Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

client policy not apply

Created: 09 Mar 2014 • Updated: 12 Mar 2014 | 6 comments
This issue has been solved. See solution.

I move the client from full USB restriction group to full access. Confirm from the user USB still shown as block for access?
How to troubleshoot this problem?
User is on senior profile so help me?

Comments 6 CommentsJump to latest comment

technical_specialist's picture

Have you check the client status is online?

When you change the group of client can you check the new policy on client is implement or match with new group

Symantec Endpoint Protection: Troubleshooting Client/Server Connectivity

Article:TECH105894  |  Created: 2008-01-12  |  Updated: 2013-02-08  |  Article URL

Troubleshooting Policy Changes

Article:TECH105907  |  Created: 2008-01-15  |  Updated: 2010-08-13  |  Article URL

To check the policy serial number at the server

    1. Login to the Symantec Endpoint Protection Manager console
    2. Select the Clients button on the left margin
    3. Select the client group that contains the client that has the issue
    4. Select the Details tab in the right hand pane
    5. Copy down the policy serial number.

      Example: E0C4-01/09/2008 14:39:16 311

To check the policy serial number in use at the client

    1. Launch Symantec Endpoint Protection from the System Tray icon or the Start menu
    2. Select View logs button
    3. Select the View Logs button to the right of Client Management and select the System Log
    4. Select the Filter from the main menu and select Show All Logs
    5. Browse for the most recent entry labelled "Applied new policy with serial number..."
    6. Compare the serial number with the serial number shown in the Symantec Endpoint Protection Manager console

      Example: E0C4-01/09/2008 14:39:16 311

AjinBabu's picture


Check the policy serial number and if ti is not mathing with the Group erial number update the client.



bkpatra's picture

Client is offline. User is in abroad and system is connected with WiFi connection.
I think it can be reason that policy not be applied because user is not in local VLAN.
How to enable on that system?
Can I stop the service to run the USB?

technical_specialist's picture

No need to stop the service. You can transfer the full acess policy to user on mail and other source which are present for connection.

How to Export and Import a Symantec Endpoint Protection client policy

Article:TECH190053  |  Created: 2012-05-31  |  Updated: 2012-06-07  |  Article URL
Rafeeq's picture

He is right, you need to export the policy from a working client

attach that xml file in an email and instruct the user about how to apply it..

or else

go to add/remove programs, select SEP, select modify

remove NTP