Required tools to troubleshoot DLP Endpoint agents v11
Hi All,
Please find the required tools to troubleshoot the DLP Endpoint agents v11.
Note: Make sure that you extract them either using WinRar or 7 zip.
Short Description of tools that are included here:
1) Vontu_sqlite3.exe: This utility provides a SQL interface that enables you to view or modify the encrypted database files that the Symantec DLP Agent uses. Use this tool when you want to investigate or make changes to the Symantec Data Loss Prevention files.
2) Service_Shutdown.exe: This utility enables an administrator to turn off both the agent and the watchdog services on an endpoint computer. (As a tamper-proofing measure, it is not possible for a user to stop either the agent or the watchdog service.)
3) DeviceID.exe: You can use this utility to extract Device Instance ID strings. This utility also reports what devices the system can recognize for detection.
4) Logdump.exe: This tool lets you view the Symantec DLP Agent extended log files, which are hidden for security reasons.
5) GetAppInfo.exe: This utility helps in Application monitoring
6) RegDLPAgentmgmt.exe: This tool can be used to unregistering the DLP IC Agent plug-in.
7)UninstallPwdKeyGenerator.exe: This tool is used to generate the value you use for UNINSTALLPASSWORDKEY within the Install_Agent.bat file. The tool must be in the same directory as PGPsdk.dll.
8) Update_configuration.exe: This tools helps in debugging.
For Example: update_configuration.exe -name=Logging -setting=FileSystemConnectorLevel -type=str -value=FINEST -p=VontuStop
Comments 8 Comments • Jump to latest comment
Can we use Service_Shutdown.exe for multiple Agents at a time.???
Regards,
Avkash K
No, you have to run this from agent's folder
Thanks,
-Syed Hussain
On page 1202 of the 11.5 manual it says "create your own key using the 'endpointkeytool' utility". I do not see this utility in 11.5 or 11.1. Is this the same as the "UninstallPwdKeyGenerator.exe" tool? If you specify an uninstall password, do you have to specify a key as well?
Thanks,
Aaron
If this post has helped you, please vote up or mark as solution to help others looking for the same data.
Okay, found the keytool on the Enforce server. But the other question of if you supply an uninstall password, is the key still needed?
Thanks,
Aaron
If this post has helped you, please vote up or mark as solution to help others looking for the same data.
Can I move one endpoint agent from one EP server having a different encryption key without the need to uninstall the agent?
Objective: move one agent/machine which is experiencing some issues to a LAB environment where we can further debug and analyze errors.
Example:
Current Server values obtained using sqlite3:
AggregatorCommunicator|AESKey|str|EncryptionKey_ProdServer
AggregatorCommunicator|AggregatorHost|str|FQDN_Prod_EPServer
update_configuration.exe -name=AggregatorCommunicator -setting=AggregatorHost -type=str -value=FQDN_NewServer
update_configuration.exe -name=AggregatorCommunicator -setting=AESKey -type=str -value=EncryptionKEY_NewServer
Hi All,
Need to uninstall DLP agent from the client machine.
1. I have uninstall the DLP agent from client via DLP console. The agent is not more in the DLP enforce list but when i want to install another agent on the same client it gives me error that you already have updated version of agent installed.
2. Means agent is uninstalled from ENFORCE Console but still installed on client.
3. Want to uninstall the agent manully on client machine.
commands that i have used for uninstallation
msiexec /uninstall {BC705572-C8CD-49e4-9693-BDC8E4D35570} /q
msiexec /uninstall {2AF3B399-42A5-42bd-A5E0-72B657110363} /q
But still it didnt work. any utillity that can be used.
Regards,
Kashif Sohail
Nice information.
Does UninstallPwdKeyGenerator.exe work for 11.6.2 and are these files available from Fileconnect?
Would you like to reply?
Login or Register to post your comment.