Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

Auto-update of Custom User Lookup Table

Updated: 22 May 2010 | 16 comments
antilles's picture
antilles
Accredited
0 0 Votes
Login to vote

Hello,

Is it possible to prepare custom lookup table, which will be updated without user activity e.g. by periodically executed script? If yes, what steps are required to do that?

Thanks,
Antilles

discussion Filed Under:
,

Comments

Jake Schlachter's picture
16
Jul
2007
0 Votes 0
Login to vote
Jake Schlachter
Symantec Employee

Looking into this, will have an answer soon.

An excellent enhancement suggestion I have heard is to allow the reading and populating of these Custom Lookup Tables via our Web Services interface.  Would something like that solve your problem?

cheers,

Jake

antilles's picture
17
Jul
2007
0 Votes 0
Login to vote
antilles
Accredited

Of course, if the auto-update of lookup tables will be provided by Web Services interface it will be good solution. But possiblity of doing the same table update in different way (such as shell script) will be also good thing. I modified *.tab files directly on appliance but these changes weren't visible in SSIM console (even after reboot).

Regards,
Antilles

Paul Murgatroyd's picture
18
Jul
2007
0 Votes 0
Login to vote
Paul Murgatroyd
Symantec Employee
Accredited
Certified

hey antilles, probably the best thing for you to do at the moment is contact support - they may be able to help you out.
 
p.

Paul Murgatroyd
Principal Product Manager, Symantec Endpoint Protection
Endpoint twitter feed: http://twitter.com/symc_endpoint

antilles's picture
19
Jul
2007
0 Votes 0
Login to vote
antilles
Accredited

Hi Paul,
Your previous answer gives me important clue about location of lookup tables data (other than files), now I will test it and in case of further questions I will consider contact support. Thanks anyway.

Regards,
Antilles

Paul Murgatroyd's picture
19
Jul
2007
0 Votes 0
Login to vote
Paul Murgatroyd
Symantec Employee
Accredited
Certified

no problem, just make sure you take a full backup before you start doing anything and be fully aware that what you are doing is UNSUPPORTED.
 
p.
 
 

Paul Murgatroyd
Principal Product Manager, Symantec Endpoint Protection
Endpoint twitter feed: http://twitter.com/symc_endpoint

antilles's picture
19
Jul
2007
0 Votes 0
Login to vote
antilles
Accredited

Yes, I'm aware of that.
Part of my questions regards unsupported or probably unsupported features, even so I'd like to test at least some of them to get wider knowledge about SSIM potential capabilities.
Antilles.

AL76's picture
11
Sep
2007
0 Votes 0
Login to vote
AL76
Symantec Employee
Accredited

I have done some work on this, using a JAVA application to update the respective look up table. Let me know if you are still keen on this.

Alan Lee

Principal Regional Product Manager, Enterprise Security Group, Symantec

antilles's picture
13
Sep
2007
0 Votes 0
Login to vote
antilles
Accredited

Yes, it's still an issue for me, maybe not critical but possibility of lookup table auto-update is quite desirable.
I've done this by modifying LDAP entries and it's generally works but due to lack of support for it I didn't use this in production environment.
Of course using Java application is more proper and better way to do that.

rafael.nunes's picture
24
Apr
2009
0 Votes 0
Login to vote
rafael.nunes

Auto-update of Custom User Lookup Table

Hi antilles, i have the same problem, i find some flies that reflect the same data of the lookup tables, when i change it on OS and restart the SSIM, the console don´t show the changes. Can you pass me your solution?

Regards,
Rafael.

rafael.nunes's picture
24
Apr
2009
0 Votes 0
Login to vote
rafael.nunes

Hi antilles, i have the same

Hi antilles, i have the same problem, i find some flies that reflect the same data of the lookup tables, when i change it on OS and restart the SSIM, the console don´t show the changes. Can you pass me your solution?

Regards,
Rafael.

antilles's picture
27
May
2009
1 Vote +1
Login to vote
antilles
Accredited

Hi Rafael, Those tables

Hi Rafael,

Those tables definitions and their content are stored in LDAP database, so you may use any LDAP browser to determine exact path to specific user lookup table and then you can write a script or other piece of code which helps you to automate update of this LDAP entry.

But you must be aware that - as Paul Murgatroyd wrote before - this solution is not supported so if you really need to use it, do it very carefully.

Regards,
Antilles

Intasunta N.'s picture
04
Jun
2009
0 Votes 0
Login to vote
Intasunta N.
Accredited

Thank antilles for your idea

Thank antilles for your idea

DVorel's picture
12
Oct
2009
0 Votes 0
Login to vote
DVorel

Is it working ?

Hi,

please, do you have working solution for this ?

I tried to modify lookup table in LDAP directly, but SSIM "locked" this modified table and thus table is not usable at all.

Thank you

Intasunta N.'s picture
13
Oct
2009
0 Votes 0
Login to vote
Intasunta N.
Accredited

Hi DVorel Have you login as

Hi DVorel

Have you login as root level of LDAP ?
Just make sure you've a right authorize level to modify the content.

DVorel's picture
13
Oct
2009
0 Votes 0
Login to vote
DVorel

Hi Intasunta Login seems work

Hi Intasunta

Login seems work fine and LDAP content is modified as well.

If I modify (add or delete) data in lookup table directly via LDAP (cisProperty), in GUI is this table completelly empty, even structure of lookup table is not visible. Restarts of GUI/SSIM, changes in symcMetaData, symcSequenceRevision or in /opt/Symantec/simserver/simcm/tables/*.tab files did not help.
Lookup table example (table name is testos):

dn: orderedCimKeys=Symc_Setting.SettingID\=testos,cn=Lookup
Tables,cn=Rule Eng
 ine,cn=SIM,ou=Administration,dc=sample,dc=ses,o=symc_ses
orderedCimKeys: Symc_Setting.SettingID=testos
cisProperty::
JXR5cGVzLHRleHQKJW5hbWVzLCJmZGFmZHNmYXNkZiIKCiJmZHNhZmFzZGZzZiI
 KImZkYWZzZGZhcyIKImZkYWZhZmFzZGZhc2Zhc2RmIgoiamtqbGoiCiJmZGFzZnNkZmFzZnNkZiI
 =
dlmCaption: testos
dlmDescription: Lookup Table
dlmSettingID: testos
objectclass: top
objectclass: dlm1ManagedElement
objectclass: dlm1Setting
objectclass: symc1Setting
objectclass: symc1SettingInstance
symcMetaData::
PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPENvbmZpZy
 ByZWFkT25seT0iZmFsc2UiIGVuYWJsZWQ9ImZhbHNlIiB2ZXJzaW9uPSIxIiBzY2hlbWFWZXJzaW
 9uPSIyIj4KICA8RGVzY3JpcHRpb24gLz4KICA8SGlzdG9yeT4KICAgIDxNb2RpZmljYXRpb24gdX
 Nlcj0iZHZvcmVsIiBkYXRlPSIxMjUyOTI3OTY0MDI1IiAvPgogICAgPE1vZGlmaWNhdGlvbiB1c2
 VyPSJkdm9yZWwiIGRhdGU9IjEyNTI5MjgwMzMxOTciIC8+CiAgICA8TW9kaWZpY2F0aW9uIHVzZX
 I9ImR2b3JlbCIgZGF0ZT0iMTI1MjkyODI3NTA1NiIgLz4KICAgIDxNb2RpZmljYXRpb24gdXNlcj
 0iZHZvcmVsIiBkYXRlPSIxMjUyOTI4NTEwODUzIiAvPgogICAgPE1vZGlmaWNhdGlvbiB1c2VyPS
 Jkdm9yZWwiIGRhdGU9IjEyNTI5Mjg3MzkxMTkiIC8+CiAgICA8TW9kaWZpY2F0aW9uIHVzZXI9Im
 R2b3JlbCIgZGF0ZT0iMTI1MjkyODg0NTc3NSIgLz4KICA8L0hpc3Rvcnk+CjwvQ29uZmlnPgoK
symcSequenceName: testos
symcSequenceRevision: 20090914114727.250Z


LDAP search example:

ldapsearch -h localhost  -Z -K /etc/symantec/ses/key.kdb -b "cn=Lookup Tables,cn=Rule Engine,cn=SIM,ou=Administration,dc=sample,dc=ses,o=symc_ses" -D 'USERID=ADMINISTRATOR,OU=PEOPLE,DC=SAMPLE,DC=SES,O=SYMC_SES' -w rootpassword   "objectclass=*"


I appreciate any help

DVorel's picture
19
Nov
2009
0 Votes 0
Login to vote
DVorel

None of you do not use

None of you do not use dynamic lookup tables (in some way, CLI / LDAP) ?

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,795