DLP Enforce Server NOT reading Encrypted Credentials file

When I run the DLP lookup script with elevated credentials and without the DLP enforce server, it returns userId=DOMAIN\jsmith

But when I run the DLP lookup script with the DLP Enforce Server, it does not work.

The DLP Enforce Server is NOT reading the Encrypted Credentials file.

Both the script AND the encrypted credentials file is stored in D:\SymantecDLP\Protect\plugins

Here is the script

import sys, subprocess, socket, string
import wmi, win32api, win32con

for args in [item.strip('sender-ip=') for item in sys.argv[1:]]:

    userIP = args
    userloggedon = ""
    
    # subprocess
    ping = subprocess.Popen(
        ["ping", "-n", "1", userIP],
        stdout = subprocess.PIPE,
        stderr = subprocess.PIPE
    )
 
    # can we ping the user's IP address?
    out, error = ping.communicate()
 
    # if we cannot ping user's IP address then userID is the error message, and exit
    if out.find("Reply from") == -1:
        errorMessage = "HOST unreachable."
        print 'errorMsg={}'.format(errorMessage)
        sys.exit()
 
    # if we cannot access wmi of user's IP address then userID is the error message, and exit
    try:
        c = wmi.WMI(userIP)
    except:    
        errorMessage= "WMI unreachable"
        print 'errorMsg={}'.format(errorMessage)
        sys.exit()
 
    # perform system lookup of IP address
    user_list = []
    for us in c.Win32_LogonSession():
        try:
            for user in us.references("Win32_LoggedOnUser"):
                user_logins = user.Antecedent.Domain + "\\" + user.Antecedent.Name
                user_list.append(user_logins)
            
        except:
            pass

    userloggedon = user_list[0]    
    print 'userId={}'.format(userloggedon)

The credentials file path is D:\SymantecDLP\Protect\plugins\MyCredentialsEncrypted.txt

The DLP Enforce Server is running on Windows Server 2008 and UAC is DISABLED

I've followed all the recommendations, but no matter what happens here is the output

DLP logs show the credentials in clear text, but it totally ignores it. Instead it returns errorMsg=HOST unreachable, which is something you get if you DO NOT run script with elevated credentials

13 May 2014 14:33:16,413- Thread: 27 FINE [com.vontu.lookup.script.ExecLauncher] Executing: D:\Python27\python.exe[-u, D:\SymantecDLP\Protect\plugins\namelookup.py, username=clear-text username password=cleartext password, discover-repository-location=null, errorMsg=HOST unreachable., date-detected=Tue May 13 13:32:47 EDT 2014, endpoint-machine-name=null, incident-id=1241192, sender-ip=10.10.10.10, Magic Ticket Number=null, userId=null, sender-email=10.10.10.10, Assigned To=null, sender-port=60574, endpoint-domain-name=null, endpoint-dos-volume-name=null, file-access-date=null, date-sent=Tue May 13 13:32:47 EDT 2014, endpoint-file-name=null, file-modified-by=null, Country=null, Manager Email=null, plugin-chain-id=0, discover-server=null, data-owner-name=null, Dismissal Reason=null, Streeet Address=null, LDAP  givenName=null, Building Name=null, Last Name=null, First Name=null, Phone=null, subject=HTTP incident, Sender Email=null, endpoint-user-name=null, endpoint-volume-name=null, discover-name=null, discover-content-root-path=null, data-owner-email=null, file-create-date=null, Region=null, endpoint-application-name=null, host-name=null, Manager First Name=null, LDAP telephoneNumber=null, path=null, endpoint-application-path=null, Manager Last Name=null, firstName=null, discover-location=null, Reason=null, protocol=HTTP, Resolution=null, file-owner=null, Postal Code=null, OS=null, endpoint-file-path=null, City=null, discover-extraction-date=null, Manager Phone=null, State=null, file-created-by=null, Rack ID=null, file-owner-domain=null]

13 May 2014 14:33:16,541- Thread: 27 FINE [com.vontu.lookup.script.ExecLauncher] Return [errorMsg=HOST unreachable.]

13 May 2014 14:33:16,542- Thread: 24 FINE [com.vontu.enforce.workflow.attributes.CustomAttributeLookup] Lookup using com.vontu.lookup.script.ScriptLookup complete: {discover-repository-location=null, errorMsg=HOST unreachable., date-detected=Tue May 13 13:32:47 EDT 2014, endpoint-machine-name=null, incident-id=1241192, sender-ip=10.10.10.10, Magic Ticket Number=null, userId=null, sender-email=10.10.10.10, Assigned To=null, sender-port=60574, endpoint-domain-name=null, endpoint-dos-volume-name=null, file-access-date=null, date-sent=Tue May 13 13:32:47 EDT 2014, endpoint-file-name=null, file-modified-by=null, Country=null, Manager Email=null, plugin-chain-id=0, discover-server=null, data-owner-name=null, Dismissal Reason=null, Streeet Address=null, LDAP  givenName=null, Building Name=null, Last Name=null, First Name=null, Phone=null, subject=HTTP incident, Sender Email=null, endpoint-user-name=null, endpoint-volume-name=null, discover-name=null, discover-content-root-path=null, data-owner-email=null, file-create-date=null, Region=null, endpoint-application-name=null, host-name=null, Manager First Name=null, LDAP telephoneNumber=null, path=null, endpoint-application-path=null, Manager Last Name=null, firstName=null, discover-location=null, Reason=null, protocol=HTTP, Resolution=null, file-owner=null, Postal Code=null, OS=null, endpoint-file-path=null, City=null, discover-extraction-date=null, Manager Phone=null, State=null, file-created-by=null, Rack ID=null, file-owner-domain=null}.

Thank you