How to use SylinkDrop to make all SEP Clients on the network managed (Alternative to SylinkReplacer)
Sylink drop can be used on individual machines to make them managed where as SylinkReplacer is designed to be run from a machine to find SEP clients on the network and force them to be managed. Recently I have found that the replacer tool to be less and less effective at finding clients on the network particularly Windows 7 clients. I have also found the tool to be painfully slow at scanning IP ranges to find the clients in the first place.
As a workaround I have found it much more reliable to use the sylinkdrop tool in conjunction with psexec to set all computers on the network to be managed by a SEP server. To do this you will need to set up a share on the machine you are running the commands from with read access to everyone on the domain.
In this example the share I created was called “sylink” on the server AVSRV001. In the share you need the following files:
- sylinkdrop.exe (scroll to bottom to find more info)
- sylink.xml (found in - "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection" copy the file from a working manged client or the server and paste into the folder share)
- drop.cmd (provided in download)
- replace_domain.bat (provided in download)
In the drop.cmd file you will need to modify the server and share name in your file to match up with the shares you created. To edit right click and go to edit, also you won't have to run this file.
Once all the above is setup you can use the psexec command (available to download as part of the PsTools package by sysinternals from here)
Then simply run the following file replace_domain.bat
But first -
You will need to modify the server and share name in your file to match up with the shares you created. To edit right click and go to edit.
Also you will need to change domain\username to your domain name and an admin user and you will change password to the password matching the admin user. Now you can run the replace_domain.bat file
The file will enumerate all the computers in AD and then try to remotely execute the drop.cmd command on each of them. This will of course fail for computers which either don’t exist or are not present or switched on, so you may want to make a note of which clients fail (just watch the output of the command to collect these).
Where can I download / get Sylink Drop
Well sylinkdrop is not publically available from Symantec to download, however it is on your installation media in the following folder:
If you have lost your installation media providing you have an active subscription you should be able to log in to fileconnect.symantec.com with your serial number on your certificate and download the latest version (which will include sylinkdrop).