Detection Server showing as unknown after installing and/or upgrading to 16.1+ in a new environment.
search cancel

Detection Server showing as unknown after installing and/or upgrading to 16.1+ in a new environment.

book

Article ID: 396458

calendar_today

Updated On:

Products

Data Loss Prevention Enterprise Suite

Issue/Introduction

Newly added detection server shows unknown and the following error occurs in the SymantecDLPEnforceConnector#.logs 
SEVERE: Failed to create DetectorInfo file
com.symantec.dlp.storageandnotification.exceptions.StorageException: Failed to bind detector to Enforce <enforce ID>. The detector is already bound to Enforce <enforce id ending in -000000000001>. The detector must be restored to factory defaults (or reinstalled) before it can be bound to another Enforce server.

Cause

Detector was previously bound to a different Enforce, potentially from a 'golden image' or a 3rd party appliance. 

Resolution

Run resetDetector.sh(Linux) or resetDetector.ps1(Windows) 

Located in:

Windows: \Program Files\Symantec\DataLossPrevention\DetectionServer\<version>\Protect\bin
Linux: opt/Symantec/DataLossPrevention\DetectionServer/<version>\bin

Additional Information

The script does the following:
1. Stops the services
2: Creates a new detectorID
3. Updates the detectorID in DetectionServerSettings.properties
4. Removes the storage layer json file(this is the file that contains the EnforceID that may be wrong)
5. Renames the storage layer detector folder
6. Deletes all replication data from all topic folders
7. Starts services

Powered by Wolken Software