Clients no longer report into Symantec Endpoint Encrytion Full Disk Manager console after upgrade.

Article:TECH190125  |  Created: 2012-05-31  |  Updated: 2013-05-23  |  Article URL http://www.symantec.com/docs/TECH190125
Article Type
Technical Solution


Issue



Clients no longer report to SEE Management Server console after clients are upgraded. Communication on the client console is successful, however the time stamp does not get updated on the server.


Error



SEE Application Pool  stops after a few minutes on the management server.

Error 5059:
Application pool SymantecEndpointEncryptionAppPool has been disabled. Windows Process Activation Service (WAS) encountered a failure when it started a worker process to serve the application pool.

Error 5057:
Application pool SymantecEndpointEncryptionAppPool has been disabled. Windows Process Activation Service (WAS) did not create a worker process to serve the application pool because the application pool identity is invalid.


Warning 5021:
The identity of application pool SymantecEndpointEncryptionAppPool is invalid. The user name or password that is specified for the identity may be incorrect, or the user may not have batch logon rights. If the identity is not corrected, the application pool will be disabled when the application pool receives its first request.  If batch logon rights are causing the problem, the identity in the IIS configuration store must be changed after rights have been granted before Windows Process Activation Service (WAS) can retry the logon. If the identity remains invalid after the first request for the application pool is processed, the application pool will be disabled. The data field contains the error number.

Information 5186:
A worker process with process id of '5088' serving application pool 'DefaultAppPool' was shutdown due to inactivity.  Application Pool timeout configuration was set to 20 minutes.  A new worker process will be started when needed.


Environment



Server 2008
Symantec Endpoint Encryption Full Disk v8.2.0 MP2


Cause



Unknown.  However, only recent change was Microsoft updates for the operating system on the management server.
For an unknown reason, the domain account lost the “logon as batch job” permissions.
 


Solution



Added domain user to group that has “logon as batch job” permissions.




Article URL http://www.symantec.com/docs/TECH190125


Terms of use for this information are found in Legal Notices