Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrades.
Please accept our apologies in advance for any inconvenience this might cause.

LDAP Lookup Plugin and Group Directories settings in the Symantec DLP v11.6 and 11.6.1

Created: 09 Nov 2012 | 6 comments
Artem's picture

Hello all,

I found a small bug in the Symantec DLP v.11.6 and 11.6.1 and want to share a workaround.

 

I configured a Group Directory Connection with following parameters:

When I clicked a button "Test connection" I got a message "Directory Connection tested successfully".

 

When I configured LDAP Lookup Plugin I got 'ok' messages and a detailed Custom Attribute Lookup Logging were logs were ok.  But the custom attributes in incident snapshots were empty.

 

Finally, I changed the Group Directory Connection. I deleted the space in the Base DN string:

And the LDAP Lookup Plugin started to work correctly.

Be careful: the Base DN string in the Group Directories Connection settings must be without spaces.

I hope my message will be useful.

 

---
Best regards,
Artem.

Comments 6 CommentsJump to latest comment

yang_zhang's picture

Great work!

If a forum post solves your problem, please flag it as a solution. If you like an article, blog post or download vote it up.
e401d1's picture

Where do you modify or delete the Directory connection?  I need to change mine and can't find where to do it.

Artem's picture

If you want to change the Group Directory Connection that used in policies or LDAP lookup plugins, you can do it on the page System > Settings > Group Directories: