , lot of .net related error was reported in event logs and I was failed to start storage service too. However database upgrade was completed successfully as it required directory and indexing service to start


Steps -1 :- I tried below steps but doesn’t resolve issue

1) Stop the EV services

2) Open a command prompt on the EV Server and ‘Run as Administrator’.

3) “C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe” /tlb /codebase /verbose “C:\Program Files (x86)\Enterprise Vault\KVS.EnterpriseVault.ServerManager.dll”


Steps -2 :-  below option also doesn’t help full

  1. Run fileReRegister.bat from enterprise vault installation directory


Steps -3 :- final and permanent solution

  1. Stop enterprise vault service
  3. Download the FileReRegister.log
  4. Start the enterprise vault service

An error occurred in the thread control of the enterprise vault. Net server Processes after upgrade enterprise vault from version 10. to 11.0.1


Error :

Machine generated alternative text: error occurred in the thread control of the nterprise Vault .NET server processes;  Error: €0180131040»  Reference: LSM,'cci  Additional Info: KVS.EnterpriseVauIt.SystemServerManager

Impact :-

–> Provisioning task shows error

–> will able to remove and put indexing from backup mode


Solution :-

The immediate resolution for the issue would be to run the following command so that the dll is registered properly.

1) Stop the EV services

2) Open a command prompt on the EV Server and ‘Run as Administrator’.

3) “C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe” /tlb /codebase /verbose “C:\Program Files (x86)\Enterprise Vault\KVS.EnterpriseVault.ServerManager.dll”


if above Soution Does’t resolve issue follow below artical;

This mailbox has duplicate entries in the directory and cannot be processed. (Event ID:- 3333) with Enterprise Vault 11 for Exchange journal mailbox archive

if you are searching for mention error is a subject line, which simply means you might want to move the enterprise vault task to the another server or trying to create new task but old entry is still present in SQL table.


Log Name:      Symantec Enterprise Vault

Source:        Enterprise Vault

Date:          9/23/2017 11:12:56 AM

Event ID:      3333

Task Category: Journal Task

Level:         Error

Keywords:      Classic

User:          N/A



This mailbox has duplicate entries in the directory and cannot be processed.




[Not Set]


first identified a correct directory database, below query have to run on directory database

Find entry and identified with vaultID in , As you can see in error above in my case vaultid was not set so i have decided to deleted same entry

select * from exchangeMailboxentry where mbxdisplayname = ‘JOURNALmailboxname’

To check the available entry for vault id

select * from exchangeMailboxentry where defaultvaultid = ‘156F20DF15684D845A869655D4C604B091110000eVaultApp01’

Query to delete from old exchangemailboxentry

where exchangemailboxentryid = ‘1F036D13E2B6F5C4C9717D1B30AD162D11n10000eVaultApp01’