If you are using Symantec DLP v10.0 and if you have problem about getting Active Directory attributes from endpoint incidents try the steps below;
- Verify Active Directory Connection by using method that described in Symantec Data Loss Prevention Administration Guide.
- Check the log. You will have a log like that below;
if you have Exception: krb_error 14 KDC has no support for encryption type (14) KDC has no s upport for encryption type line
Possible solution is the check "USe DES Encryption types for this account" from user properties in the releated user.
and the AD attiributes will come in the next endpoint incidents.
AD Connection Test
C:\Vontu\jre\bin>kinit
Password for dlpx@xxxx.LOCAL:
Exception: krb_error 14 KDC has no support for encryption type (14) KDC has no s upport for encryption type
KrbException: KDC has no support for encryption type (14)
at sun.security.krb5.KrbAsRep.
at sun.security.krb5.KrbAsReq.getReply(Unknown Source)
at sun.security.krb5.KrbAsReq.getReply(Unknown Source)
at sun.security.krb5.internal.tools.Kinit.sendASRequest(Unknown Source)
at sun.security.krb5.internal.tools.Kinit.
at sun.security.krb5.internal.tools.Kinit.main(Unknown Source) Caused by: KrbException: Identifier doesn't match expected value (906)
at sun.security.krb5.internal.KDCRep.init(Unknown Source)
at sun.security.krb5.internal.ASRep.init(Unknown Source)
at sun.security.krb5.internal.ASRep.
... 6 more
No comments:
Post a Comment