GetNamedSecurityInfo error: Access Denied during scans


Article ID: 160158


Updated On:


Data Loss Prevention Network Discover


When reviewing the FileReader0.log file the following error appears:

Apr 21, 2009 11:17:53 PM com.vontu.directorycrawler.DiscoverNativeFile handleError
WARNING: Native informations of file '\\somecomputer\someshare\somefile' couldn't be retrieved: GetNamedSecurityInfo error: Access DeniedThe filename, directory name, or volume label syntax is incorrect.


Correlate the error in FileReader log with the ScanDetail log, and check to see if the file was actually scanned: 

ScanDetail log

"Apr 21, 2009 11:17:53 PM","INFO","scan name 04/21/09 - 8:00 PM","COMPLETED_ITEM","//somecomputer\someshare\somefile' ","268800","","","",""

The reason for this error is that the target share is not allowing SID lookup.  A way to correct this problem is to do the lookup from the discover server itself.  Modify the in \vontu\protect\config directory as follows:

filesystemcrawler.localusernamelookup = true

Restart the Vontu Monitor service after making this change.