Active Directory Index fails due to "Exceeded the corruption threshold of (1)%"
search cancel

Active Directory Index fails due to "Exceeded the corruption threshold of (1)%"

book

Article ID: 233850

calendar_today

Updated On:

Products

Data Loss Prevention Data Loss Prevention Enforce

Issue/Introduction

Policies with AD user group rules and exceptions do not behave as expected.  

Cause

Active Directory indexing does not complete or shows an error in the Enforce Console:

INDEXING STATUS
Error: indexedDataStatus.ad_query_returned_unknown_error (Creating Index Version 327)
Next Scheduled: 2/4/22 12:00 AM
 
Localhost logs show an error related to the 1% threshold (default value):
 

07 Dec 2021 04:00:14,738- Thread: 77 SEVERE [com.vontu.profiles.manager.directoryconnection.DirectoryConnectionSourceIndexCreator] "Exceeded the corruption threshold of {1}% while indexing database profile {0}. {2}"
Cause:
java.lang.Throwable: Too many invalid rowsjava.lang.Throwable: Too many invalid rows
 at com.vontu.profileindex.database.jni.EDMAPIException.convertToIndexerException(EDMAPIException.java:82)
 at com.vontu.profiles.manager.directoryconnection.DirectoryConnectionSourceIndexCreator.createIndex(DirectoryConnectionSourceIndexCreator.java:447)
 at com.vontu.profiles.manager.directoryconnection.DirectoryConnectionSourceIndexCreator.indexDirectoryConnection(DirectoryConnectionSourceIndexCreator.java:229)
 at com.vontu.profiles.manager.directoryconnection.DirectoryConnectionSourceIndexCreator.indexInfoSourceOnManager(DirectoryConnectionSourceIndexCreator.java:159)
 at com.vontu.profiles.manager.InfoSourceIndexCreator.indexListOfDataSources(InfoSourceIndexCreator.java:260)
 at com.vontu.profiles.manager.directoryconnection.DirectoryConnectionSourceIndexJob.index(DirectoryConnectionSourceIndexJob.java:38)
 at com.vontu.profiles.manager.InfoSourceIndexJob.execute(InfoSourceIndexJob.java:80)
 at org.quartz.core.JobRunShell.run(JobRunShell.java:213)
 at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:557)
Caused by: Too many invalid rows
 at com.vontu.profileindex.database.ramindex.DatabaseIndexCreatorNativeWrapperV3Impl.nativeCreateIndex(Native Method)
 at com.vontu.profileindex.database.ramindex.DatabaseIndexCreatorNativeWrapperV3Impl.createIndexHelper(DatabaseIndexCreatorNativeWrapperV3Impl.java:251)
 at com.vontu.profileindex.database.ramindex.DatabaseIndexCreatorNativeWrapperV3Impl.createIndex(DatabaseIndexCreatorNativeWrapperV3Impl.java:187)
 at com.vontu.profileindexer.database.DatabaseIndexCreatorNativeV3.createIndexHelper(DatabaseIndexCreatorNativeV3.java:280)
 at com.vontu.profileindexer.database.DatabaseIndexCreatorNativeV3.createIndex(DatabaseIndexCreatorNativeV3.java:176)
 at com.vontu.profiles.manager.directoryconnection.DirectoryConnectionSourceIndexCreator.createIndex(DirectoryConnectionSourceIndexCreator.java:429)
 ... 7 more

com.vontu.profileindex.database.jni.EDMAPIException: Too many invalid rowsToo many invalid rows
 at com.vontu.profileindex.database.ramindex.DatabaseIndexCreatorNativeWrapperV3Impl.nativeCreateIndex(Native Method)
 at com.vontu.profileindex.database.ramindex.DatabaseIndexCreatorNativeWrapperV3Impl.createIndexHelper(DatabaseIndexCreatorNativeWrapperV3Impl.java:251)
 at com.vontu.profileindex.database.ramindex.DatabaseIndexCreatorNativeWrapperV3Impl.createIndex(DatabaseIndexCreatorNativeWrapperV3Impl.java:187)
 at com.vontu.profileindexer.database.DatabaseIndexCreatorNativeV3.createIndexHelper(DatabaseIndexCreatorNativeV3.java:280)
 at com.vontu.profileindexer.database.DatabaseIndexCreatorNativeV3.createIndex(DatabaseIndexCreatorNativeV3.java:176)
 at com.vontu.profiles.manager.directoryconnection.DirectoryConnectionSourceIndexCreator.createIndex(DirectoryConnectionSourceIndexCreator.java:429)
 at com.vontu.profiles.manager.directoryconnection.DirectoryConnectionSourceIndexCreator.indexDirectoryConnection(DirectoryConnectionSourceIndexCreator.java:229)
 at com.vontu.profiles.manager.directoryconnection.DirectoryConnectionSourceIndexCreator.indexInfoSourceOnManager(DirectoryConnectionSourceIndexCreator.java:159)
 at com.vontu.profiles.manager.InfoSourceIndexCreator.indexListOfDataSources(InfoSourceIndexCreator.java:260)
 at com.vontu.profiles.manager.directoryconnection.DirectoryConnectionSourceIndexJob.index(DirectoryConnectionSourceIndexJob.java:38)
 at com.vontu.profiles.manager.InfoSourceIndexJob.execute(InfoSourceIndexJob.java:80)
 at org.quartz.core.JobRunShell.run(JobRunShell.java:213)
 at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:557)

Resolution

Locate the error file that is created:

Windows: <drive>:\ProgramData\Symantec\DataLossPrevention\EnforceServer\<DLP version>\tomcatTemp\temp_directory\directory_group.dat.err

Linux: /var/Symantec/DataLossPrevention/EnforceServer/<DLP version>/tomcatTemp/tmp_directory/directory_group.dat.err

The file will list the line number (in Active Directory), the email address of the user(s), and the error.

  • If the error shown in this file is "tokenType=1013: System pattern not matched to 2," there is something in the email address (or following the email address) causing the error.  The indexer is grouping this data as the email address.
    • Have your Active Directory admin or team locate these user accounts in Active Directory to determine the reason for the error.
  • If there is any other error shown, please contact support for a translation.