Video Screencast Help


Created: 06 Apr 2013 • Updated: 09 Apr 2013 | 5 comments
DLP Enthusiast's picture
This issue has been solved. See solution.

Dear All ,

Im using Endpoint Prevent and the LDAP seems to be non functional .. I'm not able to see the employee details on the Incident snapshot page . I noticed that the connection between Enforce and AD wasn't functional due to incorrect password. Now, i've put the right password and tested the connection and it says that the connection is succesful .

But the problem is, Im still not able to see the user details on the Incident Snapshot page ..

What could be the problem .. ?

Operating Systems:

Comments 5 CommentsJump to latest comment

yang_zhang's picture

What kind of Endpoint Incidents you mentioned? It seems that all kind of endpoint incidents will get the endpoint user name as a default incident attribute.

If a forum post solves your problem, please flag it as a solution. If you like an article, blog post or download vote it up.
stephane.fichet's picture

hi muzamil,

 are you talking about custom attributes or default incident attributes ? which user details do you expect ?


DLP Enthusiast's picture

The details from the Active Directory as we have it in Sync .

DLP Enthusiast's picture

Hey guys ,

I tested the connection between the AD and DLP from System --> Group Directories, found out that the Credentials were being rejected as incorrect .. Then I investigated with the support team that paswords get expired every three months and all the users etc have to change there paswords after the end of three months.

Normally, we do not re-enter the credentials assuming them to be correct and try investigating with the firewall and trying to find open port between AD and DLP, thus time is wasted. So the first step can be to re enter the credentials and then follow up with other processes.

So for me, the solution was to re enter the credentials and test the connection between AD and DLP .

Impact: The time duration when the LDAP look up was down, the incidents get stored a "UNKNOWN" wh en I filter incidents by User First Name / Business Unit. We have to select all such incidents and perform an Attribute LookUp through the Incident Actions.

I hope this will help the other users as well !