I can't login in Symantec Endpoint Protection Manager Console

Jawid Ahmad's picture
Jawid Ahmad
June 7th, 2009

Hello;

I have problem in login to SEP-Manager Can someone help me in the following issue please 

I install version 11.0.2 of Symantec Endpoint Protection Manager Console, and I never reach to login

I get always this error:

Failed to connect to the server

Make sure that the server is running and your session has not timed out

You can reach the server but cannot log on, make sure that you provided the correct parameters.

If you are experiencing network issues, contact your system administrator

The problem seems to be with IIS server. Because when I run http://localhost/secars/secars/.dll?hello,secars
I get below error.

You are not authorized to view this page
You do not have permission to view this directory or page using the credentials that you supplied. 
--------------------------------------------------------------------------------

Please try the following:

Contact the Web site administrator if you believe you should be able to view this directory or page. 
Click the Refresh button to try again with different credentials. 
HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials.
Internet Information Services (IIS)

Restarting SEP Manager Service doesn't help as i goes to stop mode again.
FYI, I have attached both screen shot and scm-server-0.log file.

I really need your help to guide me in assigning proper credential.

worth indicating that it is almost one year that our server name changed from BRA-SERVER@organization name.org to BRB-SERVER@organization name.org . 

the server name and site name selected during SEP Manager installation is BRB-SERVER but when go to IIS and check web Sites\Directory Security\Authentication and access control. the user name is selected IUSR_BRA-SERVER.

Please help me to sort this problem out because I have been working 5 days on this bloody problem but not positive result yet.

Best Regards
Jnasiry

Filed under: , , , ,
0 votes
pete_4u2002's picture
pete_4u2002
21 weeks 6 days ago

hi, you have already cracked

hi, you have already cracked the case :-)

since the IUSR_ name have been changed this is the issue, you will need to change the username for the same to use the proper one and have approporiate permission.

Cheers
Pete

+2 (2 votes)
Ajitjha's picture
Ajitjha
21 weeks 6 days ago

Make sure the Database

Make sure the Database service is running and if yes  try to run the managenent server configuration wizard and re-configure the server.

Regards'
Ajit Jha
TechSuport Engineer
STS

0 votes
Vikram Kumar-SAV to SEP's picture
Vikram Kumar-SAV to SEP
21 weeks 6 days ago

Reset IUSR password

Reset IUSR password in both IIS for SEPm website and AD it should work or use a diffrent account instead of IUSR_xxxx for SEPM website in IIS.

SEP 11.0 Top Articles
FAQ about Symantec Critical System Protection

+1 (1 vote)
Siddarth's picture
Siddarth
21 weeks 3 days ago

Failed to connect to the server while logging on to the SEPM

In your scm-server-0.log we have HTTP 401 Unauthorized, URL: http://localhost/secars/secars.dll?action=34
So for that you can try these steps :-

- Open IIS and select the symantec website. Open porperties and from  there select directory security.
-In there click on the first edit tab which is under Authentication and access control.

imagebrowser image

-In there put a check on Integrated windows authentication.
-Click on Apply and Ok.
-Try to restart the Symantec endpoint protection manager service from services.msc.

If still  the Symantec endpoint protection manager service is getting stopped.

-Then right click on Symantec endpoint protection manager directory and goto properties.
-Add Authenticated user to that directory.
-Click on Apply and than click on Advanced and put a check on "Replace permisison entries on all child objects with entries shown here that apply to
 Child object"
-Click on apply and then click on Ok.

The default permission for Authenticated users are shown below :-

imagebrowser image

-Then try restarting the Symantec endpoint protection manager service and you should be able to login.
-Any issue do revert back.

0 votes
Happytohelp's picture
Happytohelp
21 weeks 2 days ago

You may follow the below mention docuemnt

 http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008101518485148

+1 (1 vote)
albert hughes's picture
albert hughes
19 weeks 5 days ago

Failed to connect to the server while logging on to the SEPM

> Go to services.msc and restart all symantec services.
> and try to login to the symantec endpoint portection manager, it works.

Regards
Albert

0 votes
Nel Ramos's picture
Nel Ramos
19 weeks 5 days ago

@Jawid Ahmad:We sometimes

@Jawid Ahmad:We sometimes have this issue and it just connects after many attempts.

@All: Would there be any issues nearing to happen when we are expericing the above issue? although it could still logon but after several attempts...

Just to reiterate.. When we were using SAV10.1 before... we had the data logs not in synch... then after awhile... issues already arised and we could not log anymore to the SAV IIS...  

thanks...
 
 

Nel Ramos

0 votes
MKN's picture
MKN
14 weeks 1 day ago

For the "HTTP 401

For the "HTTP 401 Unauthorized" issue you can also foloow the following

Link: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008030400460348

0 votes
shp's picture
shp
14 weeks 1 day ago

Just repair SEPM

Just repair sepm it will reconfigure everything...

Before that take backup of db, \tomcat\conf\server.xml, \tomcat\etc\keystore.jks files so that u can resore it in case of failure.

It should solve the problem.

Regards,
Srinivas H.P.
HCL Infosystems Ltd

0 votes
Peterpan's picture
Peterpan
14 weeks 1 day ago

HI try to reinstall the

HI try to reinstall the IIS from your server, I already encountered this problem and reinstalling IIS resolve my problem.

Additional recommendation upgrade the SEPM to the 0atest release 

:-)

0 votes
Ghent's picture
Ghent
14 weeks 12 hours ago

This is a IIS permissions problem

Hi, I think some of the other people pointed you in the right direction with some of the KB article links, so I wont redo their work, but incase your still having trouble I just wanted to confirm what your problem is.

You are not having an Database or "just restart the service" type problem. This is what we call an "IIS Permissions problem". SEPM uses IIS to communicate with clients, and what your scm-server-0.log shows is that IIS is not allowing SEPM to talk to it.
I think the article links above are a good place to start. You may also want to search Microsoft's support site as well, since this is a IIS permissions problem. Continue to test with the http://localhost/secars/secars.dll?hello,secars command, once you get that page to say OK instead of Error 401 you should be good. ALso, once you get the page to work with 'localhost', try to go to that page from a remote computer as well.

P.S. You are using SEPM MR2. Although I doubt upgrading will fix your current issue, SEPM MR4 is already out and MR5 is going to be released shortly.

0 votes
KevinSmith's picture
KevinSmith
4 weeks 1 day ago

RE:

the server name and site name selected during SEP Manager installation is BRB-SERVER but when go to IIS and check web Sites\Directory Security\Authentication and access control. the user name is selected IUSR_BRA-SERVER.
online Computer Science degree | Associate degrees | Psychology Degree

0 votes
shp's picture
shp
4 weeks 1 day ago

Try this... Create a new

Try this... Create a new virtual-directory with proper permissions... 

https://www-secure.symantec.com/connect/articles/h...

Regards,
Srinivas H.P.
HCL Infosystems Ltd

0 votes