Hi,
I wonder if anyone has seen this issue before. I've seen several posts which are similar to this problem but none of the solutions worked for me. I log into my AV server and fire up Symantec Endpoint Protection Manager 11. The SEPM login screen appears so I specify my credentials and log in. The application begins to load, according to the progress bars, the application is thinking about it and the page briefly appears with the buttons for Home, Monitors, Reports etc. They then disappear and the login screen is back. I have tried resetting my password with Passwordreset.bat, I have checked my credentials for the sem5 database, tested the connection, reset IIS, added users to the permissions on IIS and moved the 8443 port up to 8444 and 8014 up to 8015 in conf.properties in case of a conflict with Symantec Backup Exec. I have also run repairs on SEPM in Add/Remove Programs and used the Management Server Configuration wizard to change the ports. I'm currently running a scan using the MS Malicious Software Removal tool to check for malware. The SEP icon shows up in the tray for some of the clients so hopefully they're still using autoprotect even if the Manager isn't running.
In Reporting.log, I see
ERROR 0001: IP address changed during session. Login is invalidated but this error doesn't seem to be documented. I've tested secars in the browser and it seems to be running. PHP is installed and I believe it's the version it should be. When I try to run
http://<servername>:8015/reporting/login/login.php
in the browser, a login screen appears, I give it the credentials and domain (appears to be 'Default'), hit OK and the page just goes blank and I get a page called
LOGOUT_SPM with url -
http://iobi-comms:8015/reporting/login/logoutSPM.php?ssc=1 in return.
I have also restarted the server and the relevent services. The eventlogs don't point to anything in particular apart from an update using Symantec Antivirus Win64.msi (which I have recently moved but from what I can see this machine is a 32 bit machine, so I don't think the problem could be caused by this msi). The eventlogs also say that svchost.exe has been blocking applications as part of Tamper Protection (hence my virus scan), but none of them seem to relate to SEPM.
Can you tell me if there is something that i'm missing here? I'm not even sure if a reinstall of the application would help since it doesn't seem to have worked for others so I'm hesitant to go down that route at the moment.
Many thanks in advance,
Justin Forde.