SharePoint scan error message: “connection reset”
search cancel

SharePoint scan error message: “connection reset”


Article ID: 164359


Updated On:


Data Loss Prevention Network Discover Data Loss Prevention


Data Loss Prevention (DLP) Network Discover scan of SharePoint target fails with "unable to connect" errors seen in the Scan Detail.

FileReader logs show errors similar to:

Nov 15, 2016 10:39:23 AM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging
WARNING: Interceptor for {}ListsSoapService#{}GetListItems has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Could not send Message.

Caused by: SocketException invoking {SharePoint target site URL}: Connection reset

Caused by: Connection reset

Nov 15, 2016 10:39:23 AM throwException
SEVERE: discover.statusMessage.SOCKET_EXCEPTION discover.statusMessage.SOCKET_EXCEPTION

Nov 15, 2016 10:39:23 AM getListItemsWS
INFO: Profile - WebServiceCall|getListItemsWS|Security Control, Breaches & Processing Exception Incident Reports|18971
Nov 15, 2016 10:39:23 AM next
SEVERE: Error while getting next item. Error Code : Unknown error. This can be due to some Sharepoint internal issue. Site & its childern will be skipped. Scan will continue.
Nov 15, 2016 10:39:23 AM handleFailedItem
WARNING: Failed to scan. Failed to scan.

Caused by: discover.statusMessage.SOCKET_EXCEPTION


DLP 15.x, DLP 16.0


  1. The connection reset is caused by a timeout from the Discover server to the SharePoint target, and the connection reset causes a SOCKET_EXCEPTION error, resulting in no connection to the SharePoint site to be scanned.
  2. The SharePoint server is configured to require Server Name Indication (SNI) in the IIS bindings and no default site is configured


Solution 1

  • Increasing the SharePoint connector timeout value in Server Settings (Discover.Sharepoint.SocketTimeout) from the default value of 60000 to 120000 should resolve this issue.  After making this change, recycle the VontuMonitor service on the detection server to update the settings.
  • If the Connection Reset error remains, check cause 2, or it may be necessary to increase the setting until the issue no longer occurs

Solution 2

  • In the IIS settings on the Sharepoint server, edit the site bindings and remove the checkmark from 'Require Server Name Indication' under the hostnames
  • For information on other possible solutions see the link below (WARNING - this will take you to a non-Symantec page):

Running Multiple SharePoint SSL Websites on Separate SSL Certificates Using Server Name Indication