Symantec Data Loss Prevention Network Discover for SharePoint servers.

SharePoint scans have started failing.

This started after the Kerberos server was taken off-line for maintenance.

The FileReader logs show "Negotiate Kerberos failed, falling back to NTLM".

OR

The account used for SharePoint scan might get locked as soon as the scan is initiated. The FileReader logs show the below exceptions:

Class: com.symantec.dlp.sharepoint.connector.exception.SharePointExceptionHandler
Method: throwException
Level: SEVERE
Message:  discover.statusMessage.INVALID_CREDENTIALS
com.symantec.dlp.sharepoint.connector.exception.InvalidCredentialException: discover.statusMessage.INVALID_CREDENTIALS

com.vontu.discover.crawler.framework.RepositoryCrawler$CrawlerThread.run(RepositoryCrawler.java:353)

Caused by: org.apache.cxf.transport.http.HTTPException: HTTP response '401: Unauthorized' when communicating with

NTLM had been disabled on the network for security reasons. 

Enable NTLMv2 authentication on the Enforce server.

See our KB article TECH218602 for the steps to enable NTLMv2, link below.

jCIFS and NTLMv2