Scanning Lotus NSF files via Discover fails

book

Article ID: 160059

calendar_today

Updated On:

Products

Data Loss Prevention Network Discover

Issue/Introduction

Discover Server fails with the following error message:

The crawler threw an exception: lotus/domino/NotesException.
Check the logs for more details.

Resolution

Relevant version:  7.0 and up.

The notes.jar and ncso.jar files must be installed on the Discover Server before it can scan Lotus Notes files.

If these JAR files are missing, the Discover Server displays the following error message:

The crawler threw an exception: lotus/domino/NotesException.
Check the logs for more details.

Workaround: The procedure for installing the notes.jar and ncso.jar files is as follows and also described in the “Adding and Configuring the Vontu Detection Servers” chapter of the Vontu 7 Installation Guide and the Vontu 8 Administration Guide.  

Scanning Lotus Notes using the non-native mode

The Discover Server accesses Domino servers directly using DIIOP and HTTP. Before the Discover Server can successfully scan Domino servers and databases using DIIOP, the Lotus Notes administrator must perform the following tasks.

To directly scan Domino servers (non-native):

1. Add two Lotus Notes .jar files (Notes.jar and NSCO.jar) to the Discover Server’s

<drive>:\Program Files\Vontu\Protect\plugins directory.

a. On a machine where the Lotus Notes 6.5/7.0 client is installed, go to the Lotus Notes installation directory usually located at <drive>:\Program Files\Lotus\Notes.

b. Locate the Notes.jar and NSCO.jar files, then copy and paste these files into the <drive>:\Program Files\Vontu\Protect\plugins directory on the Discover Server.

2. Start the HTTP service on the Domino server being scanned.

3. Configure the “Allow HTTP connections to browse databases” setting to ‘true’.

4. Start the DIIOP service on the Domino server being scanned.

5. Create an Internet password so the scan user account can access the Domino server.

Scanning Lotus Notes using the native mode

In Vontu 8 you also have the following method available via a scanner utilizing the native mode.

Vontu can go through the Lotus Notes client to access the Domino servers and databases owned by that Lotus Notes client. Using this native mode does not require any configuration on the Domino server; however, the following modifications must be made to the Discover Server to work through the client.

To scan Domino servers through the Lotus Notes client (native):

1. Add two Lotus Notes .jar files (Notes.jar and NSCO.jar) to the Discover Server.

a. On a machine where the Lotus Notes 6.5/7.0 client is installed, go to the Lotus Notes installation directory usually located at <drive>:\Program Files\Lotus\Notes.

b. Locate the Notes.jar and NSCO.jar files, then copy and paste these files into the <drive>:\Program Files\Vontu\Protect\plugins directory on the Discover Server.

2. Change lotusnotescrawler.use.diiop scanning configuration property setting on the Discover Server.

a. On the Discover Server, go to <drive>:\Program Files\Vontu\Protect\config\Crawler.properties.

b. Open the Crawler.properties file in a text editor.

c. Locate the lotusnotescrawler.use.diiop parameter and change the value from ‘true’ to ‘false’.

d. Save and close the file.

3. Use IBM’s installation procedure to install the Lotus Notes client on the Discover Server.

4. Give the “protect” user write permission to the notes.ini file.

a. Locate the notes.ini file at <drive>:\Program Files\Lotus\Notes.

b. Right-click on the notes.ini file and select the Properties option.

c. Select the Security tab.

d. In the Group or user names section, select the ‘protect’ user.

e. In the Permissions section, select the Write check box in the Allow column, and click OK

5. Add the Notes home directory to the PATH system variable.

a. From the Start menu, select Control Panel.

b. Double-click on System to display the System Properties dialog box.

c. Click Environment Variables.

d. In the System variables section, scroll down the list of variables to the Path variable.

e. Double-click the Path variable to display the Edit System Variable dialog box.

f. In the Variable value field, at the end of the text string, type a semicolon and the path to the Notes directory.  For example, C:\Program Files\Lotus\Notes.

g. Click OK and close all of the dialog boxes.

6. Copy the user.id file supplied by the Lotus Notes administrator to the Notes directory on the Discover Server (<drive>:\Program Files\Lotus\Notes).

Access to the Domino server and the success of scanning operations is determined by the permissions granted to this user.id file. The Lotus Notes administrator must ensure that the user.id has the proper permissions to access all files that need to be scanned.

7. Restart the Discover Server so that the changes to the server’s configuration can take effect.

This is outlined in PROTECT-6303 (E-Track 1309428)

Then you should be able to scan via discover the NSF files. The mentioned files are from the Lotus notes client.

The monitor itself is unable to crack NSF files when they are sent over the wire. It can detect them but can not crack (inspect) them. Enhancement request PM-26 is filed for cracking NSF files.