Video Screencast Help

How to setup client password protection in Symantec Endpoint Protection Manager

Created: 16 Mar 2011 • Updated: 17 Mar 2011 | 15 comments
This issue has been solved. See solution.

Dear Team,

Kindly suggest me to how to change "client password protection" in Symantec Endpoint Protection Manager:

I have did following steps:

  1. Open the console manager
  2. Click Clients
  3. Select Policies tab.
  4. Click on General Settings.
  5. Select Security Settings tab.
  6. Select Require a password to uninstall the client
  7. Type the <password> in the box.
  8. Click OK.

For example I chosen abcd1234 password for Require a password to uninstall the client

But thereafter I am getting different charecter password which is not similar with given password. I tried many times but still can't do as my expectation.

Kindly see the attachement where I shown few steps but afer customize of password, if I go again on same window then will get different password which is not assigned by me.

Please help me to how to get rid with this situation?

VER: 11.0.4202.75

Thanks,

Simon

Comments 15 CommentsJump to latest comment

w-d's picture

Did you try uninstalling SEP with the abcd1234 passwor? 

The additional asterix will be added but it doesn't mean that the password has changed

simantsd's picture

still I can't see new password during uninstalling SEP and also client services.

pete_4u2002's picture

yes the number of stars will be different, it will not be exact alpahbet numbers you have set the password.

simantsd's picture

Hi Pete,

My mean is that; If I put new password for stopping client services for entire sep clients and uninstalling of SEP. I tried to put new password but its not applying at client machines and still user are able to change the SEP client services like stop/start.

All sep client machines are updated and reporting to SEP-M.

Regards,

Simon

AravindKM's picture

If you provide a small password also ,while editing back it will show that the field is filled with stars.This is due to security reason.After the new policy received by the clients you will be able to use the same password which you configured in the console for uninstallation...

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind

simantsd's picture

Hi Aravind,

Yes I do understand but my environment is LAN only where only few notebook are connected with SEP-M and I did same steps at today morning to till this time but I don't show this much time will consume for applying new policy. After applying new policy than I went to my cabin and wait upto 5-6 hours for looking new changes but every steps failed and can't see new password in SEP client.

I have done centrailized policy for blocking autorun.inf file which is applying for client machines but expect this new password policy.

Thanks,

Simon

AravindKM's picture

As per the screenhot you selected only unistallation not for stopping smc service.If you check the stoping of smc service it will be a new policy.Assure that after checking the same clients are received new policy.You may use policy serial number for verifying the same....

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind

simantsd's picture

Waited

Well here is little strange about password character:

I just have 6 character length of password but If I go to same window than I will see more than character (**************) but my password length is only 6 (******). Once I gave 6 length of password than next time I will see more than length of password.

But password which is given by me is not applying and I tried on same machine where SEP-M is installed and SEP.

Thanks,

Simon

snap4.JPG
AravindKM's picture

Restart your system once and try...

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind

simantsd's picture

I restarted sep client machine and as well SEP-M machine but no output after that.

AravindKM's picture

Can you double check the policy serial number once.In sever you can find this in the details tab in the clients page.In the client you can find in GUI--->Help and support -->troubleshooting.

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind

Chetan Savade's picture

Hi,

Make sure policy inheritance is turn on ?

If it is unchecked then it won't applied.

Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Rafeeq's picture

how u r trying to stop the symantec services, if you doing it from services.msc then it wont work

start -run

smc -stop

this should ask for the password, check if thats acception  your new password

open the sep interface and click help and support and update policy

try to uninstall..it should take u r new password.

simantsd's picture

Dear All,

Now problem has been resolved. Thanks to all of you for correcting my mistake.

But still I have doubt with services.msc because if I try through RUN console than I can see password window but same is not from services.msc.

Is there any way to restrict the SEP services from services.msc like password protection?

Thanks,

Simon

SOLUTION
Rafeeq's picture

Let me explain, 

when  you are in services.msc , you see symantec management client services( this is smc.exe)

this service will not have any option to stop, start, or disable, all things will be grayed out...

the only way u can stop is via cmd prompt or run

i.e. smc -stop

You are all set :)