Endpoint Protection

 View Only

  • 1.  Client changing server/location

    Posted Dec 21, 2012 10:33 AM

    We are trying to implement a specific management server list (SEP-EUR) for a group (EUR). 

    The group currently only has 1 client (the management server - SEPM-EUR) and 2 locations. 

    There is only 1 management server in the SEP-EUR server list.

    We have a second management server list (SEP-NA) with two management servers (SEPM-NA1, SEPM-NA2).

    We set the policy for the EUR group to point the management server list in the Communications Settings to SEP-EUR.

    The SEPM-EUR client is quickly changing management server to self-managed, SEPM-EUR, SEPM-NA1 and SEPM-NA2.  The behavior can be seen in the troubleshooting window.

    Changing the policy for the EUR group to point the management server list in the Communications Settings to SEP-NA or Default Management Server List stablizes the SEPM-EUR client management server to one of the three servers.

     

    What am I missing in the setup of the management list server or group policy?  Is it something wrong on the SEPM-EUR server?

     

    Thanks for the help.

    SEPM 12.1.1 RU1 MP1

    SEP 12.1.1 RU1 MP1



  • 2.  RE: Client changing server/location

    Posted Dec 21, 2012 10:42 AM

    What did you set the priority to for SEPM-NA1 and SEPM-NA2? Are they set to Priority 2?



  • 3.  RE: Client changing server/location

    Posted Dec 21, 2012 10:53 AM

    Can you give us a bit more info about your environment as well please?  Are these two separate SEP Sites, or one single site spanning the WAN?

    It's worth noting the SEP infrastructure must be either replicating / load balancing (as described above), or the SEPM-EUR having been built following DR processes, in order to switch management using MSLs.

    If not setup with one of these scenarios you'll have to change the client's communciations file to get it reporting to SEPM-EUR.



  • 4.  RE: Client changing server/location

    Posted Dec 21, 2012 10:57 AM

    SEPM-NA1/2 are not listed in the SEP-EUR management server list. 

    Only 1 site.

    The SEPM-EUR is new SEPM server.



  • 5.  RE: Client changing server/location
    Best Answer

    Posted Dec 21, 2012 11:02 AM

    If SEPM-EUR was not built using the DR processes, then there is not way to switch the client from the NA servers to SEPM-EUR using the MSLs alone.

    You must change the sylink file as described below:

    http://www.symantec.com/docs/TECH157585



  • 6.  RE: Client changing server/location

    Posted Dec 21, 2012 11:38 AM

    Thanks for the quick replies...after importing the sylink using method 2 the client is staying connected to the SEPM-EUR.   On to the next problem!