• You just upgraded to Symantec Data Loss Prevention (DLP) and you are getting an error when trying to test your Active Directory server connection.
• Incident attributes are also not populating in the incident details page.

Release : 15.x, 16.x

Component : Enforce Server

SSL communication is enabled in the Directory Server Connection settings and the previously configured certificates or path are no longer working.

You see the following error in the tomcat localhost log:

File: Enforce\logs\tomcat\localhost.yyyy-mm-dd.log
Date: m/d/yyyy hh:mm:ss am/pm
Thread: nnn
Level: WARNING
Source: com.vontu.manager.admin.directoryconnection.DirectoryConnectionManager
Message: Test Directory Connection Failed: 
Cause:
org.springframework.ldap.CommunicationException: simple bind failed: AD_server_name:port; nested exception is javax.naming.CommunicationException: simple bind failed: AD_server_name:port [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]org.springframework.ldap.CommunicationException: simple bind failed: AD_server_name:port; nested exception is javax.naming.CommunicationException: simple bind failed: AD_server_name:port [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]

Reconfigure the certificate on the Enforce server by following the steps in the help guide Importing SSL certificates to Enforce or Discover servers.