Video Screencast Help

If anyone is having trouble with the Sylink Replacer tool

Created: 18 Oct 2011 | 5 comments

This tool didn't work for us, worked on some computers but no others. I have created a script which uses psexec to replace the sylink.xml file which works well on XP & Win7 computers (most likely others too but haven't tried).

To use:
1. Copy the script below into notepad (change the 3 [password] parts to your symantec password, and the version from 12.1.671.4971.105 if you are using a different version - check program files folder if you are unsure), and save with .bat file extension
2. Put psexec.exe file in the same directory of the script (google and download pstools if you don't have this)
3. Put your correct sylink.xml file in the same directory also
4. Put a list of client names/IPs in a file called clients.txt in the same directory

When you run the script, ignore the text that shows up in the window, just wait for it to say "Done" then close it. You will see two new files created called results.txt and failedclients.txt. Results shows each client and either "success" or an error (e.g. can't connect). Any clients that fail for any reason are put in the failedclients.txt list also, so you can later rename this to clients.txt and run the script again if you like.

Here is the batch script:

 @echo off
REM Get IPs out of clients.txt file and run this script on each one
FOR /F "tokens=1,*" %%a IN (clients.txt) DO (

  REM reset countrol variables
  set sylinkpath=0
  set smcpath=0

  echo -------------------------------------------------- >> results.txt
  echo %%a: >> results.txt

  REM Make sure connection to system can be established
  ping -n 1 %%a | find "Reply from" > NUL
  if errorlevel 1 (
    echo Can't connect >> results.txt
    echo %%a >> failedclients.txt )
  if not errorlevel 1 (

    REM Find where smc.exe file is stored then stop the service
    if exist "\\%%a\c$\Program Files\Symantec\Symantec Endpoint Protection\smc.exe" (
      set smcpath=1
      psexec.exe \\%%a "c:\Program Files\Symantec\Symantec Endpoint Protection\smc.exe" -p [password] -stop )
    if exist "\\%%a\c$\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\smc.exe" (
      set smcpath=2
      psexec.exe \\%%a "c:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\smc.exe" -p [password] -stop )
    if exist "\\%%a\c$\Program Files\Symantec AntiVirus\12.1.671.4971.105\Bin\smc.exe" (
      set smcpath=3
      psexec.exe \\%%a "c:\Program Files\Symantec AntiVirus\12.1.671.4971.105\Bin\smc.exe" -p [password] -stop )

    if smcpath==0 (
      echo %%a >> failedclients.txt
      echo Cannot find smc.exe >> results.txt
      echo -------------------------------------------------- >> results.txt )
    if not smcpath==0 (

      REM Find where sylink.xml file is stored then replace it
      if exist "\\%%a\c$\Program Files\Symantec\Symantec Endpoint Protection\sylink.xml" (
        set sylinkpath=1
        copy /y sylink.xml "\\%%a\c$\Program Files\Symantec\Symantec Endpoint Protection\" )
      if exist "\\%%a\c$\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Config\sylink.xml" (
        set sylinkpath=2
        copy /y sylink.xml "\\%%a\c$\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Config\" )
      if exist "\\%%a\c$\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Config\sylink.xml" (
        set sylinkpath=3
        copy /y sylink.xml "\\%%a\c$\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Config\" )

      if sylinkpath==0 (
        echo %%a >> failedclients.txt
        echo Cannot find sylink.xml >> results.txt )
      if not sylinkpath==0 (
        echo Success >> results.txt )

      REM Restart the smc.exe service
      if exist "\\%%a\c$\Program Files\Symantec\Symantec Endpoint Protection\smc.exe" (
        psexec.exe \\%%a "c:\Program Files\Symantec\Symantec Endpoint Protection\smc.exe" -start )
      if exist "\\%%a\c$\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\smc.exe" (
        psexec.exe \\%%a "c:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\smc.exe" -start )
      if exist "\\%%a\c$\Program Files\Symantec AntiVirus\12.1.671.4971.105\Bin\smc.exe" (
        psexec.exe \\%%a "c:\Program Files\Symantec AntiVirus\12.1.671.4971.105\Bin\smc.exe" -start )
    )
  )
)
echo.
echo Done
echo.
pause
 

Comments 5 CommentsJump to latest comment

SolarisMaestro's picture

This looks really well done and I am going to give it a go soon. I noticed that you are using the specific version in the script. Would it be possible to point it to currentversion instead with RU1 right around the corner?

Thank you for marking as a solution if you felt this response met your needs!

thomas_m's picture

That shouldn't work for most 12.1 environments. Any 12.1 install with Tamper Protection enabled should prevent you from stopping our services like that. Have you attempted to use the Sylink Replacer for 12.1 tool?

Symantec Technical Support Engineer, SEP, SAV for Linux<

Paul Murgatroyd's picture

that definitely wont work if Tamper Protection is enabled on 12.1.

As Thomas says, why dont you try SylinkReplacer for 12.1, or alternatively, using your script to call SylinkDrop, rather than doing it manually?

Paul Murgatroyd
Principal Product Manager, Symantec Endpoint Protection
Endpoint twitter feed: http://twitter.com/symc_endpoint

Mithun Sanghavi's picture

Hello,

Please Call Symantec Technical Support for receiving the SylinkReplacer for 12.1 Utility.

OR 

You can log a case on web portal to receive tool.

 

QuickStart Guide - Create and Manage Support Cases in SymWISE
 
 
How to update a support case and upload diagnostic files with MySupport
 
 
Create and manage your Support case through MySymantec
 
 
Create and Manage Support Cases
 
 
Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

symhuman's picture

We tried sylinkreplacer but it seemed to only work on half of the machines. Symantec support wasn't able to help any further which is why I created this script

It lets you stop the service because it has the password included, otherwise the service won't stop and the sylink.xml file copy will fail. And we do have tamper protection enabled.

As for the specific version being in the script, if there is another version you want to run this on just use notepad's "replace all" function to enter in the new version. Provided the file paths are the same other than the version number it should still work (and if the paths are different it won't take much editing to get it to work). Though I wasn't really thinking much about future versions when creating this script as I was just in a hurry to get it working in our organisation. Just posted in case it helps as I have seen a lot of other people have this same issue with sylinkreplacer