Understanding the Oracle Database Connection Methods Used by Data Loss Prevention


Article ID: 195876


Updated On:


Data Loss Prevention


You want to understand the various database connection methods used by the DLP Enforce server to connect to its Oracle database.


DLP Enforce Services (SymantecDLPManager, SymantecDLPDetectionServerControllerService, SymantecDLPIncidentPersister, SymantecDLPNotifier)

  • Enforce services use a jdbc thin connection, taking the jdbc.dbalias.oracle-thin property's value from Jdbc.properties under:

C:\Program Files\Symantec\DataLossPrevention\EnforceServer\15.7\Protect\config


Enforce Migration Utility

  • The Enforce Migration Utility also uses a jdbc thin connection, taken from the jdbc.dbalias.oracle-thin property's value within the Jdbc.properties file found under the currently installed product config folder. For example, migrating from a 14.6 installation, with default paths, the connection string would be loaded from:
    • Note, Enforce Migration Utility runs the URT prechecks as a sub-step, which is why the URT needs to be placed in the migration URT sub-directory.


Update Readiness Tool (URT)

  • The URT builds an Easy Connect string from user prompts for the current:
    • database username
    • database user password
    • database service name
      • The service name entered can simply be the TNS Name entry defined in tnsnames.ora for the Enforce database
      • It can also be a full Easy Connect naming token that points to the Enforce database, a simple example would be <servername>/<service_name> such as:


Maintenance Packs

  • MPs use an Oracle Easy Connect connection, e.g.


    • The Easy Connect string is constructed using the Oracle database installation values from
      • The DatabasePassword.properties file:
        C:\Program Files\Symantec\DataLossPrevention\EnforceServer\15.7\Protect\config\DatabasePassword.properties
      • On Windows: the following Registry location: HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Data Loss Prevention\Enforce Server\<ver>\Installation\

      • On Linux:
        • /etc/Symantec/DataLossPrevention/EnforceServer/<ver>/Installation/oracleHost
        • /etc/Symantec/DataLossPrevention/EnforceServer/<ver>/Installation/oraclePort
        • /etc/Symantec/DataLossPrevention/EnforceServer/<ver>/Installation/oracleServiceName