search cancel

SharePoint Network Discover scans are failing

book

Article ID: 174144

calendar_today

Updated On:

Products

Data Loss Prevention Network Discover

Issue/Introduction

Symantec Data Loss Prevention
Network Discover for SharePoint servers.

SharePoint scans started failing.
This started after the Kerberos server was taken off-line for maintenance.

The FileReader logs show "Negotiate Kerberos failed, falling back to NTLM".

OR

The account used for Sharepoint scan might get locked as soon as the scan is initiated. The FileReader logs show the below exceptions:

Class: com.symantec.dlp.sharepoint.connector.exception.SharePointExceptionHandler
Method: throwException
Level: SEVERE
Message:  discover.statusMessage.INVALID_CREDENTIALS
com.symantec.dlp.sharepoint.connector.exception.InvalidCredentialException: discover.statusMessage.INVALID_CREDENTIALS

com.vontu.discover.crawler.framework.RepositoryCrawler$CrawlerThread.run(RepositoryCrawler.java:353)

Caused by: org.apache.cxf.transport.http.HTTPException: HTTP response '401: Unauthorized' when communicating with

Cause

NTLM had been disabled on the network for security reasons. 

Resolution

Enable NTLMv2 authentication on the Enforce server.

See our KB article TECH218602 for the steps to enable NTLMv2, link below.

jCIFS and NTLMv2