Endpoint Protection

Hello Everyone,

I'm on my last leg.. I installed Endpoint Protection Manager v. 11 and created an install package, I ran setup packages, all was good and all machines checked into manager, then....... server hiccuped and eventually had to re-install Endpoint, after that none of the clients show as connecting to the the manager.. so on a few machines I completly unsintalled the client software and then ran new package, they checked in but others still not.. so I exported new policy serial number that was created after re-install and imported to machines... and still... nothing, rebooted re-ran install and everything... it seems as long as the first client package was ran on that machine and it still resides somewhere on the machine then the new package does nothing and will not check in with manager even when the policy serial numbers are changed to match the manager.... I'm clueless and dying here...... HELP ????

Please tell me I don't have to go to each machine and uninstall the old and re-install the new package...

Create the package in the following way:

 

1) Admin > Install Packages > Settings

2) Create a new setting which has the option of "Remove all previous logs, policies and reset the client server communication"

3) Use this setting while exporting the package.

4) Push with clientremote.exe or migration and deployment wizard

4) This will uninstall the existing clients, Reinstall them with the new configuration set.

 

You should read this page about "Best practices for disaster recovery"

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007082112135948 

If you follow these steps after the server is installed it will be much easier to recover a failed server.

When you say that you exported the policy serial number what exactly do you mean? Is it the sylink.xml file you are talking about?

You might need the sylinkdrop tool to be able to pull it off since the sylink.xml file is protected and difficult to replace (manipulating it while SEP is running will not work)

Yes, I'm sorry that's what I meant.. in my ignorance, I tried to just swap the sylink.xml file (a good one to a bad machine) but I realized from your post that it has to be stopped first, so I used the sylinkdrop tool using IP addresses and they are all reporting back in... I can guarantee that I will have a plan next time.. thanks so much for your response

You should read this page about "Best practices for disaster recovery"

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007082112135948 

If you follow these steps after the server is installed it will be much easier to recover a failed server.

When you say that you exported the policy serial number what exactly do you mean? Is it the sylink.xml file you are talking about?

You might need the sylinkdrop tool to be able to pull it off since the sylink.xml file is protected and difficult to replace (manipulating it while SEP is running will not work)

Thank you for your response... I have this in my notes now, there are some machines left that I would like to uninstall the old and go with the new, so this will be an easier way than manual changing... thanks so much

Create the package in the following way:

 

1) Admin > Install Packages > Settings

2) Create a new setting which has the option of "Remove all previous logs, policies and reset the client server communication"

3) Use this setting while exporting the package.

4) Push with clientremote.exe or migration and deployment wizard

4) This will uninstall the existing clients, Reinstall them with the new configuration set.