Endpoint Protection

I was testing some imaging prepping.  Windows system image.   Sysprep and Clonezilla.

I wondered what happened for SEP.  We leave it off the image and install it fresh afterwards.  I noticed SEP was still functioning on machines I did an unsysprepping Windows System Image on.

https://www-secure.symantec.com/connect/forums/what-happens-if-you-put-sep-image

The clone tool looks like the solution for imaging.

http://www.symantec.com/business/support/index?page=content&id=HOWTO54706

And I found this post about fixing machines that have duplicate SEP instances on them.

http://www.symantec.com/business/support/index?page=content&id=TECH163349

My question -- Instead of messing with all the repair tweaking on a duplicate SEP machine, could I just completely uninstall SEP and then reinstall it on that machine?  Would that clear up issues?

Instead of messing with all the repair tweaking on a duplicate SEP machine, could I just completely uninstall SEP and then reinstall it on that machine? Would that clear up issues?

Yes it's working you can reinstall sep client.but Instead reinstall you can run tool and remove HWID.

See mithun articles

Duplicate SEP clients appear in the Symantec Endpoint Protection Manager console

https://www-secure.symantec.com/connect/articles/duplicate-sep-clients-appear-symantec-endpoint-protection-manager-console

Pretty much same answer in your earlier post:

https://www-secure.symantec.com/connect/forums/what-happens-if-you-put-sep-image

You don't need to remove SEP just remove the hwid and let it re-create, only take a minute or two to fix.

Follow it for the image creation with sep

You can prevent these problems by creating a drive image that does not have a Symantec Endpoint Protection Client GUID.

1.Install the operating system, and install all of the patches required. Do not install the Symantec Endpoint Protection Client.
 
2.Install any other software needed except the Symantec Endpoint Protection Client that will be on the image.
 
3.Install the Symantec Endpoint Protection Client after all of the other installations are complete.
 
4.Before you save the image, stop the Symantec Management Client (SmcService) and start the Registry Editor (regedit.exe)
 
5.Locate and delete the following registry value:

HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\SYLINK\SyLink\HardwareID
6.Locate and delete the following file:
        SEP 11.x Location
        C:\Program Files\Common Files\Symantec Shared\HWID\sephwid.xml
        SEP 12.1 Location: 
        Windows XP/2003: C:\Documents and Settings\All Users\Application Data\Symantec\Persisted Data
        Windows Vista/7/2008: C:\Program Data\Symantec\Symantec Endpoint Protection\Persisted Data

7. Find file "sephwid.xml". Rename it to "sephwid.xml.bak".

8.Exit the "Registry Editor." The hard drive is now prepared for imaging.
Note: Do not restart SmcService or restart the computer into Windows.

 
9.Create the image with your preferred disk imaging software.

When the computer starts again, SmcService checks for the GUID value, and when it determines that it does not exist, it generates a new one.

If you have computers that were already deployed with identical GUID values, you can delete the GUID value on each computer, as described above. This can be done with a batch file, a login script, or a group policy object.

If you already have to create the image then for the functioning remove the hardwareid