RU5 has a new design.
With this new design, the Hardware Key is now stored in %programfiles%\Common Files\Symantec Shared\HWID\sephwid.xml. This allows for easier remediation in the following situations:
1) A client is generating new Hardware Keys on startup which could potentially conflict with another SEP client or for preparing a machine
a. Move, rename, or remove the Hardware Key config XML file found in the Symantec common area.
b. Remove the “HardwareID” registry value located in HKLM\Software\Symantec\Symantec Endpoint Protection\SMC\Sylink\Sylink\
c. Restart the client.. New Hardware Key information will be generated in this case.
2) Every time I install the client on a clean VM or Ghost image using the same hardware, the Hardware Key is different.
a. Since the new algorithm generates random IDs, any install on a clean machine will result in a new ID being generated. However, if the client is uninstalled and reinstalled, the ID should not change, since it is persisted in an XML file located in the Symantec Common area. i.e %programfiles%\Common Files\Symantec Shared.
In order to maintain the same ID when an image is restored, the customer should install SEP first before taking the image. Alternatively, the customer may also drop a saved sephwid.xml file and force that Hardware Key to be used by setting HKLM\Software\Symantec\Symantec Endpoint Protection\SMC\Sylink\Sylink\ForceHardwareKey in the registry to 1 (true).
How to fix RU5 clients that have been misconfigured and already rolled out to production (For each client:)
Delete %programfiles%\Common Files\Symantec Shared\HWID\sephwid.xml
Open the registry and navigate to HKLM\Software\Symantec\Symantec Endpoint Protection\SMC\Sylink\Sylnk
Edit the "HardwareID" value data to be blank
Restart the Symantec Management Client (SMC) service in the services snap-in.
Clients should now generate unique HardwareID's and sephwid.xml's.