Failed SEP installs?
Updated: 22 May 2010 | 15 comments
This issue has been solved. See solution.
I've run into an issue with SEP installations.
In particular, we pushed SEP via SCCM. The install does go thru however the PC does not show up in SEPM and when I check the PC it shows the yellow shield but no green dot to indicate it is managed. I've reinstalled, ran cleanwipe, even tried sylink drop to replace sylink but it will not managed. This user does have an ecrypted drive so I'm not sure that matters. If I need to post more info, please let me know but I'm at a loss for the cause of this. Event logs don't give me much info either
Discussion Filed Under:
Comments
What version of SEPM have you
What version of SEPM have you installed the latest is 11.0.5002.xxx
As SEPM would be installed on port 8014 so are you able to telnet from the client to the server on port 8014. Is the windows firewall ON.
Will it be possible for you to run Sylinkmonitor and post the logs here.
https://www-secure.symantec.com/connect/articles/how-capture-sep-sepm-communication-logs-sylinkmonitor-mr3-onwards-troubleshooting-communica
On the client if you go to help and support-- troubleshooting
does it point to right group
server status shows offline or self-managed.
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
(No subject)
Windows firewall is off. Cannot telnet as it is not allowed for security purposes. Running SEP 11.0.4202.75.
The GROUP is empty
Location awareness disabled
Server shows as offline
Here is the log:
10/14 15:49:14 [4072] <ScheduleNextUpdate>Manually assigned heartbeat=1 seconds
10/14 15:49:15 [1096] <CheckHeartbeatTimer>====== Heartbeat loop starts at 15:49:15 ======
10/14 15:49:15 [1096] <GetOnlineNicInfo>:Netport Count=1
10/14 15:49:15 [1096] <GetOnlineNicInfo>:NicInfo<SSANICs><SSANIC Ip="10.1.174.75" Mac="00-21-70-d7-ca-80" Gateway="10.1.174.254" SubnetMask="0.0.0.0"/></SSANICs>
10/14 15:49:15 [1096] <CalcAgentHashKey>:CH=AD935C470A01128001E5424BA434F4AF100052443-XPLcbi.ch1b.cbiepc.comDD77893E0565E0301AC9E2BF86089E4A
10/14 15:49:15 [1096] <CalcAgentHashKey>:CHKey=DF305CFD38E2E8E29280CCACD8FC596C
10/14 15:49:15 [1096] <CalcAgentHashKey>:C=AD935C470A01128001E5424BA434F4AF100052443-XPLcbi.ch1b.cbiepc.com
10/14 15:49:15 [1096] <CalcAgentHashKey>:CKey=A8C1655CE0AA5391EBD7B51E1E226D7C
10/14 15:49:15 [1096] <CalcAgentHashKey>:UCH=AD935C470A01128001E5424BA434F4AF0ELKINTBCBI.CH1B.CBIEPC.COM00052443-XPLcbi.ch1b.cbiepc.comDD77893E0565E0301AC9E2BF86089E4A
10/14 15:49:15 [1096] <CalcAgentHashKey>:UCHKey=D04372D2C56214DC96EE72BDA972796D
10/14 15:49:15 [1096] <CalcAgentHashKey>:UC=AD935C470A01128001E5424BA434F4AF0ELKINTBCBI.CH1B.CBIEPC.COM00052443-XPLcbi.ch1b.cbiepc.com
10/14 15:49:15 [1096] <CalcAgentHashKey>:UCKey=2D0496AF4EC138CA1F646B042923707E
10/14 15:49:15 [1096] <DoHeartbeat>HardwareID=DD77893E0565E0301AC9E2BF86089E4A
10/14 15:49:15 [1096] <DoHeartbeat>CHKey=DF305CFD38E2E8E29280CCACD8FC596C
10/14 15:49:15 [1096] <DoHeartbeat>CKey=A8C1655CE0AA5391EBD7B51E1E226D7C
10/14 15:49:15 [1096] <DoHeartbeat>UCHKey=D04372D2C56214DC96EE72BDA972796D
10/14 15:49:15 [1096] <DoHeartbeat>UCKey=2D0496AF4EC138CA1F646B042923707E
10/14 15:49:15 [1096] <DoHeartbeat> Set heartbeat event
10/14 15:49:15 [1096] Use new configuration
10/14 15:49:15 [1096] <RegHeartbeatProc>====== Reg Heartbeat loop starts at 15:49:15 ======
10/14 15:49:16 [1096] HEARTBEAT: Check Point 1
10/14 15:49:16 [1096] <GetFirstSEMServer> Selecting a random server
10/14 15:49:16 [1096] <GetFirstServer> Using server '10.1.18.128'
10/14 15:49:16 [1096] HEARTBEAT: Check Point 2
10/14 15:49:16 [1096] <PostEvent>going to post event=EVENT_SERVER_CONNECTING
10/14 15:49:16 [1096] <PostEvent>done post event=EVENT_SERVER_CONNECTING, return=0
10/14 15:49:16 [1096] HEARTBEAT: Check Point 3
10/14 15:49:16 [1096] <RegHeartbeatProc>Setting the session timeout on Profile Session (Registration) to 30000
10/14 15:49:16 [1096] HEARTBEAT: Check Point 4
10/14 15:49:16 [1096] <RegHeartbeatProc>===Registration STAGE===
10/14 15:49:16 [1096] <MakeRegisterData:>logon id (domain/user)=CBI.CH1B.CBIEPC.COM/ELKINTB
10/14 15:49:16 [1096] <MakeRegisterData:>XML data: <?xml version="1.0" encoding="UTF-8" ?><SSARegData NameSpace="rpc"><AgentInfo DomainID="AD935C470A01128001E5424BA434F4AF" AgentType="105" UserDomain="CBI.CH1B.CBIEPC.COM" LoginUser="ELKINTB" ComputerDomain="cbi.ch1b.cbiepc.com" ComputerName="00052443-XPL" PreferredGroup="Myompany ‹Default 6.85786E-289roup" PreferredMode="1" HardwareKey="DD77893E0565E0301AC9E2BF86089E4A" SiteDomainName=""/>
<SSAHostInfo><NetworkIdentity UserDomain="CBI.CH1B.CBIEPC.COM" LogonUser="ELKINTB" HostDomain="cbi.ch1b.cbiepc.com" HostName="00052443-XPL" HostDesc="" />
<SSAProduct Version="11.0.4202.75" />
<SSAOS Version="5.1.2600" Desc="Windows 41ABCB8PProfessional" Type="17105154" ServicePack="ServicePack"/>
<Processor ProcessorType="x86 0x1.6bbb46p+536mily%20Model%20Stepping" ProcessorClock="2526" ProcessorNum="2"/>
<Memory Size="2134736896"/>
<BIOS Version="DELL%20-
<TpmDevice Id="0"/>
<SSAProfile Version="0.0.0" SerialNumber=""/>
<SSAIDS Version="" SerialNumber=""/>
<SSAUTC Bias="360" />
<DNSs><DNS Address="10.1.170.38"/><DNS Address="10.1.170.16"/></DNSs>
<WINSs><WINS Address="10.1.17.128"/><WINS Address="10.15.31.16"/></WINSs>
<DHCPServer Address="10.1.170.38"/><SSANICs><SSANIC Ip="10.1.174.75" Mac="00-21-70-d7-ca-80" Gateway="10.1.174.254" SubnetMask="0.0.0.0"/></SSANICs>
</SSAHostInfo>
</SSARegData>
10/14 15:49:16 [1096] <SyLink>[MakeRegisterData] registration Hardware Key=DD77893E0565E0301AC9E2BF86089E4A
10/14 15:49:16 [1096] ************Reg CSN=35
10/14 15:49:16 [1096] <mfn_GenPostData (for Registration):>Request is: s_origin_length: 1343
s_session_id: DD77893E0565E0301AC9E2BF86089E4A
Sygate-SSN: 35
<?xml version="1.0" encoding="UTF-8" ?><SSARegData NameSpace="rpc"><AgentInfo DomainID="AD935C470A01128001E5424BA434F4AF" AgentType="105" UserDomain="CBI.CH1B.CBIEPC.COM" LoginUser="ELKINTB" ComputerDomain="cbi.ch1b.cbiepc.com" ComputerName="00052443-XPL" PreferredGroup="Myompany ‹Default 6.83885E-289roup" PreferredMode="1" HardwareKey="DD77893E0565E0301AC9E2BF86089E4A" SiteDomainName=""/>
<SSAHostInfo><NetworkIdentity UserDomain="CBI.CH1B.CBIEPC.COM" LogonUser="ELKINTB" HostDomain="cbi.ch1b.cbiepc.com" HostName="00052443-XPL" HostDesc="" />
<SSAProduct Version="11.0.4202.75" />
<SSAOS Version="5.1.2600" Desc="Windows 41AA9C0PProfessional" Type="17105154" ServicePack="ServicePack"/>
<Processor ProcessorType="x86 0x1.6a84c6p+536mily%20Model%20Stepping" ProcessorClock="2526" ProcessorNum="2"/>
<Memory Size="2134736896"/>
<BIOS Version="DELL%20-
<TpmDevice Id="0"/>
<SSAProfile Version="0.0.0" SerialNumber=""/>
<SSAIDS Version="" SerialNumber=""/>
<SSAUTC Bias="360" />
<DNSs><DNS Address="10.1.170.38"/><DNS Address="10.1.170.16"/></DNSs>
<WINSs><WINS Address="10.1.17.128"/><WINS Address="10.15.31.16"/></WINSs>
<DHCPServer Address="10.1.170.38"/><SSANICs><SSANIC Ip="10.1.174.75" Mac="00-21-70-d7-ca-80" Gateway="10.1.174.254" SubnetMask="0.0.0.0"/></SSANICs>
</SSAHostInfo>
</SSARegData>
10/14 15:49:16 [1096] <SendRegistrationRequest:>http://10.1.18.128:80 [encrypted data]
10/14 15:49:16 [1096] <ParseErrorCode:>0=>Unknown error code.
10/14 15:49:16 [1096] <SendRegistrationRequest:>SMS return=0
10/14 15:49:16 [1096] <ParseHTTPStatusCode:>0=>Uninterpreted Status
10/14 15:49:16 [1096] <SendRegistrationRequest:>ERR to query content length
10/14 15:49:16 [1096] <SendRegistrationRequest:>Content Lenght =>
10/14 15:49:16 [1096] HTTP returns status code=0
10/14 15:49:16 [1096] <SendRegistrationRequest:>RECEIVE STAGE COMPLETED
10/14 15:49:16 [1096] <SendRegistrationRequest:>COMPLETED, returned 5
10/14 15:49:16 [1096] HEARTBEAT: Check Point 5.1
10/14 15:49:16 [1096] <RegHeartbeatProc>switch to another server
10/14 15:49:16 [1096] HEARTBEAT: Check Point 9
10/14 15:49:16 [1096] HEARTBEAT: Check Point 8
10/14 15:49:16 [1096] <PostEvent>going to post event=EVENT_SERVER_DISCONNECTED
10/14 15:49:16 [1096] <PostEvent>done post event=EVENT_SERVER_DISCONNECTED, return=0
10/14 15:49:16 [1096] HEARTBEAT: Check Point 1
10/14 15:49:16 [1096] HEARTBEAT: Check Point 2
10/14 15:49:16 [1096] <PostEvent>going to post event=EVENT_SERVER_CONNECTING
10/14 15:49:16 [1096] <PostEvent>done post event=EVENT_SERVER_CONNECTING, return=0
10/14 15:49:16 [1096] HEARTBEAT: Check Point 3
10/14 15:49:16 [1096] <RegHeartbeatProc>Setting the session timeout on Profile Session (Registration) to 30000
10/14 15:49:16 [1096] HEARTBEAT: Check Point 4
10/14 15:49:16 [1096] <RegHeartbeatProc>===Registration STAGE===
10/14 15:49:16 [1096] <MakeRegisterData:>logon id (domain/user)=CBI.CH1B.CBIEPC.COM/ELKINTB
10/14 15:49:16 [1096] <MakeRegisterData:>XML data: <?xml version="1.0" encoding="UTF-8" ?><SSARegData NameSpace="rpc"><AgentInfo DomainID="AD935C470A01128001E5424BA434F4AF" AgentType="105" UserDomain="CBI.CH1B.CBIEPC.COM" LoginUser="ELKINTB" ComputerDomain="cbi.ch1b.cbiepc.com" ComputerName="00052443-XPL" PreferredGroup="Myompany ‹Default 6.85786E-289roup" PreferredMode="1" HardwareKey="DD77893E0565E0301AC9E2BF86089E4A" SiteDomainName=""/>
<SSAHostInfo><NetworkIdentity UserDomain="CBI.CH1B.CBIEPC.COM" LogonUser="ELKINTB" HostDomain="cbi.ch1b.cbiepc.com" HostName="00052443-XPL" HostDesc="" />
<SSAProduct Version="11.0.4202.75" />
<SSAOS Version="5.1.2600" Desc="Windows 41ABCB8PProfessional" Type="17105154" ServicePack="ServicePack"/>
<Processor ProcessorType="x86 0x1.6bbb46p+536mily%20Model%20Stepping" ProcessorClock="2526" ProcessorNum="2"/>
<Memory Size="2134736896"/>
<BIOS Version="DELL%20-
<TpmDevice Id="0"/>
<SSAProfile Version="0.0.0" SerialNumber=""/>
<SSAIDS Version="" SerialNumber=""/>
<SSAUTC Bias="360" />
<DNSs><DNS Address="10.1.170.38"/><DNS Address="10.1.170.16"/></DNSs>
<WINSs><WINS Address="10.1.17.128"/><WINS Address="10.15.31.16"/></WINSs>
<DHCPServer Address="10.1.170.38"/><SSANICs><SSANIC Ip="10.1.174.75" Mac="00-21-70-d7-ca-80" Gateway="10.1.174.254" SubnetMask="0.0.0.0"/></SSANICs>
</SSAHostInfo>
</SSARegData>
10/14 15:49:16 [1096] <SyLink>[MakeRegisterData] registration Hardware Key=DD77893E0565E0301AC9E2BF86089E4A
10/14 15:49:16 [1096] ************Reg CSN=36
10/14 15:49:16 [1096] <mfn_GenPostData (for Registration):>Request is: s_origin_length: 1343
s_session_id: DD77893E0565E0301AC9E2BF86089E4A
Sygate-SSN: 36
<?xml version="1.0" encoding="UTF-8" ?><SSARegData NameSpace="rpc"><AgentInfo DomainID="AD935C470A01128001E5424BA434F4AF" AgentType="105" UserDomain="CBI.CH1B.CBIEPC.COM" LoginUser="ELKINTB" ComputerDomain="cbi.ch1b.cbiepc.com" ComputerName="00052443-XPL" PreferredGroup="Myompany ‹Default 6.83885E-289roup" PreferredMode="1" HardwareKey="DD77893E0565E0301AC9E2BF86089E4A" SiteDomainName=""/>
<SSAHostInfo><NetworkIdentity UserDomain="CBI.CH1B.CBIEPC.COM" LogonUser="ELKINTB" HostDomain="cbi.ch1b.cbiepc.com" HostName="00052443-XPL" HostDesc="" />
<SSAProduct Version="11.0.4202.75" />
<SSAOS Version="5.1.2600" Desc="Windows 41AA9C0PProfessional" Type="17105154" ServicePack="ServicePack"/>
<Processor ProcessorType="x86 0x1.6a84c6p+536mily%20Model%20Stepping" ProcessorClock="2526" ProcessorNum="2"/>
<Memory Size="2134736896"/>
<BIOS Version="DELL%20-
<TpmDevice Id="0"/>
<SSAProfile Version="0.0.0" SerialNumber=""/>
<SSAIDS Version="" SerialNumber=""/>
<SSAUTC Bias="360" />
<DNSs><DNS Address="10.1.170.38"/><DNS Address="10.1.170.16"/></DNSs>
<WINSs><WINS Address="10.1.17.128"/><WINS Address="10.15.31.16"/></WINSs>
<DHCPServer Address="10.1.170.38"/><SSANICs><SSANIC Ip="10.1.174.75" Mac="00-21-70-d7-ca-80" Gateway="10.1.174.254" SubnetMask="0.0.0.0"/></SSANICs>
</SSAHostInfo>
</SSARegData>
10/14 15:49:16 [1096] <SendRegistrationRequest:>http://Plainfield-sep1:80 [encrypted data]
10/14 15:49:16 [1096] <ParseErrorCode:>0=>Unknown error code.
10/14 15:49:16 [1096] <SendRegistrationRequest:>SMS return=0
10/14 15:49:16 [1096] <ParseHTTPStatusCode:>0=>Uninterpreted Status
10/14 15:49:16 [1096] <SendRegistrationRequest:>ERR to query content length
10/14 15:49:16 [1096] <SendRegistrationRequest:>Content Lenght =>
10/14 15:49:16 [1096] HTTP returns status code=0
10/14 15:49:16 [1096] <SendRegistrationRequest:>RECEIVE STAGE COMPLETED
10/14 15:49:16 [1096] <SendRegistrationRequest:>COMPLETED, returned 5
10/14 15:49:16 [1096] HEARTBEAT: Check Point 5.1
10/14 15:49:16 [1096] <RegHeartbeatProc>switch to another server
10/14 15:49:16 [1096] HEARTBEAT: Check Point 9
10/14 15:49:16 [1096] HEARTBEAT: Check Point 8
10/14 15:49:16 [1096] <PostEvent>going to post event=EVENT_SERVER_DISCONNECTED
10/14 15:49:16 [1096] <PostEvent>done post event=EVENT_SERVER_DISCONNECTED, return=0
10/14 15:49:17 [1096] HEARTBEAT: Check Point 1
10/14 15:49:17 [1096] HEARTBEAT: Check Point 2
10/14 15:49:17 [1096] <PostEvent>going to post event=EVENT_SERVER_CONNECTING
10/14 15:49:17 [1096] <PostEvent>done post event=EVENT_SERVER_CONNECTING, return=0
10/14 15:49:17 [1096] HEARTBEAT: Check Point 3
10/14 15:49:17 [1096] <RegHeartbeatProc>Setting the session timeout on Profile Session (Registration) to 30000
10/14 15:49:17 [1096] HEARTBEAT: Check Point 4
10/14 15:49:17 [1096] <RegHeartbeatProc>===Registration STAGE===
10/14 15:49:17 [1096] <MakeRegisterData:>logon id (domain/user)=CBI.CH1B.CBIEPC.COM/ELKINTB
10/14 15:49:17 [1096] <MakeRegisterData:>XML data: <?xml version="1.0" encoding="UTF-8" ?><SSARegData NameSpace="rpc"><AgentInfo DomainID="AD935C470A01128001E5424BA434F4AF" AgentType="105" UserDomain="CBI.CH1B.CBIEPC.COM" LoginUser="ELKINTB" ComputerDomain="cbi.ch1b.cbiepc.com" ComputerName="00052443-XPL" PreferredGroup="Myompany ‹Default 6.85786E-289roup" PreferredMode="1" HardwareKey="DD77893E0565E0301AC9E2BF86089E4A" SiteDomainName=""/>
<SSAHostInfo><NetworkIdentity UserDomain="CBI.CH1B.CBIEPC.COM" LogonUser="ELKINTB" HostDomain="cbi.ch1b.cbiepc.com" HostName="00052443-XPL" HostDesc="" />
<SSAProduct Version="11.0.4202.75" />
<SSAOS Version="5.1.2600" Desc="Windows 41ABCB8PProfessional" Type="17105154" ServicePack="ServicePack"/>
<Processor ProcessorType="x86 0x1.6bbb46p+536mily%20Model%20Stepping" ProcessorClock="2526" ProcessorNum="2"/>
<Memory Size="2134736896"/>
<BIOS Version="DELL%20-
<TpmDevice Id="0"/>
<SSAProfile Version="0.0.0" SerialNumber=""/>
<SSAIDS Version="" SerialNumber=""/>
<SSAUTC Bias="360" />
<DNSs><DNS Address="10.1.170.38"/><DNS Address="10.1.170.16"/></DNSs>
<WINSs><WINS Address="10.1.17.128"/><WINS Address="10.15.31.16"/></WINSs>
<DHCPServer Address="10.1.170.38"/><SSANICs><SSANIC Ip="10.1.174.75" Mac="00-21-70-d7-ca-80" Gateway="10.1.174.254" SubnetMask="0.0.0.0"/></SSANICs>
</SSAHostInfo>
</SSARegData>
10/14 15:49:17 [1096] <SyLink>[MakeRegisterData] registration Hardware Key=DD77893E0565E0301AC9E2BF86089E4A
10/14 15:49:17 [1096] ************Reg CSN=37
10/14 15:49:17 [1096] <mfn_GenPostData (for Registration):>Request is: s_origin_length: 1343
s_session_id: DD77893E0565E0301AC9E2BF86089E4A
Sygate-SSN: 37
<?xml version="1.0" encoding="UTF-8" ?><SSARegData NameSpace="rpc"><AgentInfo DomainID="AD935C470A01128001E5424BA434F4AF" AgentType="105" UserDomain="CBI.CH1B.CBIEPC.COM" LoginUser="ELKINTB" ComputerDomain="cbi.ch1b.cbiepc.com" ComputerName="00052443-XPL" PreferredGroup="Myompany ‹Default 6.83885E-289roup" PreferredMode="1" HardwareKey="DD77893E0565E0301AC9E2BF86089E4A" SiteDomainName=""/>
<SSAHostInfo><NetworkIdentity UserDomain="CBI.CH1B.CBIEPC.COM" LogonUser="ELKINTB" HostDomain="cbi.ch1b.cbiepc.com" HostName="00052443-XPL" HostDesc="" />
<SSAProduct Version="11.0.4202.75" />
<SSAOS Version="5.1.2600" Desc="Windows 41AA9C0PProfessional" Type="17105154" ServicePack="ServicePack"/>
<Processor ProcessorType="x86 0x1.6a84c6p+536mily%20Model%20Stepping" ProcessorClock="2526" ProcessorNum="2"/>
<Memory Size="2134736896"/>
<BIOS Version="DELL%20-
<TpmDevice Id="0"/>
<SSAProfile Version="0.0.0" SerialNumber=""/>
<SSAIDS Version="" SerialNumber=""/>
<SSAUTC Bias="360" />
<DNSs><DNS Address="10.1.170.38"/><DNS Address="10.1.170.16"/></DNSs>
<WINSs><WINS Address="10.1.17.128"/><WINS Address="10.15.31.16"/></WINSs>
<DHCPServer Address="10.1.170.38"/><SSANICs><SSANIC Ip="10.1.174.75" Mac="00-21-70-d7-ca-80" Gateway="10.1.174.254" SubnetMask="0.0.0.0"/></SSANICs>
</SSAHostInfo>
</SSARegData>
10/14 15:49:17 [1096] <SendRegistrationRequest:>http://10.1.18.170:8014 [encrypted data]
10/14 15:49:17 [1096] <ParseErrorCode:>0=>Unknown error code.
10/14 15:49:17 [1096] <SendRegistrationRequest:>SMS return=0
10/14 15:49:17 [1096] <ParseHTTPStatusCode:>0=>Uninterpreted Status
10/14 15:49:17 [1096] <SendRegistrationRequest:>ERR to query content length
10/14 15:49:17 [1096] <SendRegistrationRequest:>Content Lenght =>
10/14 15:49:17 [1096] HTTP returns status code=0
10/14 15:49:17 [1096] <SendRegistrationRequest:>RECEIVE STAGE COMPLETED
10/14 15:49:17 [1096] <SendRegistrationRequest:>COMPLETED, returned 5
10/14 15:49:17 [1096] HEARTBEAT: Check Point 5.1
10/14 15:49:17 [1096] <RegHeartbeatProc>switch to another server
10/14 15:49:17 [1096] HEARTBEAT: Check Point 9
10/14 15:49:17 [1096] HEARTBEAT: Check Point 8
10/14 15:49:17 [1096] <PostEvent>going to post event=EVENT_SERVER_DISCONNECTED
10/14 15:49:17 [1096] <PostEvent>done post event=EVENT_SERVER_DISCONNECTED, return=0
10/14 15:49:17 [1096] HEARTBEAT: Check Point 1
10/14 15:49:17 [1096] HEARTBEAT: Check Point 2
10/14 15:49:17 [1096] <PostEvent>going to post event=EVENT_SERVER_CONNECTING
10/14 15:49:18 [1096] <PostEvent>done post event=EVENT_SERVER_CONNECTING, return=0
10/14 15:49:18 [1096] HEARTBEAT: Check Point 3
10/14 15:49:18 [1096] <RegHeartbeatProc>Setting the session timeout on Profile Session (Registration) to 30000
10/14 15:49:18 [1096] HEARTBEAT: Check Point 4
10/14 15:49:18 [1096] <RegHeartbeatProc>===Registration STAGE===
10/14 15:49:18 [1096] <MakeRegisterData:>logon id (domain/user)=CBI.CH1B.CBIEPC.COM/ELKINTB
10/14 15:49:18 [1096] <MakeRegisterData:>XML data: <?xml version="1.0" encoding="UTF-8" ?><SSARegData NameSpace="rpc"><AgentInfo DomainID="AD935C470A01128001E5424BA434F4AF" AgentType="105" UserDomain="CBI.CH1B.CBIEPC.COM" LoginUser="ELKINTB" ComputerDomain="cbi.ch1b.cbiepc.com" ComputerName="00052443-XPL" PreferredGroup="Myompany ‹Default 6.85786E-289roup" PreferredMode="1" HardwareKey="DD77893E0565E0301AC9E2BF86089E4A" SiteDomainName=""/>
<SSAHostInfo><NetworkIdentity UserDomain="CBI.CH1B.CBIEPC.COM" LogonUser="ELKINTB" HostDomain="cbi.ch1b.cbiepc.com" HostName="00052443-XPL" HostDesc="" />
<SSAProduct Version="11.0.4202.75" />
<SSAOS Version="5.1.2600" Desc="Windows 41ABCB8PProfessional" Type="17105154" ServicePack="ServicePack"/>
<Processor ProcessorType="x86 0x1.6bbb46p+536mily%20Model%20Stepping" ProcessorClock="2526" ProcessorNum="2"/>
<Memory Size="2134736896"/>
<BIOS Version="DELL%20-
<TpmDevice Id="0"/>
<SSAProfile Version="0.0.0" SerialNumber=""/>
<SSAIDS Version="" SerialNumber=""/>
<SSAUTC Bias="360" />
<DNSs><DNS Address="10.1.170.38"/><DNS Address="10.1.170.16"/></DNSs>
<WINSs><WINS Address="10.1.17.128"/><WINS Address="10.15.31.16"/></WINSs>
<DHCPServer Address="10.1.170.38"/><SSANICs><SSANIC Ip="10.1.174.75" Mac="00-21-70-d7-ca-80" Gateway="10.1.174.254" SubnetMask="0.0.0.0"/></SSANICs>
</SSAHostInfo>
</SSARegData>
10/14 15:49:18 [1096] <SyLink>[MakeRegisterData] registration Hardware Key=DD77893E0565E0301AC9E2BF86089E4A
10/14 15:49:18 [1096] ************Reg CSN=38
10/14 15:49:18 [1096] <mfn_GenPostData (for Registration):>Request is: s_origin_length: 1343
s_session_id: DD77893E0565E0301AC9E2BF86089E4A
Sygate-SSN: 38
<?xml version="1.0" encoding="UTF-8" ?><SSARegData NameSpace="rpc"><AgentInfo DomainID="AD935C470A01128001E5424BA434F4AF" AgentType="105" UserDomain="CBI.CH1B.CBIEPC.COM" LoginUser="ELKINTB" ComputerDomain="cbi.ch1b.cbiepc.com" ComputerName="00052443-XPL" PreferredGroup="Myompany ‹Default 6.83885E-289roup" PreferredMode="1" HardwareKey="DD77893E0565E0301AC9E2BF86089E4A" SiteDomainName=""/>
<SSAHostInfo><NetworkIdentity UserDomain="CBI.CH1B.CBIEPC.COM" LogonUser="ELKINTB" HostDomain="cbi.ch1b.cbiepc.com" HostName="00052443-XPL" HostDesc="" />
<SSAProduct Version="11.0.4202.75" />
<SSAOS Version="5.1.2600" Desc="Windows 41AA9C0PProfessional" Type="17105154" ServicePack="ServicePack"/>
<Processor ProcessorType="x86 0x1.6a84c6p+536mily%20Model%20Stepping" ProcessorClock="2526" ProcessorNum="2"/>
<Memory Size="2134736896"/>
<BIOS Version="DELL%20-
<TpmDevice Id="0"/>
<SSAProfile Version="0.0.0" SerialNumber=""/>
<SSAIDS Version="" SerialNumber=""/>
<SSAUTC Bias="360" />
<DNSs><DNS Address="10.1.170.38"/><DNS Address="10.1.170.16"/></DNSs>
<WINSs><WINS Address="10.1.17.128"/><WINS Address="10.15.31.16"/></WINSs>
<DHCPServer Address="10.1.170.38"/><SSANICs><SSANIC Ip="10.1.174.75" Mac="00-21-70-d7-ca-80" Gateway="10.1.174.254" SubnetMask="0.0.0.0"/></SSANICs>
</SSAHostInfo>
</SSARegData>
10/14 15:49:18 [1096] <SendRegistrationRequest:>http://plainfield-sep3:8014 [encrypted data]
10/14 15:49:18 [1096] <ParseErrorCode:>0=>Unknown error code.
10/14 15:49:18 [1096] <SendRegistrationRequest:>SMS return=0
10/14 15:49:18 [1096] <ParseHTTPStatusCode:>0=>Uninterpreted Status
10/14 15:49:18 [1096] <SendRegistrationRequest:>ERR to query content length
10/14 15:49:18 [1096] <SendRegistrationRequest:>Content Lenght =>
10/14 15:49:18 [1096] HTTP returns status code=0
10/14 15:49:18 [1096] <SendRegistrationRequest:>RECEIVE STAGE COMPLETED
10/14 15:49:18 [1096] <SendRegistrationRequest:>COMPLETED, returned 5
10/14 15:49:18 [1096] HEARTBEAT: Check Point 5.1
10/14 15:49:18 [1096] <ScheduleNextUpdate>new scheduled heartbeat=64 seconds
10/14 15:49:18 [1096] HEARTBEAT: Check Point 8
10/14 15:49:18 [1096] <PostEvent>going to post event=EVENT_SERVER_DISCONNECTED
10/14 15:49:18 [1096] <PostEvent>done post event=EVENT_SERVER_DISCONNECTED, return=0
10/14 15:49:18 [1096] <RegHeartbeatProc>====== Registration Procedure stops at 15:49:18 ======
10/14 15:49:18 [1096] HEARTBEAT: Check Point 10
10/14 15:49:18 [1096] HEARTBEAT: Check Point Complete
10/14 15:49:18 [1096] <RegHeartbeatProc>Done, Heartbeat=64seconds
10/14 15:49:18 [1096] HeartbeatProcFailed to get profile with proxy setting 2
10/14 15:49:18 [1096] <CheckHeartbeatTimer>====== Heartbeat loop stops at 15:49:18 ======
Endpoint Knowledge Base
Security Best Practices
Probably a dumb question but
Probably a dumb question but it there an attach button to attach the logs?
Endpoint Knowledge Base
Security Best Practices
No..either copy paste or use
Yes there is edit your first comment or copy paste or use this http://www.2shared.com/
Once you edit your main discussion on the bottom you will see file attachments
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
Location of log file:
Location of log file: http://www.2shared.com/file/8438252/917f206e/sep_l...
Server shows as offline
Group shows nothing
Location awareness is disabled
Firewall is off and cannot telnet due to security policy
Endpoint Knowledge Base
Security Best Practices
hi try this link hop it can
hi try this link hop it can help you.
http://service1.symantec.com/SUPPORT/ent-security....
:-)
Log shows SMS return=0 and
Log shows
SMS return=0
and SEP is looking for port 80 for SEPM.
Is your SEP manager installed on port 80 or 8014 and what is the version of SEP you are using 11.0.xxxx.xxxx ?
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
SEPM is on 8014. We are
SEPM is on 8014. We are running version 11.0.4202.75
Endpoint Knowledge Base
Security Best Practices
If the SEP client is looking
If the SEP client is looking for port 80, is there a way to point it to the correct SEPM port instead of 80?
Endpoint Knowledge Base
Security Best Practices
Hi, Although you have
Hi,
Although you have mentioned that the Eventvwr on the Client does not help much. However, I would appreciate if you could paste the error that we get after the Installation.
Do you get any group policy error messages in the event viewer, prior to or before the installation of SEP client ?
I would also like to know did we have SAV earlier installed on the same client and on how many machines are we facing this kind of issue?
Regards,
MG
Here is the error I got after
Here is the error I got after pushing from SCCM:
"TruScan has generated an error: code 11: description: Whitelist Failure"
According to the event log, SEP install appeared to be successful as I saw in the eventlog:
"Symantec Endpoint Protection services startup was successful"
But an hour later I got the first error message mentioned above.
Yes, SAV previously on this machine and was removed during the SCCM install
Endpoint Knowledge Base
Security Best Practices
I noticed an another error in
I noticed an another error in the evntlog:
The Group Policy client-side extension Security failed to execute. Please look for any errors reported earlier by that extension.
Endpoint Knowledge Base
Security Best Practices
Create a new package from
Create a new package from SEPM
using "Remove Previous logs and setting reset client server communication"
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008052008163148
this will have a new sylink.xml and once this package is pushed the client should connect to the sepm.
your log shows
""SendRegistrationRequest:>http://10.1.18.128:80 [encrypted data]
"""SendRegistrationRequest:>http://Plainfield-sep1:80 [encrypted data]
Also once again check on what port is the client configured
in SEPM-Policy-polic components-Management server list--Edit Default management server list ( the list which would be appllied to all the groups )
check does it shows 8014 or just 80
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
Can you open the sylink.xml
Can you open the sylink.xml file and check what port is listed over there ?
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
This fix solved my
This fix solved my issue:
http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/012986c18a2387b88825750c007870b9?OpenDocument
Thanks for all you help!
Endpoint Knowledge Base
Security Best Practices
Would you like to reply?
Login or Register to post your comment.