Unable to login to Enforce console after applying DLP Server Hotfix 15.5.0105.01001

book

Article ID: 184625

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

After applying Hotfix 15.5.0105.01001, an "unexpected error" occurs when trying to log into the Enforce console.

Upon reviewing the "localhost" logs on the Enforce server, an "access denied" error is observed regarding the "manager.properties" file &/or the "protect.properties" file

Browser error:

An unexpected error has occurred. Contact your system administrator if this problem persists.

 

Localhost log errors from Enforce could be similar to:

SEVERE [com.vontu.manager.init.ManagerInitialization] Failed to initialize SystemProperties:
Cause:

java.security.AccessControlException: access denied ("java.io.FilePermission" "..\config\Protect.properties" "read")java.security.AccessControlException: access denied ("java.io.FilePermission" "..\config\Protect.properties" "read")
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)

OR

SEVERE [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/ProtectManager - Copy]] Exception sending context initialized event to listener instance of class [com.vontu.manager.init.ManagerInitialization]
Cause:
java.security.AccessControlException: access denied ("java.io.FilePermission" "C:\Program Files\Symantec\DataLossPrevention\EnforceServer\15.5\Protect\config\Manager.properties" "read")java.security.AccessControlException: access denied ("java.io.FilePermission" "C:\Program Files\Symantec\DataLossPrevention\EnforceServer\15.5\Protect\config\Manager.properties" "read")
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)

Cause

The permissions for the "...Protect\config\Manager.properties" file &/or the "...Protect\config\Protect.properties" file/s are not set up to allow full access to the Service account that is setup to use the DLP services in "services.msc"

(There can potentially be other causes of the generic "unexpected error has occurred" browser error, however if "access denied" messages are occurring in the "localhost" log in Enforce, the above cause is highly likely to be the case)

Environment

This issue could potentially occur when applying DLP Server Hotfix 15.5.0105.01001 to Symantec DLP 15.5 MP1

It is very possible that the same issue could occur when applying DLP Server Hotfix 15.5.0105.01002 to Symantec DLP 15.0 MP1

The issue has been observed in an environment where the user was attempting to log into Enforce locally (ie: through the Localhost address in the browser window) after RDP-ing into the machine, however it is quite likely that the issue could occur under various other connection circumstances after applying the Hotfix as well.

Resolution

Providing full (read/write/modify/execute) access to the "...Protect\config\Manager.properties" file &/or the "...Protect\config\Protect.properties" file will resolve the permission errors in the "localhost" log.