Video Screencast Help

LDAP Broken after upgrade to 11.6.2

Created: 22 Apr 2013 • Updated: 23 Apr 2013 | 5 comments
This issue has been solved. See solution.

Every time it seems that I upgrade DLP my custom attributes break. Right now if an incident comes in I have it set to email the users manager and to cc me on it. For some reason now it does not see the users manager through the custom attributes and when I go into the incident the whole attributes field is blank. If I click on the Lookup button it then populates the attributes field. So why is DLP not populating the attributes automatically?

 

Here is part of the log.

Apr 22, 2013 4:58:45 PM (SEVERE) Thread: 15 [com.vontu.enforce.workflow.attributes.AttributeLookupLoader.loadFromDatabase] Error loading plugin [LDAP Connection]
java.lang.ClassNotFoundException: com.vontu.directory.ldap.LdapLookup
    at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
    at com.vontu.enforce.workflow.attributes.ldap.LdapLookupFactory.<init>(LdapLookupFactory.java:22)
    at com.vontu.enforce.workflow.attributes.ldap.LdapLookupFactoryInitializer.getLookupFactory(LdapLookupFactoryInitializer.java:41)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.createPluginFactory(AttributeLookupLoader.java:107)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.loadFromDatabase(AttributeLookupLoader.java:91)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.getPluginChain(AttributeLookupLoader.java:69)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader$$FastClassByCGLIB$$80368f70.invoke(<generated>)
    at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
    at org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:688)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
    at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
    at org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:621)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader$$EnhancerByCGLIB$$34f2cfd.getPluginChain(<generated>)
    at com.vontu.enforce.workflow.attributes.CustomAttributeLookup.doReloadPlugins(CustomAttributeLookup.java:137)
    at com.vontu.enforce.workflow.attributes.CustomAttributeLookup.reloadPlugins(CustomAttributeLookup.java:580)
    at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.reloadPlugins(ReloadLookupPluginsListener.java:76)
    at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.access$300(ReloadLookupPluginsListener.java:26)
    at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener$ReloadEventHandler.run(ReloadLookupPluginsListener.java:121)
    at com.vontu.util.concurrent.QueueingTask.performWork(QueueingTask.java:41)
    at com.vontu.util.concurrent.WorkerThread.run(WorkerThread.java:57)
Apr 22, 2013 4:58:45 PM (SEVERE) Thread: 15 [com.vontu.enforce.workflow.attributes.AttributeLookupLoader.loadFromDatabase] Error loading plugin [Charlie LDAP Lookup]
java.lang.ClassNotFoundException: com.vontu.directory.ldap.LdapLookup
    at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
    at com.vontu.enforce.workflow.attributes.ldap.LdapLookupFactory.<init>(LdapLookupFactory.java:22)
    at com.vontu.enforce.workflow.attributes.ldap.LdapLookupFactoryInitializer.getLookupFactory(LdapLookupFactoryInitializer.java:41)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.createPluginFactory(AttributeLookupLoader.java:107)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.loadFromDatabase(AttributeLookupLoader.java:91)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.getPluginChain(AttributeLookupLoader.java:69)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader$$FastClassByCGLIB$$80368f70.invoke(<generated>)
    at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
    at org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:688)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
    at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
    at org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:621)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader$$EnhancerByCGLIB$$34f2cfd.getPluginChain(<generated>)
    at com.vontu.enforce.workflow.attributes.CustomAttributeLookup.doReloadPlugins(CustomAttributeLookup.java:137)
    at com.vontu.enforce.workflow.attributes.CustomAttributeLookup.reloadPlugins(CustomAttributeLookup.java:580)
    at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.reloadPlugins(ReloadLookupPluginsListener.java:76)
    at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.access$300(ReloadLookupPluginsListener.java:26)
    at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener$ReloadEventHandler.run(ReloadLookupPluginsListener.java:121)
    at com.vontu.util.concurrent.QueueingTask.performWork(QueueingTask.java:41)
    at com.vontu.util.concurrent.WorkerThread.run(WorkerThread.java:57)
Apr 22, 2013 4:58:45 PM (SEVERE) Thread: 15 [com.vontu.enforce.workflow.attributes.AttributeLookupLoader.loadFromDatabase] Error loading plugin [Alpha LDAP Lookup]
java.lang.ClassNotFoundException: com.vontu.directory.ldap.LdapLookup
    at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
    at com.vontu.enforce.workflow.attributes.ldap.LdapLookupFactory.<init>(LdapLookupFactory.java:22)
    at com.vontu.enforce.workflow.attributes.ldap.LdapLookupFactoryInitializer.getLookupFactory(LdapLookupFactoryInitializer.java:41)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.createPluginFactory(AttributeLookupLoader.java:107)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.loadFromDatabase(AttributeLookupLoader.java:91)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.getPluginChain(AttributeLookupLoader.java:69)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader$$FastClassByCGLIB$$80368f70.invoke(<generated>)
    at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
    at org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:688)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
    at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
    at org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:621)
    at com.vontu.enforce.workflow.attributes.AttributeLookupLoader$$EnhancerByCGLIB$$34f2cfd.getPluginChain(<generated>)
    at com.vontu.enforce.workflow.attributes.CustomAttributeLookup.doReloadPlugins(CustomAttributeLookup.java:137)
    at com.vontu.enforce.workflow.attributes.CustomAttributeLookup.reloadPlugins(CustomAttributeLookup.java:580)
    at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.reloadPlugins(ReloadLookupPluginsListener.java:76)
    at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.access$300(ReloadLookupPluginsListener.java:26)
    at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener$ReloadEventHandler.run(ReloadLookupPluginsListener.java:121)
    at com.vontu.util.concurrent.QueueingTask.performWork(QueueingTask.java:41)
    at com.vontu.util.concurrent.WorkerThread.run(WorkerThread.java:57)
Apr 22, 2013 4:58:45 PM (INFO) Thread: 15 [com.vontu.logging.LocalLogWriter.write] No Custom Attribute Lookup Plug-in was loaded. No Custom Attribute Lookup Plug-in was found.
Apr 22, 2013 4:58:45 PM (INFO) Thread: 15 [com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.reloadPlugins] Custom Attribute Lookup plugin reload requested, but no plugins found.
 

 

Operating Systems:

Comments 5 CommentsJump to latest comment

DLP Solutions's picture

Mike,

 

Did this happen after upgrading from V11.5 to V11.6.x??

If so then you should know that the LDAP config is now in the UI. Make sure that you verify the Group Directory Credential section in the System Settings. This is where the Upgrade is now storing the credentials.

Verify that the connection still works. You may need to adjust the BaseDN settings to make sure that it is correct. Also make sure that the BaseDN is correct.

Also veriy the LDAP plugin setting to make sure that you rearrange the order of the lookup that happens. During the upgrade the LDAP lookup order is re-arranged. (Bad)

Send some screen shots and let me see if I can help again

Here are some of my other instructions:

https://www-secure.symantec.com/connect/forums/dlp...

https://www-secure.symantec.com/connect/forums/con...

 

Please call this solved if I answered your questions

 

Please make sure to mark this as a solution

to your problem, when possible.

 

stephane.fichet's picture

hi mike

 

there is an eTrack already open on it (at least it looks to be the same). there is a workaround there

https://kb-vontu.altiris.com/display/1/index.asp?aid=&cat=&catURL=&r=0.5844843

if you didnt already correct it.

 

 regards.

Mike S.'s picture

Hello Stephane, the link does not take me to anything.

 

@DLP Solutions, thanks for replying back. I remember you helping before. I upgraded from 11.6.1 to 11.6.2.

Everything seems to work just fine except DLP is not auto populating the attribute fields in the incident which causes the email to the managers to not go out. Everything worked just fine in 11.6.1 but upgrade to 11.6.2 and everything is broken. If I do go into the incident and click on lookup everything gets populated. It is really strange that DLP is not doing this on its own.

Since my enterprise consists of three domains I did unload 2 lookup plugins and left 1 and then tried to create an incident with the same results.

 

Here is my attribute mapping which did work in 11.6.1 and I have included a screenshot of my connections.

attr.TempEmployee=:(|(mail=$sender-email$)(sAMAccountName=$file-owner$)(sAMAccountName=$UserName$)):distinguishedName
attr.TempManager=:(|(mail=$sender-email$)(sAMAccountName=$file-owner$)(sAMAccountName=$UserName$)):manager
attr.Manager\ Name=:(distinguishedName=$TempManager$):name
attr.Employee\ Dept=:(distinguishedName=$TempEmployee$):department
attr.Manager\ Email=:(distinguishedName=$TempManager$):mail
attr.Employee\ Email=:(distinguishedName=$TempEmployee$):mail
attr.Employee\ Office=:(distinguishedName=$TempEmployee$):physicalDeliveryOfficeName
attr.Manager\ Title=:(distinguishedName=$TempManager$):title
attr.Employee\ Name=:(distinguishedName=$TempEmployee$):name
attr.Employee\ Title=:(distinguishedName=$TempEmployee$):title
attr.Manager\ Phone=:(distinguishedName=$TempManager$):telephoneNumber
attr.Employee\ Phone=:(distinguishedName=$TempEmployee$):telephoneNumbe

base2.jpg
stephane.fichet's picture

mike,

 

 sorry for link error, so i paste and copy KB article (it is the official KB 56231). It seems you just need to copy a jar file to correct this issue.

---------------

Automatic Lookup for LDAP lookup plugin not working after upgrading to 11.6.2

 

Applies To
 
  • Enforce 11.0
• Vontu Enforce Enforce

 

 

 

Problem Summary
 
  After upgrading DLP to version 11.6.2 Automatic lookup for LDAP plugin no longer work.

However Manual Lookups work fine.

 

 

The setting for Automatic lookups is within the plugins.properties file. 
com.vontu.api.incident.attributes.AttributeLookup.auto=true

 

 

Solution
 
 

***** The following workaround has been provided *****

The directory.jar file does not exist under \SymantecDLP\Protect\plugins folder <or> \Vontu\Protect\plugins depending on what version of DLP you started with.

Steps for Windows Enforce server
1) Copy <Do not Move> the directory.jar file from \Protect\lib\jar folder and paste it under the \Protect\plugins folder.
2) Reload the Lookup Plugins from the console via System > Lookup Plugins > Reload Plugins

Steps for Linux Enforce server
1) Putty to Enforce and logon as root
2) Determine where your DLP directory is located /opt/Vontu or /opt/SymantecDLP
<test  ls /opt/Vontu  or   ls /opt/SymantecDLP>
3) <Copy directory.jar to plugins directory>
    cp /opt/SymantecDLP/Protect/lib/jar/directory.jar /opt/SymantecDLP/Protect/plugins
4) <change file permissions to protect> 
    chown protect:protect /opt/SymantecDLP/Protect/plugins/directory.jar
5) Reload the Lookup Plugins from the console via System > Lookup Plugins > Reload Plugins

 

 

This issue has been tracked as a defect per eTrack 3149391 - Issue is projected to be fixed in a future version.

 

SOLUTION
Mike S.'s picture

Stephane, that WORKED! 

 

Thank you very much for sharing that information. Still cannot figure out why every single update lately breaks LDAP or something to do with LDAP.

 

I really appreciate your help on this and I have marked the thread accordingly.