Endpoint Protection

Hi,
I am trying to deploy a managed client using SEM to machines in my network. Trying to push it via SEM, and finding unamanged computers it fails on the install
When i run the export the exe it fails to install and does not give me any reason why it's failed. but if export the client and install the package on the server the client installs successfully. I have some communication problem  between the client and the management server but down know what exactly.

Also when setting up my management server if i try to connect to localhost:8014 or from my client i get a HTTP 402 error "the website requires a login"

i dont know if the IIS login problem and the client are linked but i need help!!!!

You're on the right track, as this would most likely relate to permissions configuration.

If you suspect there is an issue with the IUSR account permissions a quick test you can perform is to replace the IUSR account on the Symantec Web Server with a domain administrator account. Once replaced restart IIS and see if your clients begin to communicate. If so than there are permissions issues with the IUSR account. It would not be recommended to keep the administrator account in IIS however as this would present a security risk. Also enabling IIS logging for the Symantec Web Server may be useful as it will allow logging of the error code and may include a sub code, something like 402 1 for example.

It would also be helpful to run our SEP Support Tool on the SEPM server. Generally this will locate errors and provide you with a document to help resolve the issue. If you are not able to locate the cause of the issue you may save a full report and provide us with the data. We can then review this and let you know what is discovered.

The SST can be downloaded directly from RU5 and newer clients from the Help and Support button. I've also included a document link below for this tool.

About the Symantec Endpoint Protection Support Tool
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008120810393048

Hi Kurt,

From where do i change the IUSR account permissions from?
i am running SEM on Windows 2008r2 and running IIS 7.0

i have attached the the report from the support tool. i have to rename it from sdbz to zip as it would not allow me to upload the file so please rename it to access it.

the report identifies the following error in IIS:

"The user identify for the DefaultAppPool is set to User us UserNameWAM. it should be set to Network Service or Local System"

Your help is appreciated

Thanks

Try this once
Click Start > Control Panel > gpedit.msc
Go to Windows settings> Security settings > Local policies> User rights assignment.
Edit Adjust Memory Quotas for a Process and Replace a Process Level Token, and add Network Service to the two policies.
Restart the computer after applying the changes.

Hi Aravind

I have checked both local policies and Network Service is on both, Still getting the error
can you tell me should i be able to access http://localhost:8014 from the server or from a remote machine without getting the HTTP403 Forbidden "website requires you to login"

i have also changed the IIS setting default pool user to Local system, but still no joy...didnt think this would be as hard as this to setup :-)

please help!!!

not sure if this has anything to do with it but becuase i have SEM on a 64 bit machine i was getting the error communication to reporting component and followed these link to solve that problem, which works not sure if this has anything to do with my current problem

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008021900094548

http://service1.symantec.com/support/ent-security.nsf/docid/2008110803510948?Open&seg=ent

Which is the SEPM version?
Which is the OS of SEPM?

SEMP 11.0.4000.2995
Windows 2008 r2 64 bit

I think this is the route cause of the issue .In windows 2008 if you can install SEP/SEPM if it is RU5(11.0.5) or above only.Upgrade to RU6.

so you suggest i upgrade to 11.6? is that the latest version for SEP/SEPM?

I can give that a go. Have you had this problem before? Sureley 11.4 was also build for 2008?

Have a look at release notes as per that support to 2008 they added in 11.0.5 version only.
Release Notes for Symantec Endpoint Protection 11.0.x and Symantec Network Access Control 11.0.x

Have to agree with Aravind on this one. 
Upgrade.
Latest version is now, 11 MR6 MP1.

One more thing, ensure that you are only installing the AV/AS components on the server.

No point in installing the NTP, etc. components.  They will cause you more trouble than it's worth and you will need to uninstall them later anyways.
Of course, this is for the "client" portion installed locally on the machine.

Cheers.