AIP Scanner - Content scan job and error occurred while sending the request

Cossette 26 Reputation points
2022-02-15T16:17:07.163+00:00

The scanner is not registering as a node - that's the obvious issue as it's not showing up.

We've gone through this installation on different systems and end up at the same results.

To troubleshoot, the start-aipscanner diagnostics goes through login process, checks connectivity, but fails at verifying the content scan jobs. The logs are showing the :
[System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host

which is a part of the troubleshooting guide. This is installed on Server 2019, so TLS should default to 1.2 but we've gone through the enforcement things as well.

I'm not seeing any denies on the firewalls or devices in the middle.

I'm open to suggestions

Azure Information Protection
Azure Information Protection
An Azure service that is used to control and help secure email, documents, and sensitive data that are shared outside the company.
518 questions

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Givary-MSFT 28,321 Reputation points Microsoft Employee
    2022-02-16T09:47:19.89+00:00

    @Cossette

    Thank you for reaching out to us. From the error it clearly states network issue. As per this article https://learn.microsoft.com/en-us/azure/information-protection/deploy-aip-scanner-prereqs, can you check if the url's are allowed or accessible from the system while configuring scanner

    make sure that this computer has internet connectivity that allows the following URLs over HTTPS (port 443):

    • *.aadrm.com
    • *.azurerms.com
    • *.informationprotection.azure.com
    • informationprotection.hosting.portal.azure.net
    • *.aria.microsoft.com
    • *.protection.outlook.com

    Also what information do you see in the logs %localappdata%\Microsoft\MSIP\Logs ?

    Let me know if you have any questions.

    0 comments
  2. Cossette 26 Reputation points
    2022-02-16T16:04:34.813+00:00

    @GirishVaryani
    Thank you for the reply - here is some additional information

    start-aipscannnerdiagnostics replies with:
    connectivity check for https://login.windows.net/common completed successfully
    connectivity check for https://dataservice.protection.outlook.com completed successfully
    connectivity check for https://api.aadrm.com completed successfully
    database check completed successfully

    Error
    Microsoft.InformationProtection.Scanner.EventLog.ScannerEventLogUtils.LogWarning"
    Info 2022-02-16 09:39:03.2454 MSIP.Lib MSIP.Scanner (96) Bootstrapping [Microsoft Azure Information Protection Scanner] Domain\user 21
    Info 2022-02-16 09:39:03.2454 MSIP.Lib MSIP.Scanner (96) Loading profile Domain\user 21
    Info 2022-02-16 09:39:03.2454 MSIP.Lib MSIP.Scanner (96) Profile loaded Domain\user 21
    Info 2022-02-16 09:39:03.2454 MSIP.Lib MSIP.Scanner (96) Loading engine Domain\user 21
    Info 2022-02-16 09:39:03.2454 MSIP.Lib MSIP.Scanner (96) Engine loaded Domain\user 15
    Info 2022-02-16 09:39:03.2454 MSIP.Common MSIP.Scanner (96) Adding advanced property from custom settings, Property:[purviewLabelConsent], Value:[True] Domain\user 15
    Info 2022-02-16 09:39:03.2454 MSIP.Common MSIP.Scanner (96) Adding advanced property from custom settings, Property:[disablemandatoryinoutlook], Value:[true] Domain\user 15
    Info 2022-02-16 09:39:03.2454 MSIP.Lib MSIP.Scanner (96) Bootstrapping [Microsoft Azure Information Protection Scanner] Domain\user 15
    Info 2022-02-16 09:39:03.2454 MSIP.Lib MSIP.Scanner (96) Loading profile Domain\user 15
    Info 2022-02-16 09:39:03.2454 MSIP.Lib MSIP.Scanner (96) Profile loaded Domain\user 15
    Info 2022-02-16 09:39:03.2454 MSIP.Lib MSIP.Scanner (96) Loading engine Domain\user 15
    Info 2022-02-16 09:39:03.2454 MSIP.Lib MSIP.Scanner (96) Acquiring an SCC token to populate identity Domain\user 15
    Info 2022-02-16 09:39:03.2454 MSIP.Common MSIP.Scanner (96) Feature Flights, Property:[EnableCoAuthoring], Value:[true] Domain\user 15
    Info 2022-02-16 09:39:03.2610 MSIP.Lib MSIP.Scanner (96) Loading new PolicyEngine, addTimout: 00:02:00 Domain\user 15
    Info 2022-02-16 09:39:03.3235 MSIP.Lib MSIP.Scanner (96) Engine loaded Domain\user 11
    Info 2022-02-16 09:39:03.3391 MSIP.Lib MSIP.Scanner (96) Getting RMS token, authority: https://login.windows.net/common, resource: https://api.aadrm.com/ Domain\user 11
    Info 2022-02-16 09:39:03.3391 MSIP.Lib MSIP.Scanner (96) "Scanner status content: {""DurationInSeconds"":0.0,""TotalScannedFiles"":0,""FailedFiles"":0,""TotalScannedMB"":0,""ProfileName"":""***"",""ProfileTimestamp"":""0001-01-01 00:00:00Z"",""CurrentScanId"":""00000000-0000-0000-0000-000000000000"",""ResetCacheAccepted"":false,""NodeName"":""Computer.domain"",""Status"":4,""ErrorCode"":3,""ClientVersion"":""2.11.58.0""}. CorrelationId: 4f485a1b-1947-4013-baa6-ec4da4010241" Domain\user 11
    Error 2022-02-16 09:39:03.5423 MSIP.Telemetry64 MSIP.Scanner (96) "Send Telemetry event. Event name: [scanner_status_failed], Dropped
    Properties:
    [ActionInfo.RequestUri] = Value: [https://<PII>], PiiKind: [None]
    [ActionInfo.CorrelationId] = Value: [1e724c5e-8d4b-4820-845a-6cd710bdd322], PiiKind: [None]
    [ActionInfo.ScannerStatus] = Value: [Error], PiiKind: [None]
    [ActionInfo.ScannedFiles] = Value: [0], PiiKind: [None]
    [EventInfo.Exception] = Value: [System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
    at System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult)
    at System.Net.Sockets.NetworkStream.EndRead(IAsyncResult asyncResult)
    --- End of inner exception stack trace ---
    at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
    at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
    --- End of inner exception stack trace ---
    at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)
    at System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)

    0 comments
  3. Cossette 26 Reputation points
    2022-05-17T14:13:47.697+00:00

    Solution was found - used the application IISCrypto from Nartac Software to reset the Cipher Suites to the default state. Once it was set, the communication worked.

    0 comments