BSOD using Endpoint Protection 11.0.3001.2224
We're suspecting that the Endpoint Protection client is causing blue screens on virtually all machines on our network. A friend that is somewhat of an expert at analysing crash dumps, came to the conclusion that SRTSP.sys is most likely the culprit. The crash has a tendency to occur when users are using USB thumb drives and working on documents on that drive. However, in order to verify that Endpoint is actually to blame, we thought we would either uninstall it on a number of machines or upgrade to the latest version.
My first question. For some reason, the person who set this up set it up so that a password needs to be entered in order to uninstall the application. I have since unchecked that checkbox in the manager console on the server, but how do I push this information out to the clients? I figured changes in policies on the server would be distributed automatically, but that doesn't appear to be the case.
We're currently running MR2. How would I go about upgrading to MR5 (or RU5 as it's called for some reason)? I guess I would start by upgrading the server component. But how do I upgrade the clients after that?
As you probably understand by now, I'm not an expert on Endpoint. I find the manager console to be very confusing. Do I need to create new Install Packages after I've upgraded the server? Can't the clients be setup to automatically update themselves whenever there's a new version?
Cheers,
Rickard
Comments
try installing without NTP
try installing without NTP .and check
Upgrading to RU5 is a good
Upgrading to
RU5 is a good option
After
changing any policy in SEPM it will create a different policy sl. No.First u ensure that afer
removing the password you are having the same sl. In the client and in server
For
migrating to MR5 you can refer below doc
Migrating to Symantec Endpoint
Protection 11.0 RU5
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009090313483348
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Before I do anything, I need
Before I do anything, I need to disable the uninstall password requirement (if only I knew how). Are you saying that when I went into Client->Policies->General settings->Security Settings and unchecked "Require a password to uninstall the client", I created a new policy?
Yes I mean
Yes I mean
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
On the console, use Reports,
On the console, use Reports, Audit to see what policies are in place across your groups and locations. Note, at MR3 and earlier this may contain some junk - eg deleted groups and their policies may still be displayed.
Then Use Policies to edit the relevant Shared Policies. Or use Clients, Policies Tab to edit non-shared Policies. When you uncheck the "require password" box, the policy will be regenerated and the clients will receive it at their next heartbeat. So if the clients are in pull mode (Clients, Group , Policy Tab, Communication Settings) with a heartbeat of 1 hour, all online clients should be password free in a little over an hour. If you need a client to get the policy any earlier, check the console to see that the policy time stamp has updated, then request a policy update on the client to force it to talk to the management server.
Thank you very much for the
Thank you very much for the clear and concise instructions. Turns out, I had disabled the password requirement on the top level policy under Clients and this policy was not inhereted to the client that I was testing on. The heartbeat is set to 2 hours, so hopefully, within a coupld of hours, I should be able to verify that the policy has been applied.
Hi
As you mentioned you are running version MR3.
Here is the release notes check the fix ID
1480602
Upgrade to MR5 should fix the issue.
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007121216360648
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Actually, we're running MR2,
Actually, we're running MR2, not MR3, but maybe the fix you mentioned is the one we're after. I'm not sure this only happens when the computer is idle though, but it's worth a shot.
Is it safe to upgrade the server to RU5 even though we might not upgrade the clients immediately? I mean, do MR2 clients work with an RU5 server?
Yes it will work.
Yes
it will work.
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Would you like to reply?
Login or Register to post your comment.