Data Loss Prevention

 View Only

  • 1.  Unable to decrypt password with cryptographic key 1

    Posted Aug 03, 2012 06:04 AM
      |   view attached

    Hi!

    We receive Network Discover error when creating discover target on Windows Server (file share)

    After we start the scan, "Unable to decrypt password with cryptographic key 1" error occurs (see screenshot)

    Manual mapping this share from Discover and Enforce servers with the same security credentials works fine.

    What can cause this error?

    P.S. DLP version 11.5, installed on Windows Server 2008



  • 2.  RE: Unable to decrypt password with cryptographic key 1

    Posted Aug 03, 2012 12:13 PM

    Are there any errors in your Tomcat logs (localhost.yyyy-mm-dd.log) related to keystore rotation?



  • 3.  RE: Unable to decrypt password with cryptographic key 1

    Posted Aug 03, 2012 12:18 PM

    ...and if so, a recycle of the VontuMonitorController service on Enforce might help.



  • 4.  RE: Unable to decrypt password with cryptographic key 1

    Posted Aug 04, 2012 12:31 AM

    Hi Alexander

    Please logs of such error and take help of ssymnatec support team since its crtical issue and can be compromised easily. I am sure they will help you regarding this error since its know error.



  • 5.  RE: Unable to decrypt password with cryptographic key 1

    Posted Aug 06, 2012 05:17 AM

    We create another scan target (\data\!Public\) and have the same error. In ScanDetail-TemirFS0.log (attached) we can see, that 

    06.08.2012 7:23:22","INFO","TemirFS 08/06/12 - 9:27 AM","STARTED_SEGMENT","\\172.25.9.21\data\!Public","0","","","",""


    "06.08.2012 7:23:22","WARNING","TemirFS 08/06/12 - 9:27 AM","FAILED_ITEM","\\172.25.9.21\data\!Public","0","Access is denied -- ‘Ёб⥬­ п ®иЁЎЄ  86. ‘ҐвҐў®© Ї а®«м гЄ § ­ ­ҐўҐа­®.","","",""

    (in russian, "System Error 86. Network Password Incorrect")


    "06.08.2012 7:23:22","INFO","TemirFS 08/06/12 - 9:27 AM","FAILED_SEGMENT","\\172.25.9.21\data\!Public","0","Access is denied -- ‘Ёб⥬­ п ®иЁЎЄ  86. ‘ҐвҐў®© Ї а®«м гЄ § ­ ­ҐўҐа­®.","","",""

    (in russian, "System Error 86. Network Password Incorrect")

    But we can easy map this network share via Windows Explorer with the same security credentials!

    And we have NULL SID error in EventLog on target server when DLP attempts to scan the share (websense2.txt, attached).

    What's wrong with DLP settings? 

    P.S. There is a pound sign character in password, but as i read in admin guide, this is acceptable symbol for passwords in Discovery credentials

    Attachment(s)

    txt
    ScanDetail-TemirFS0.log_.txt   20 KB 1 version
    txt
    websense2.txt.txt   1 KB 1 version