EnforceServerUpdateConfigurationUtility: error Could not find user "protect"

book

Article ID: 184527

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

running the EnforceServerUpdateConfigurationUtility to update Enforce to 15.1 MP1 and the utility is looking for the current system account that is set in 

/etc/Symantec/Data Loss Prevention/Enforce Server/15.1/Installation/serviceUserUsername

Specify Oracle Database Connection Settings

Specify the path of the Oracle client and on which hostname or IP address, port, SID or service name, username, and password the Enforce server should use for connecting to the database.

Enter Home: /opt/tools/oracle-12.1.0.2/client_1

Enter Host: db.foobar.local

Enter Port: 1521

Enter SID or Service Name: PROTECT

Enter Username: PROTECT

Enter Password:

0%: Running configuration action "Set Server Platform Common Data Files Path Configuration Action"

12%: Running configuration action "Configure JRE Configuration Action"

25%: Running configuration action "Configure Service Init Script Configuration Action"

37%: Running configuration action "Configure Tool JVM Configuration Action"

50%: Running configuration action "Set Permissions Configuration Action"

ERROR: Error running configuration action "Set Permissions Configuration Action": Could not find user "protect"

Exception: Failed to execute some configuration actions

Cause

the file "/etc/Symantec/Data Loss Prevention/Enforce Server/15.1/Installation/serviceUserUsername" is set to protect and not the current service account

 

Environment

Redhat 7.x 

Enforce 15.1 > 15.1 mp1

EnforceServerUpdateConfigurationUtility

Resolution

Workaround:

  1. echo -n "foobar" > "/etc/Symantec/Data Loss Prevention/Enforce Server/15.1/Installation/serviceUserUsername"
  2. cd /opt/DataLossPrevention/Enforce Server/15.1/Protect/services 
  3. sed -i 's/RUN_AS_USER=protect/RUN_AS_USER=foobar/g' `find . -iname "SymantecDLP*"`
  4. re-run EnforceSerevrUpgradeConfigurationUtility 

NOTE: change foobar to your current system account for DLP.