DLP has a utility called AdminPasswordReset.exe.

There is no method to recover a lost password, but you can use this utility to assign a new password.

Supported versions of DLP (15.8 and above, currently)

Important Note - This tool resolves the following issues:

1. Lost Administrator password
2. Misconfigured Single Sign On (everyone configured for SSO and no one can log in)

Tool prerequisites & results:

• Would require access to the Symantec DLP software on the Enforce Server and Oracle DB password for PROTECT user.
• Needs to be run from a command line at /opt/Symantec/DataLossPrevention/EnforceServer/15.8/Protect/bin (Linux)
  or C:\Program Files\Symantec\DataLossPrevention\EnforceServer\Protect\bin (Windows) directory.
• Would set the Administrator user password to the given password
• Would also set the flag to allow password login by the Administrator user in single sign-on situations
• Would create an audit log record and system event to note the password reset

This can be done with a command-line tool as follows:

AdminPasswordReset.exe -dbpass <oracle "protect" password> -newpass <new admin password> (Windows)

./AdminPasswordReset.exe -dbpass <oracle "protect" password> -newpass <new admin password> (Linux)