Data Loss Prevention

I have a SharePoint farm on a DMZ that uses forms authentication. SharePoint 2007, pre-SP1.

Today I setup the DLP 12 farm solution. When I tried to scan using server admin/farm admin credentials, I received the instant failure with the error:

"Failed to complete Site: https://www.serverdomain.com; error: Failed to initialize scan for content root https://www.serverdomain.com. Reason: Unknown error. See the log files for details."

I dug into the log files and see this: in ZIP\Network_discover_01\logs\debug\FileRead0.log.

SEVERE: Unknown error. See the log files for details.
com.vontu.discover.repository.RepositoryException: Unknown error. See the log files for details.
    at com.vontu.entropycrawler.BaseExceptionHandler$DefaultExceptionCreator.createException(BaseExceptionHandler.java:339)
    at com.vontu.entropycrawler.BaseExceptionHandler.createRepositoryException(BaseExceptionHandler.java:133)
    at com.vontu.entropycrawler.BaseExceptionHandler.createRepositoryException(BaseExceptionHandler.java:122)
    at com.vontu.entropycrawler.sharepoint.SiteCollectionUrlFetcher.getSiteCollectionUrls(SiteCollectionUrlFetcher.java:73)
    at com.vontu.entropycrawler.sharepoint.SiteCollectionIterator.addChildSiteCollectionUrls(SiteCollectionIterator.java:107)
    at com.vontu.entropycrawler.sharepoint.SiteCollectionIterator.addSiteCollectionUrlsIfWebApplication(SiteCollectionIterator.java:102)
    at com.vontu.entropycrawler.sharepoint.SiteCollectionIterator.<init>(SiteCollectionIterator.java:37)
    at com.vontu.entropycrawler.sharepoint.SharePointContentRootProvider.<init>(SharePointContentRootProvider.java:44)
    at com.vontu.entropycrawler.sharepoint.SharePointContentRootProviderFactory.create(SharePointContentRootProviderFactory.java:21)
    at com.vontu.discover.crawler.framework.RepositoryCrawler.createSortedContentRootProviders(RepositoryCrawler.java:319)
    at com.vontu.discover.crawler.framework.RepositoryCrawler.crawl(RepositoryCrawler.java:288)
    at com.vontu.discover.crawler.framework.RepositoryCrawler$CrawlerThread.run(RepositoryCrawler.java:203)
Caused by: net.entropysoft.BaseException: /_layouts/login.aspx?ReturnUrl=%2f_vti_bin%2fEntropysoft%2fsharepointConnector-symantec-dlp-12.0.asmx
    at net.entropysoft.eci.sharepoint.ws.webservices.ExceptionConverter.handleException(ExceptionConverter.java:87)
    at net.entropysoft.eci.sharepoint.ws.SharepointContentProvider.setConnector(SharepointContentProvider.java:274)
    at net.entropysoft.eci.sharepoint.ws.SharepointContentProvider.<init>(SharepointContentProvider.java:214)
    at net.entropysoft.eci.sharepoint.ws.SharepointContentProviderFactory.doDiscover(SharepointContentProviderFactory.java:40)
    at net.entropysoft.eci.spi.BaseDiscoveryContentProviderFactory.discover(BaseDiscoveryContentProviderFactory.java:30)
    at com.vontu.entropycrawler.sharepoint.SiteCollectionUrlFetcher.getSiteCollectionUrls(SiteCollectionUrlFetcher.java:45)
    ... 8 more
Caused by: (302)Found
    at net.entropysoft.common.axis.handlers.RelaxedSSLCommonsHTTPSender.invoke(RelaxedSSLCommonsHTTPSender.java:317)
    at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
    at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
    at org.apache.axis.client.Call.invoke(Call.java:2767)
    at org.apache.axis.client.Call.invoke(Call.java:2443)
    at org.apache.axis.client.Call.invoke(Call.java:2366)
    at org.apache.axis.client.Call.invoke(Call.java:1812)
    at net.entropysoft.eci.sharepoint.ws.generated.SharepointServiceSoapStub.getWebServiceVersion(SharepointServiceSoapStub.java:2983)
    at net.entropysoft.eci.sharepoint.ws.SharepointContentProvider.getWebServiceVersion(SharepointContentProvider.java:386)
    at net.entropysoft.eci.sharepoint.ws.SharepointContentProvider.checkWebServiceVersion(SharepointContentProvider.java:333)
    at net.entropysoft.eci.sharepoint.ws.SharepointContentProvider.setConnector(SharepointContentProvider.java:262)
    ... 12 more
Nov 13, 2013 2:42:17 PM com.vontu.discover.crawler.framework.RepositoryCrawler crawl

The bolded point is why I am surmising that DLP has no way to get past the forms authentication. I can visit that URL after login with the same credentials, and everything works. I don't think that the network structure (different domain, firewalls, etc) has anything to do with it because this scanning should be happening via web service over SSL.

Does anyone know how to get this working?

Defaultly, the DLP discover can only scan a web server with basic authentication method.

But, you can change the configuration file to support form-based authentication.

Just change the option from LoginMethod = AUTHENTICATE into LoginMethod = FORMPOST

I read the information about installing the web scanner and discarded it for a couple of reasons.

1. The SharePoint Farm solution is the newer/better way. Better because it uses the API to access the data instead of traditional crawling. My external SharePoint farm is not entirely linked from start to finish and I would have to find all of the orphans in order to have a successful crawl.

2. The web scanner (SymantecDLPScanners_Windows_x32_12.0.exe) is 32bit and I have not found a 64bit version.

Is there really not a 64bit version of the scanner?

Any other work-arounds? The farm solution works well on non-form-authenticated sharepoint farms.