Data Loss Prevention

Good day! Help solve the problem: SymDLP does not see the directories and users with openldap. Test connection passes, and when you create a user group, the void.

ou=People,DC=name1,DC=Name2.ru

User Groups

log : Thread: 190 INFO [org.springframework.ldap.control.AbstractRequestControlDirContextProcessor] No matching response control found - looking for 'class javax.naming.ldap.PagedResultsResponseControl

P.S. with AD of such problems there is no, all catalogs and users are visible.

Evgeny,

This might be related to a Bug that others on this forum have seen. 

Apparently there is a hotfix for showing Russian Characters in the UI..in V15

https://www.symantec.com/connect/forums/question-marks-instead-russian-letters-ad-tree

COntact the Support team and they should have something to you pretty fast,..

Good Luck,

Ronak

PLEASE MARKED SOLVED WHEN POSSIBLE

Ronak,

Thanks for the reply, but I already put hotfix, it fixes the display of UTF-8 names.

The matter is I don't see category and users in openldap.

In technical support wrote, await the answer.

Can who from form of rebuffed?

Evgeny,

Is this LDAP server local to your network, or possibly that the LDAP tree is VERY large and query will take a long time?

This may be a latency issue, where it is taking to long to get a response. 

Have you tried to search for a specfic user (*specific_last_name*)

Maybe that will show if the connection is working properly.

Good Luck,

Ronak

PLEASE MARKED SOLVED WHEN POSSIBLE

Good day!
The LDAP server is local, but the tree is large in terms of the number of users over 5000, not counting aliases.
The client sent a log from the LDAP server : "Dropped Attachment GZ"
Technical support has not yet found a solution and is silent.  What else can I check?

Good day! Your Sauveur unfortunately did not help.

Have you tried to search for a specfic user (*specific_last_name*)

Maybe try to change the AD connection so it is deep in the tree (User Folder) or lower.. or a place the has a small number of records.

See if the search works better.. there.

Good Luck,

Ronak

PLEASE MARKED SOLVED WHEN POSSIBLE

Hello, Ronak!

Unfortunately, this did not help either.

The first query is executed by LdapAdmin:

ACCEPT from IP=192.168.1.100:59168 (IP=0.0.0.0:389)
BIND dn="cn=xele,dc=p,dc=name,dc=ru" method=128
BIND dn="cn=xel,dc=p,dc=name,dc=ru" mech=SIMPLE ssf=0
RESULT tag=97 err=0 text=
SRCH base="" scope=0 deref=3 filter="(objectClass=*)"
SRCH attr=subschemaSubentry
SEARCH RESULT tag=101 err=0 nentries=1 text=
SRCH base="cn=Subschema" scope=0 deref=3 filter="(objectClass=subschema)"
SRCH attr=createTimestamp modifyTimestamp
SEARCH RESULT tag=101 err=0 nentries=1 text=
SRCH base="" scope=0 deref=0 filter="(objectClass=*)"
SRCH attr=namingContexts subschemaSubentry supportedLDAPVersion supportedSASLMechanisms supportedExtension supportedControl supportedFeatures vendorName vendorVersion + objectClass
SEARCH RESULT tag=101 err=0 nentries=1 text=
SRCH base="" scope=0 deref=0 filter="(objectClass=*)"

The second query is executed by SymDLP when trying to create a user group:

news slapd[2152]: conn=378 fd=20 ACCEPT from IP=192.168.1.112 (IP=0.0.0.0:389)
news slapd[2152]: conn=378 op=0 BIND dn="cn=xel,dc=p,dc=name,dc=ru" method=128
news slapd[2152 conn=378 op=0 BIND dn="cn=xel,dc=p,dc=name,dc=ru" mech=SIMPLE ssf=0
news slapd[2152]: conn=378 op=0 RESULT tag=97 err=0 text=
news slapd[2152]: conn=378 op=1 SRCH base="ou=People,dc=p,dc=name,dc=ru" scope=0 deref=3 filter="(objectClass=*)"
news slapd[2152]: conn=378 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
news slapd[2152]: conn=378 op=2 UNBIND
news slapd[2152]: conn=378 fd=20 closed
news slapd[2152]: conn=375 op=17 UNBIND

It is seen that SymDLP does not search for attributes, maybe this is the problem? And how is the connection to openldap?