Data Loss Prevention

 View Only

  • 1.  LDAP Broken after upgrade to 11.6.2

    Posted Apr 22, 2013 07:09 PM

    Every time it seems that I upgrade DLP my custom attributes break. Right now if an incident comes in I have it set to email the users manager and to cc me on it. For some reason now it does not see the users manager through the custom attributes and when I go into the incident the whole attributes field is blank. If I click on the Lookup button it then populates the attributes field. So why is DLP not populating the attributes automatically?

     

    Here is part of the log.

    Apr 22, 2013 4:58:45 PM (SEVERE) Thread: 15 [com.vontu.enforce.workflow.attributes.AttributeLookupLoader.loadFromDatabase] Error loading plugin [LDAP Connection]
    java.lang.ClassNotFoundException: com.vontu.directory.ldap.LdapLookup
        at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
        at com.vontu.enforce.workflow.attributes.ldap.LdapLookupFactory.<init>(LdapLookupFactory.java:22)
        at com.vontu.enforce.workflow.attributes.ldap.LdapLookupFactoryInitializer.getLookupFactory(LdapLookupFactoryInitializer.java:41)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.createPluginFactory(AttributeLookupLoader.java:107)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.loadFromDatabase(AttributeLookupLoader.java:91)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.getPluginChain(AttributeLookupLoader.java:69)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader$$FastClassByCGLIB$$80368f70.invoke(<generated>)
        at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
        at org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:688)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:621)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader$$EnhancerByCGLIB$$34f2cfd.getPluginChain(<generated>)
        at com.vontu.enforce.workflow.attributes.CustomAttributeLookup.doReloadPlugins(CustomAttributeLookup.java:137)
        at com.vontu.enforce.workflow.attributes.CustomAttributeLookup.reloadPlugins(CustomAttributeLookup.java:580)
        at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.reloadPlugins(ReloadLookupPluginsListener.java:76)
        at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.access$300(ReloadLookupPluginsListener.java:26)
        at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener$ReloadEventHandler.run(ReloadLookupPluginsListener.java:121)
        at com.vontu.util.concurrent.QueueingTask.performWork(QueueingTask.java:41)
        at com.vontu.util.concurrent.WorkerThread.run(WorkerThread.java:57)
    Apr 22, 2013 4:58:45 PM (SEVERE) Thread: 15 [com.vontu.enforce.workflow.attributes.AttributeLookupLoader.loadFromDatabase] Error loading plugin [Charlie LDAP Lookup]
    java.lang.ClassNotFoundException: com.vontu.directory.ldap.LdapLookup
        at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
        at com.vontu.enforce.workflow.attributes.ldap.LdapLookupFactory.<init>(LdapLookupFactory.java:22)
        at com.vontu.enforce.workflow.attributes.ldap.LdapLookupFactoryInitializer.getLookupFactory(LdapLookupFactoryInitializer.java:41)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.createPluginFactory(AttributeLookupLoader.java:107)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.loadFromDatabase(AttributeLookupLoader.java:91)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.getPluginChain(AttributeLookupLoader.java:69)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader$$FastClassByCGLIB$$80368f70.invoke(<generated>)
        at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
        at org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:688)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:621)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader$$EnhancerByCGLIB$$34f2cfd.getPluginChain(<generated>)
        at com.vontu.enforce.workflow.attributes.CustomAttributeLookup.doReloadPlugins(CustomAttributeLookup.java:137)
        at com.vontu.enforce.workflow.attributes.CustomAttributeLookup.reloadPlugins(CustomAttributeLookup.java:580)
        at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.reloadPlugins(ReloadLookupPluginsListener.java:76)
        at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.access$300(ReloadLookupPluginsListener.java:26)
        at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener$ReloadEventHandler.run(ReloadLookupPluginsListener.java:121)
        at com.vontu.util.concurrent.QueueingTask.performWork(QueueingTask.java:41)
        at com.vontu.util.concurrent.WorkerThread.run(WorkerThread.java:57)
    Apr 22, 2013 4:58:45 PM (SEVERE) Thread: 15 [com.vontu.enforce.workflow.attributes.AttributeLookupLoader.loadFromDatabase] Error loading plugin [Alpha LDAP Lookup]
    java.lang.ClassNotFoundException: com.vontu.directory.ldap.LdapLookup
        at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
        at com.vontu.enforce.workflow.attributes.ldap.LdapLookupFactory.<init>(LdapLookupFactory.java:22)
        at com.vontu.enforce.workflow.attributes.ldap.LdapLookupFactoryInitializer.getLookupFactory(LdapLookupFactoryInitializer.java:41)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.createPluginFactory(AttributeLookupLoader.java:107)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.loadFromDatabase(AttributeLookupLoader.java:91)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader.getPluginChain(AttributeLookupLoader.java:69)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader$$FastClassByCGLIB$$80368f70.invoke(<generated>)
        at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
        at org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:688)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:621)
        at com.vontu.enforce.workflow.attributes.AttributeLookupLoader$$EnhancerByCGLIB$$34f2cfd.getPluginChain(<generated>)
        at com.vontu.enforce.workflow.attributes.CustomAttributeLookup.doReloadPlugins(CustomAttributeLookup.java:137)
        at com.vontu.enforce.workflow.attributes.CustomAttributeLookup.reloadPlugins(CustomAttributeLookup.java:580)
        at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.reloadPlugins(ReloadLookupPluginsListener.java:76)
        at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.access$300(ReloadLookupPluginsListener.java:26)
        at com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener$ReloadEventHandler.run(ReloadLookupPluginsListener.java:121)
        at com.vontu.util.concurrent.QueueingTask.performWork(QueueingTask.java:41)
        at com.vontu.util.concurrent.WorkerThread.run(WorkerThread.java:57)
    Apr 22, 2013 4:58:45 PM (INFO) Thread: 15 [com.vontu.logging.LocalLogWriter.write] No Custom Attribute Lookup Plug-in was loaded. No Custom Attribute Lookup Plug-in was found.
    Apr 22, 2013 4:58:45 PM (INFO) Thread: 15 [com.vontu.enforce.workflow.attributes.notification.ReloadLookupPluginsListener.reloadPlugins] Custom Attribute Lookup plugin reload requested, but no plugins found.
     

     



  • 2.  RE: LDAP Broken after upgrade to 11.6.2

    Trusted Advisor
    Posted Apr 23, 2013 01:25 AM

    Mike,

     

    Did this happen after upgrading from V11.5 to V11.6.x??

    If so then you should know that the LDAP config is now in the UI. Make sure that you verify the Group Directory Credential section in the System Settings. This is where the Upgrade is now storing the credentials.

    Verify that the connection still works. You may need to adjust the BaseDN settings to make sure that it is correct. Also make sure that the BaseDN is correct.

    Also veriy the LDAP plugin setting to make sure that you rearrange the order of the lookup that happens. During the upgrade the LDAP lookup order is re-arranged. (Bad)

    Send some screen shots and let me see if I can help again

    Here are some of my other instructions:

    https://www-secure.symantec.com/connect/forums/dlp-116-liveldaplookup

    https://www-secure.symantec.com/connect/forums/configuring-ldap-custom-attributes

     

    Please call this solved if I answered your questions

     



  • 3.  RE: LDAP Broken after upgrade to 11.6.2

    Trusted Advisor
    Posted Apr 23, 2013 02:23 AM

    hi mike

     

    there is an eTrack already open on it (at least it looks to be the same). there is a workaround there

    https://kb-vontu.altiris.com/display/1/index.asp?aid=&cat=&catURL=&r=0.5844843

    if you didnt already correct it.

     

     regards.



  • 4.  RE: LDAP Broken after upgrade to 11.6.2

    Posted Apr 23, 2013 08:31 AM
      |   view attached

    Hello Stephane, the link does not take me to anything.

     

    @DLP Solutions, thanks for replying back. I remember you helping before. I upgraded from 11.6.1 to 11.6.2.

    Everything seems to work just fine except DLP is not auto populating the attribute fields in the incident which causes the email to the managers to not go out. Everything worked just fine in 11.6.1 but upgrade to 11.6.2 and everything is broken. If I do go into the incident and click on lookup everything gets populated. It is really strange that DLP is not doing this on its own.

    Since my enterprise consists of three domains I did unload 2 lookup plugins and left 1 and then tried to create an incident with the same results.

     

    Here is my attribute mapping which did work in 11.6.1 and I have included a screenshot of my connections.

    attr.TempEmployee=:(|(mail=$sender-email$)(sAMAccountName=$file-owner$)(sAMAccountName=$UserName$)):distinguishedName
    attr.TempManager=:(|(mail=$sender-email$)(sAMAccountName=$file-owner$)(sAMAccountName=$UserName$)):manager
    attr.Manager\ Name=:(distinguishedName=$TempManager$):name
    attr.Employee\ Dept=:(distinguishedName=$TempEmployee$):department
    attr.Manager\ Email=:(distinguishedName=$TempManager$):mail
    attr.Employee\ Email=:(distinguishedName=$TempEmployee$):mail
    attr.Employee\ Office=:(distinguishedName=$TempEmployee$):physicalDeliveryOfficeName
    attr.Manager\ Title=:(distinguishedName=$TempManager$):title
    attr.Employee\ Name=:(distinguishedName=$TempEmployee$):name
    attr.Employee\ Title=:(distinguishedName=$TempEmployee$):title
    attr.Manager\ Phone=:(distinguishedName=$TempManager$):telephoneNumber
    attr.Employee\ Phone=:(distinguishedName=$TempEmployee$):telephoneNumbe



  • 5.  RE: LDAP Broken after upgrade to 11.6.2
    Best Answer

    Trusted Advisor
    Posted Apr 23, 2013 08:33 AM

    mike,

     

     sorry for link error, so i paste and copy KB article (it is the official KB 56231). It seems you just need to copy a jar file to correct this issue.

    ---------------

    Automatic Lookup for LDAP lookup plugin not working after upgrading to 11.6.2

     

    Applies To
     
      • Enforce 11.0
    • Vontu Enforce Enforce

     

     

     

    Problem Summary
     
      After upgrading DLP to version 11.6.2 Automatic lookup for LDAP plugin no longer work.

    However Manual Lookups work fine.

     

     

    The setting for Automatic lookups is within the plugins.properties file. 
    com.vontu.api.incident.attributes.AttributeLookup.auto=true

     

     

    Solution
     
     

    ***** The following workaround has been provided *****

    The directory.jar file does not exist under \SymantecDLP\Protect\plugins folder <or> \Vontu\Protect\plugins depending on what version of DLP you started with.

    Steps for Windows Enforce server
    1) Copy <Do not Move> the directory.jar file from \Protect\lib\jar folder and paste it under the \Protect\plugins folder.
    2) Reload the Lookup Plugins from the console via System > Lookup Plugins > Reload Plugins

    Steps for Linux Enforce server
    1) Putty to Enforce and logon as root
    2) Determine where your DLP directory is located /opt/Vontu or /opt/SymantecDLP
    <test  ls /opt/Vontu  or   ls /opt/SymantecDLP>
    3) <Copy directory.jar to plugins directory>
        cp /opt/SymantecDLP/Protect/lib/jar/directory.jar /opt/SymantecDLP/Protect/plugins
    4) <change file permissions to protect> 
        chown protect:protect /opt/SymantecDLP/Protect/plugins/directory.jar
    5) Reload the Lookup Plugins from the console via System > Lookup Plugins > Reload Plugins

     

     

    This issue has been tracked as a defect per eTrack 3149391 - Issue is projected to be fixed in a future version.

     



  • 6.  RE: LDAP Broken after upgrade to 11.6.2

    Posted Apr 23, 2013 08:39 AM

    Stephane, that WORKED! 

     

    Thank you very much for sharing that information. Still cannot figure out why every single update lately breaks LDAP or something to do with LDAP.

     

    I really appreciate your help on this and I have marked the thread accordingly.