Manual quarantine and manual release from quarantine Smart Responses (part of the Symantec Data Loss Prevention flex response server plugin) no longer work in 15.5, 15.7. The green banner pops up on the screen saying that the action will take place asynchronously; but, the action never occurs. It is now failing with a permission error mentioning ShutdownHooks in the localhost log. 

The localhost log will show these errors:

Level: SEVERE
Source: com.vontu.incidentresponse.action.invoker.ActionInvoker
Message: (RESPONSE_ACTION.13) FlexResponse Action [Release From Quarantine] failed and threw an exception: ExceptionInInitializerError.
Cause:
java.lang.ExceptionInInitializerErrorjava.lang.ExceptionInInitializerError
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.executeUndoQuarantine(ReleaseFromQuarantineAction.java:94)
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.execute(ReleaseFromQuarantineAction.java:69)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:313)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:297)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.run(ActionInvoker.java:171)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.RuntimeException: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")
at com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilities.<clinit>(QuarantineUtilities.java:79)
... 8 more

Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.Runtime.addShutdownHook(Runtime.java:209)
at jcifs.context.AbstractCIFSContext.<init>(AbstractCIFSContext.java:44)
at jcifs.context.BaseContext.<init>(BaseContext.java:69)
at com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilities.<clinit>(QuarantineUtilities.java:67)
... 8 more

java.lang.RuntimeException: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")java.lang.RuntimeException: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")
at com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilities.<clinit>(QuarantineUtilities.java:79)
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.executeUndoQuarantine(ReleaseFromQuarantineAction.java:94)
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.execute(ReleaseFromQuarantineAction.java:69)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:313)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:297)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.run(ActionInvoker.java:171)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.Runtime.addShutdownHook(Runtime.java:209)
at jcifs.context.AbstractCIFSContext.<init>(AbstractCIFSContext.java:44)
at jcifs.context.BaseContext.<init>(BaseContext.java:69)
at com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilities.<clinit>(QuarantineUtilities.java:67)
... 8 more

java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.Runtime.addShutdownHook(Runtime.java:209)
at jcifs.context.AbstractCIFSContext.<init>(AbstractCIFSContext.java:44)
at jcifs.context.BaseContext.<init>(BaseContext.java:69)
at com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilities.<clinit>(QuarantineUtilities.java:67)
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.executeUndoQuarantine(ReleaseFromQuarantineAction.java:94)
at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.execute(ReleaseFromQuarantineAction.java:69)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:313)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:297)
at com.vontu.incidentresponse.action.invoker.ActionInvoker.run(ActionInvoker.java:171)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)

SEVERE 
[com.vontu.incidentresponse.action.invoker.ActionInvoker] The plugin action raised an exception.
Cause:
java.lang.NoClassDefFoundError: Could not initialize class 
com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilitiesjava.lang.NoClassDefFoundError: Could not initialize class 
com.symantec.dlpx.flexresponse.quarantine.shared.QuarantineUtilities
 at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.executeUndoQuarantine(ReleaseFromQuarantineAction.java:94)
 at com.symantec.dlpx.flexresponse.quarantine.releasefromquarantine.ReleaseFromQuarantineAction.execute(ReleaseFromQuarantineAction.java:69)
 at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:313)
 at com.vontu.incidentresponse.action.invoker.ActionInvoker.invokeActionAndPersistResults(ActionInvoker.java:297)
 at com.vontu.incidentresponse.action.invoker.ActionInvoker.run(ActionInvoker.java:171)
 at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
 at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.RuntimeException: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks")

java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "shutdownHooks") needs that permission in manager.policy. 

1. Take a backup of: \Symantec\DataLossPrevention\EnforceServer\15.5\Protect\config\manager.policy
2. Edit: \Symantec\DataLossPrevention\EnforceServer\15.5\Protect\config\manager.policy
3. Search for “jcifs.smb.SmbFile”, you should find 2 matches like this:
    // jcifs.smb.SmbFile
   permission java.net.NetPermission "specifyStreamHandler";
4. Add a new line below the "permission java.net.NetPermission "specifyStreamHandler";" for both locations. 
5. ADD:
   permission java.lang.RuntimePermission "shutdownHooks";
6. The final file should look like: 
    // jcifs.smb.SmbFile
   permission java.net.NetPermission "specifyStreamHandler";
   permission java.lang.RuntimePermission "shutdownHooks";
7. Stop Incident Persister Service, then the Manager Service
8. Start the Manager Service, then Incident Persister Service