Endpoint Encryption

Hi,

I just installed SEEMS 11.0 on a windows server 2012.

I already installed all prerequisites and windows features needed, everythings looks good.

I declare Web server like this:

MYDOMAIN\encryptadmin, with "Enable Windows Authentication" on.

I let in HTTP for my test lab.

When I saved configuration no problem, but when I'm trying to access throught HTTP, with encryptadmin user credential, I have this error page:

I tried to had anonymous access to the folder C:\Program Files (x86)\Symantec\Symantec Endpoint Encryption Management Server\CommunicationWS

Without success.

Any suggestion for this issue ? Sorry I'm beginner in IIS management.

Thank you.

1.) Make sure basic authentication is enabled under IIS roles and features.

2.) Double-check the account. Make sure it is not locked within Active Directory. Try a password reset. 

3.) Make sure you use Domain\username format when attempting the authentication.

4.) If the above fails, you most likely missed a pre-requisite role and feature. Check ALL pre-requisite roles and features one by one by reviewing the admin guide. This will be the most likely fix for the issue.

I have seen MANY cases like this. Please give these steps a try, and let me know if you need any additional help

Cheers,

Phil

Hi,

Thank you for your fast answer, I'm in a test process with few Full Disk Encryption soft.

1) Basic auth is enabled under IIS roles and features

2) AD Account isn't locked, I change password, and I login successfully with these credential

3) I use MYDOMAIN\encryptadmin, I tried other users, can't login and ask credential again

When I use this user, I have 403 - Forbidden

4) I check all pre-requisite, I reinstall SEEMS many times without success, since 3 weeks.

The only thing I forgot is updates on my server, I'm install this right now on my w2012R2.

Console administration is only available with IIS? Can I install local console to configure security policies?

Which domain name I must use? I set Pre-Windows 2000 domain name, I tried with domain name MYDOMAIN.com without success.

AD synchro works with my pre-windows 2000 domain name.

In SEE configuration manager, "Server Roles", I have just my encryptsql user, is it correct? Or must I had my IIS user too?

Last question, in Advanced settings, Active SEMS configuration is OFF, must I turn it ON, or is it for configure SEMS remotely?

I tried to enable Anonymous Authentication and add Anonymous right on the folder CommunicationWS, but it doesn't works.

Did you have any idea for fix this issue?

Thank you.

Best regards,

Fabien.

Hi,

My previous comment is waiting for moderation.

When I tried to access to https://myserver:1001/GECommunicationWS.asmx

It's works I have a lite web menu.

I had error when I try to access to https://myserver:1001/

Thank you for your help.

Fabien.

In my previous comment I let you know that I'd check all your suggestion without success.

Everythings looks good in configuration.

Only thing missing is windows update deployment on my server, I do it right now.

Finally, I reinstall SEEMS on windows server 2008 R2 for try.

Now I've blank page instead of 403 Forbidden error.

When I try:

https://localhost/GECommunicationWS.asmx?op=VerifyWebAccess with IIS user.

Result: