Solution For Disconnecting Systems From the Network While Upgrading from Symantec Endpoint Protection v11 to v12 after SEPM v11-to-v12 Upgrade
When upgrading from SEP v11 to v12 after upgrading SEPM v11 to v12, we experienced loss of network connectivity. The system could not be identified. The following were attempted without any success:
- Remove new v12 using Symantec-provided "removal tool".
- Re-installed v11 after complete removal.
- Ensure that the "Upgrade settings" option was set to "Remove all previous logs and policies, and reset the client-server communications settings".
SEP v12 was also installed on a brand new system in order to observe behavior that was none-upgrade related. Results were still the same.
In addition to loss of network connectivity, the following symptoms were experienced:
- Client would not load on task bar.
- When attempt was made to initialized, it gave error indicating that pertinent services had stopped and needed to be restarted.
- Attempts to restart "Symantec..." services failed with error.
There seems to be a lingering option from v11 that needs to be disabled in order to make v12 work. This is found under "Application and Device Control Policies" and make sure "Protect client files and registry keys" is "unchecked". You also have to follow these steps when manually installing the v12 client:
- Login to system as administrator.
- Lower the "User Account Control" to "Never Notify" while installing.
- Move the v12 installer from server to local system.
- Right-click on the v12 client installer and "Run as administrator".
- Re-boot as often as requested by install.
Your v12 client should now run as expected.
The SEPM v11 to v12 upgrade did not end up working for us. A new SEPM v12 install was done on a new server, recreating previously configured policies. This worked flawlessly, and as a result have now almost completed all PC-based system SEP upgrades from v11 to v12. Focus will soon shift to Macs.