User Information functionality and related error messages

Technical Articles ID: KB93818
Last Modified: 2023-04-13 19:05:41 Etc/GMT

Environment

Data Loss Prevention (DLP) Endpoint 11.x
DLP Monitor 11.x
DLP Prevent 11.x

For DLP Endpoint supported environment, see KB68147 - Supported platforms for Data Loss Prevention Endpoint
For DLP Prevent and Monitor supported environment, see KB87112 - Supported platforms for Data Loss Prevention Prevent and Monitor

Summary

This article describes how you can edit and import a .csv file to User Information in DLP Operations. For basic information about the User Information tab, see the DLP Product Guide.

Problem

When a modified .csv file is imported to User Information, you encounter the following errors, which state that information is missing on several lines:

User Principal Name (username@fqdn) is missing on line ‘x’ or User Principal Name (username@fqdn) is invalid on line “x”
FQDN is missing on line “x” or FQDN is invalid value on line “x”
User Name is missing on line “x”
User Logon Name (domain\username) is invalid value on line “x”

Cause

The stated information is either missing, or not formatted correctly. When editing an exported User Information .csv file, three columns must be populated and correctly formatted: header_primary_user_ID_mandatory, header_FQDN and header_username. The header_username_NTLM is not needed, but if populated must be formatted properly.

Solution 1

User Principal Name (username@fqdn) is missing on line ‘x’

User Principal Name (username@fqdn) is invalid on line “x”

These errors indicate that the User Principal Name information (header_primary_user_ID_mandatory) is missing or not formatted properly on the line mentioned. The User Principal Name information for the user must be populated in proper UPN formatting (that is, username@domain.com) before trying to import the User Information .csv file.

NOTE: In rare cases, the User Principal Information field could be blank due to a DLP incident generated under a non-domain account.

Solution 2

FQDN is missing on line “x” or FQDN is invalid value on line “x”

This error indicates that the user’s FQDN information (header_FQDN) is either missing or not properly formatted on the line mentioned. The user’s FQDN details must be provided in proper FQDN formatting (that is, username@domain.com) before you import the User Information .csv file.

Solution 3

User Name is missing on line “x”

This error indicates that the User Name details (header_username) are missing on the line specified. Before you import the User Information .csv file, you must populate the User Name details. Examples of acceptable user name formats are below:

username@domain.com

domain\username

username

Solution 4

User Logon Name (domain\username) is invalid value on line “x”

This error indicates that the user’s Logon Name information (header_username_NTLM) is not properly formatted in the .csv. Proper formatting must be “domain\username” as indicated in the error. You must correct the formatting before you import the User Information .csv.

Related Information

Additional information about DLP User Information:

For DLP Endpoint for Windows, the DLP Agent collects user information that is stored locally on the Windows system. It does not gather user information by connecting to an LDAP server.

The DLP Agent must automatically collect the UPN, FQDN, and User name details needed and provide to ePO. Sometimes, these details might not be available on the endpoint, which results in an inability for the DLP Agent to provide such information. The WHOAMI command with the following switches can be run on the endpoint to verify if Windows has the user information stored locally.

WHOAMI [/UPN | /FQDN | /USER]

Columns that contain an “optional” header in the User Information .csv file are values that are NOT automatically collected by the DLP Agent. If you require data in these fields, they must be manually edited.

Before importing the User Information .csv, all fields in the file must be comma delimited and the file must be saved in the CSV (comma delimited) format. The file import with either fail or not update User Information properly if formatted otherwise.

When you update the User Information, the user information in all pre-existing DLP incidents associated with the updated users, is also updated.

User Information can be updated using the REST API. For details, see KB87855 - REST API for Data Loss Prevention Endpoint definitions sample.

For User Information that Logon Collector can gather, see the “Integration with Data Loss Prevention” section in the Logon Collector Product Guide.

DLP Prevent and Monitor appliances can communicate with LDAP servers to obtain Active Directory User Information. An LDAP server must be registered with ePO and configured in the Users and Groups policy, as described in the DLP Product Guide. If you suspect that your appliance is not properly gathering the User Information details, contact Technical Support for assistance.

Affected Products

Languages:

This article is available in the following languages:

Knowledge Center

User Information functionality and related error messages

Environment

Summary

Problem

Cause

Solution 1

Solution 2

Solution 3

Solution 4

Related Information

Affected Products

Languages:

Title

Title

Knowledge Center

User Information functionality and related error messages

Environment

Summary

Problem

Cause

Solution 1

Solution 2

Solution 3

Solution 4

Related Information

Affected Products

Languages:

Choose your region

Title

Title