Video Screencast Help

Problem creating User Groups from Lotus LDAP Directory.

Created: 28 Dec 2012 | 7 comments
Artem's picture

Hello everyone,

I use Symantec DLP v. 11.6.1.

I should to create User Groups for add Group rules and Group exceptions in policies. It works fine If I use Microsoft Active Directory as source for Directory Connection. But it doesn't work if I use Lotus LDAP as source for Directory Connection.

My steps:

  1. I created Directory Connection with Lotus LDAP as source.

It's created successfully if I use base DN:

 

And it isn't created if I use empty base DN:

It is unpleasant, but it is not the main issue.

 

  1. I'm trying to create User group (Manage > Policies > User Groups).

But I don't see any values from the LDAP catalogue:

It doesn't work with Lotus but it works fine with Microsoft AD. Someone uses a User Groups from Lotus LDAP Group Directory? How to configure it?

P.S. LDAP Lookup Plugin works correctly with both catalogues (Lotus and MS AD).

 

---
Best regards, Artem.

Comments 7 CommentsJump to latest comment

kishorilal1986's picture

Hi Artem,

plz refer

This change happened as part of support for new endpoint events.

  • E-mail/SMTP (renamed from just SMTP)
  • HTTP
  • HTTPS/SSL (renamed from just SSL)
  • IM:MSN
  • IM:AIM
  • IM:Yahoo
  • FTP

To enable both, update the Plugins.properties as the example below, paying attention to the highlighted portions:

 

# Inductor plug-ins.
# A comma-separated list of accepted inductor plug-ins specified in Specification-Title attribute
# of plug-in JAR manifest. JAR manifest should also specify Protect-Minimum-Version such as 4.0.0.0.
com.vontu.messaging.induction.Inductor.plugins=Vontu CopyRule Inductor,Vontu FileScan Inductor,Vontu ICAP Inductor,Vontu Inline SMTP Inductor,Vontu PacketCapture Inductor,Vontu Discover Inductor,Vontu Aggregator Inductor,Vontu Lotus Notes Crawler,Vontu Classification Inductor,NCSO.jar,Notes.jar

Artem's picture

Hello K S Sharma,

The file Plugins.properties has absolutely identical string.
I contacted with Symantec Support Team and I got the following answer:

I asked backline about this problem and we do not support synching with any other directory server but AD

---
Best regards, Artem.
 

kishorilal1986's picture

 

Artem,

I think u should again contact symantec sales manager/team for this issue as above responce is not expected. I hopw they will atleast guide u /support u regarding this issue.

AlexLU's picture

Hi Artem,

Did you managed to get it working?

 

I think i'll face the same problem (even if i'm not at this step yet)

 

Regards,

Alexandre.

Artem's picture

Hello Alexandre,

Unfortunately, I didn't find solution. The last version of the DLP system (11.6.2) has a new parameter: com.vontu.manager.directorybrowser.timeout_ms - the timeout period for an Active Directory search operation. I also tried to change this parameter, but my action didn't give the positive result.

---
Best regards, Artem.

kishorilal1986's picture

Hi Artem,

Is ur problem is resolved ? Let us know if u need more on this

Artem's picture

Hello K S Sharma,

Sorry, but I don't understand your question. Did you see previous message?
The problem didn't resolve. Symantec Support Team answered that Symantec DLP system doesn't support syncing with any other directory server but AD.
Ofcourse I need more. I need a solution. I hope it will be available in future releases.