Video Screencast Help

How to Reset the Hardware ID Automatically

Created: 27 Feb 2011 • Updated: 28 Feb 2011 | 3 comments
This issue has been solved. See solution.

Hi there

             we had an issue when we depolyed our corporate image to 22 desktops. the image had the symantec client installed on the desktops. i was adviced by Symantec that i need to

Delete %programfiles%\Common Files\Symantec Shared\HWID\sephwid.xml
Open the registry and navigate to HKLM\Software\Symantec\Symantec Endpoint Protection\SMC\Sylink\Sylnk
Edit the "HardwareID" value data to be blank
 

before taking the image but for some reason the clients still had the same ID.

on the manager i can't see them although i can see the green dot and all of them are getting the update.

 

is there a tool i can use to reset this automatically? scripting is not a good idea as this registry entry does not allow the clients to modify it.

 

Regards,

Comments 3 CommentsJump to latest comment

pete_4u2002's picture

I have not heard of the tool which fixes the registry entry, even the tool would be using the script to fix the registry entry I believe.

Mithun Sanghavi's picture

Hello,

At Present, there is no Tool for this.

However, In new design of RU5 and above, the Hardware Key is now stored in %programfiles%\Common Files\Symantec Shared\HWID\sephwid.xml. This allows for easier remediation in the following situations:

1) A client is generating new Hardware Keys on startup which could potentially conflict with another SEP client or for preparing a machine
a. Move, rename, or remove the Hardware Key config XML file found in the Symantec common area.
b. Remove the “HardwareID” registry value located in HKLM\Software\Symantec\Symantec Endpoint Protection\SMC\Sylink\Sylink\
c. Restart the client.. New Hardware Key information will be generated in this case.

2) Every time I install the client on a clean VM or Ghost image using the same hardware, the Hardware Key is different.
a. Since the new algorithm generates random IDs, any install on a clean machine will result in a new ID being generated. However, if the client is uninstalled and reinstalled, the ID should not change, since it is persisted in an XML file located in the Symantec Common area. i.e %programfiles%\Common Files\Symantec Shared.

             In order to maintain the same ID when an image is restored, the customer should install SEP first before taking the image. Alternatively, the customer may also drop a saved sephwid.xml file and force that Hardware Key to be used by setting HKLM\Software\Symantec\Symantec Endpoint Protection\SMC\Sylink\Sylink\ForceHardwareKey in the registry to 1 (true).

How to fix RU5 (and later) clients that have been misconfigured and already rolled out to production (For each client:)

  1. Delete %programfiles%\Common Files\Symantec Shared\HWID\sephwid.xml
  2. Open the registry and navigate to HKLM\Software\Symantec\Symantec Endpoint Protection\SMC\Sylink\Sylnk
  3. Edit the "HardwareID" value data to be blank
  4. Restart the Symantec Management Client (SMC) service in the services snap-in.

Clients should now generate unique HardwareID's and sephwid.xml's.
 

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
Mithun Sanghavi's picture

Hello,

Here are few Important Links you need to check for your Issue.

1) Configuring Symantec Endpoint Protection client for deployment as part of a drive image

http://www.symantec.com/business/support/index?page=content&id=TECH102815&actp=search&viewlocale=en_US&searchid=1298897270835

2) How to prepare SEP clients on virtual disks for use with Citrix Provisioning Server

http://www.symantec.com/business/support/index?page=content&id=TECH123419&actp=search&viewlocale=en_US&searchid=1298897270835

3) Installing SEP on a PC that has an image, but several different locations 

https://www-secure.symantec.com/connect/forums/installing-sep-pc-has-image-several-different-locations

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.