Video Screencast Help

How to perform Disaster Recovery without Database backup/Restore

Created: 27 Apr 2012 • Updated: 30 Apr 2012 | 5 comments
Simpson Homer's picture
+5 5 Votes
Login to vote


Symantec Endpoint Protection Manager

Embedded Database

Windows 2008 Server Operating System.



You have found that your Embedded database services are not starting. You tried running upgrade.bat and it did not help. Restarted the server, still no Luck. Then after checking the logs (scm server0.log and catalina.out) you see a couple of errors that it's not able to locate the Embedded database. In the Event Viewer your seeing errors like Assertion failure. You do not have an database backup's but you do have your Recovery Files in the Server Private Key backup Folder.



1) Uninstall the existing SEPM by going to Add/Remove or Programs and Features in Control Panel

You can remove the existing database as it’s of no use, Although if you may like you can keep the backup if it’s good.

And Finally Remove

Once the removal process is completed, It’s  advised that you reboot the machine, For those who cannot it would still be fine if your able to get through the re-install as well.

Now the Re-install process:

Make sure that you have a fresh copy of 12.1 RU1 Downloaded , extracted and ready.

Open the SEPM Folder and run the Setup.exe

A New Wizard would be launched , click Next and then Accept the Terms and then on the Third Page you would be given option to change the installation path from the existing Drive to another Drive.

And now Install.

Once this Wizard is completed, Another Wizard i.e. Management Server Configuration Wizard would be launched.

As you can see in the Above screen shot the recovery file from the Server private key backup is picked up automatically.

This Recovery file is the key file to get your clients back on the SEPM.

Select the best choice and click next.

Select the option of  Install My First Site and Click next.

All the Ports remain as default ones.

Only the first part of the details need to be filled if you’re a direct employee.

Another Important thing to be noted here is: The PASSWORD. The password that you would be creating here would be the DBA and the SEPM console password and it cannot be reset when you use resetpass.bat, Resetpass.bat is only meant for resetting the SEPM console password.

The Encryption password is another thing that gets picked up automatically from the recovery file.

And now finally the database Creation Starts

As soon as the database creation is completed, You would get the following screen allowing you to launch the SEPM and that completes the Disaster Recovery process and as soon as you login into SEPM, you would see all your existing clients coming back.

Comments 5 CommentsJump to latest comment

Chetan Savade's picture

Nice Article !!

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Login to vote
Simpson Homer's picture

Thank you Chetan.

Login to vote
ajhay.siingh's picture

Thank you Simpson for this nice article. Here quetion that SEP 12.1 has featrue to pickup automatically the private key backup and certificate, How it get info through the database which is already currupt. from where it get info from database which is not running? and how it restore all the settings? pls clarify this. And second question that this autimatic recovery feature only in SEP 12.1 ? what about 11.0 if same scenario there? about 11.0 as I know that to restore both the Server Private Key certificatea nd the database reqd to restore. Pls share knowledgebase


Ajay Singh



Login to vote
Simpson Homer's picture

How it get info through the database which is already currupt. from where it get info from database which is not running? and how it restore all the settings?

These settings are not a part of the database. They are a part of the Recovery file which is located in the Server Private Key Backup folder. The recovery file includes your Encryption password and the server and client communication certificates, through which the clients come back and communicate.

Without the database, you would loose the policies formed earlier and group formation that you had in the clients tab.

This feature is not available in version 11.0 it's only for version 12.1.671.4971 and above. For version 11.0 the process is the same old way.

Login to vote
Outrageous's picture

Hello Simpson I have a question regarding this would appreciate if you can answer

Login to vote