GetNamedSecurityInfo error: Access Denied during scans
search cancel

GetNamedSecurityInfo error: Access Denied during scans

book

Article ID: 160158

calendar_today

Updated On:

Products

Data Loss Prevention Network Discover Data Loss Prevention

Issue/Introduction

When reviewing the FileReader0.log file the following error appears:

Apr 21, 2009 11:17:53 PM com.vontu.directorycrawler.DiscoverNativeFile handleError
WARNING: Native informations of file '\\somecomputer\someshare\somefile' couldn't be retrieved: GetNamedSecurityInfo error: Access DeniedThe filename, directory name, or volume label syntax is incorrect.

Resolution

Correlate the error in FileReader log with the ScanDetail log, and check to see if the file was actually scanned: 

ScanDetail log

"Apr 21, 2009 11:17:53 PM","INFO","scan name 04/21/09 - 8:00 PM","COMPLETED_ITEM","//somecomputer\someshare\somefile' ","268800","","","",""

The reason for this error is that the target share is not allowing SID lookup.  A way to correct this problem is to do the lookup from the discover server itself.

Update the crawler.properties config file, which is located in:

Windows: 

X:\Program Files\Symantec\DataLossPrevention\DetectionServer\<version>\Protect\config

Linux: 

/opt/Symantec/DataLossPrevention/DetectionServer/<version>/Protect/config

Change the following config value from 'false' to 'true'.

filesystemcrawler.localusernamelookup = true

Restart the Symantec DLP Detection Server Service after making this change.