Troubleshooting Reporting "Error: Access Denied" on Symantec Endpoint Protection Manager (SEPM)

Article:TECH105621  |  Created: 2008-01-13  |  Updated: 2008-01-07  |  Article URL http://www.symantec.com/docs/TECH105621
Article Type
Technical Solution


Issue



Troubleshooting "Error: Access Denied" in Reporting technology.

Symptoms
"Error: Access Denied" on the Home Tab.



Solution





This error is typically encountered when the anonymous account does not have the correct read/write access to the Symantec Folders. Verify that the user account has the correct NTFS permissions to the SEPM Data and Program Files.

IIS_IUSR and IIS_WPG Windows and Domain Accounts must be removed from the GUEST group and placed into the USER group.
  1. Right-click My Computer, select Manage. Select Local Users and Groups and highlight the Groups folder .
  2. Open Guests and remove the IUSR_*... member if listed.
  3. Click OK.
  4. Open Users and add the IUSR_*... member if listed.
  5. Click OK.
  6. Please do the same for the IIS_WPG, if this user exists.
  7. IIS_IUSR and IIS_WPG user accounts need full access to the Symantec Endpoint Protection Manager directory and ..\Program Files\Symantec\Symantec Endpoint Protection Manager and the secars.dll and secreg.dll files in System32 directory.
  8. Right-click on the folder Symantec Endpoint Protection Manager and select Properties
  9. Click Security.
  10. Click Advanced.
  11. Click Add.
  12. Click Advanced.
  13. Click Find Now.
  14. Locate IIS_IUSR and allow full control.
  15. Please also add the IIS_WPG, if this user exists.

NOTE: If that fails, temporarily enable full access to the System32 directory. If that alleviates the issue then it is a permission issue with one of the files in System32 directory. You will have to troubleshoot further with support to determine which files.





Legacy ID



2008081312461648


Article URL http://www.symantec.com/docs/TECH105621


Terms of use for this information are found in Legal Notices