After enabling Extended Protection from the august security updates I am unable to execute the Search-AdminAuditlog cmdlet from the passive mailbox database server. The error given is from the MSExchange Management Event log, Error 6 :

Microsoft.Exchange.Management.SystemConfigurationTasks.AdminAuditLogSearchException: The attempt to search the administrator audit log failed. Please try again later. ---> Microsoft.Exchange.Data.ApplicationLogic.AuditLogException: An error occurred while trying to access the audit log. For more details, see the inner exception. ---> System.Net.WebException: The request failed with HTTP status 401: Unauthorized.

Disabling extended protection allows the cmdlet to execute from the passive database server.

Exchange 2019 CU12, health checker script on both servers is fully green after ExchangeExtendedProtectionManagement.ps1 is ran.