If the computer is not connected to SEPM for 30 days the entry gets deleted till the computer re-connects to SEPM.

Well, some of these are currently online (I verified this) and haven't shown back up in the managed list. They've just disappeared from the list, and when I search for unmanaged computers nothing shows up.

Anyone know anything about this? They are just "POOF" disappearing from the managed lists all together. Are they being deposited somewhere I can retrieve them? I know for a fact they are online and I know they were in the managed list before.

Does the client show that it's connected to the server ( green dot) ? In the client under help and support, then troubleshooting, then management, what does it say for server and group?

I would recommend checking your display filter. If you have the setting too low some of these may simple not be showing up.

Ok, so I figured out WHEN it broke, and the date the clients last checked in was when we reassigned VLANS.

This server is local, and I can ping each client just fine from the server.

Both the server and clients are on separate VLANS, but I can access the clients from the server through ping and remote connections.

The display filter isn't too low, I checked that.

Lastly, I was able to get the missing clients to show up in the list with the Migration and Deployment Wizard and rolling it out to all the machines (again), but they refuse to pull updates from the server and don't show up as managed (green dot).

Any suggestions?

export the communication settings for each group and re-apply it to the 'broken' machines using sylinkdrop

That was what I was afraid you were going to say, but thanks.

Is there any way of doing this remotely and in the background while users are logged in? Similar to how we rolled out Symantec in the first place, with a background install?

I use sylinkreplacer an awful lot now

goes to show you how often this occors

it's actually a nice little tool

you have to log onto your machine with your domain admin account...run it from your machine....point to machine from a text file....ahhh, it's all self explanatory really....

shame we have to use such things though eh...

Okay, thanks for the info. I guess I'll just have to head out to that location and do it manually.

Interesting that it is a common occurence, makes me wish (as I mentioned) that there was a way to roll it out remotely and silently.

well - the sylinkreplacer does it remoetly and silently - that's what I mean...you run it locally from your machine and point to their machines....

OH! Holy crap, is that really true? I can run it from my workstation here (logged in as admin) and remotely fix it up? If so, that's awesome!

yeah - it's as exciting as IT gets my friend........and look, here's a nice convenient link

https://www-secure.symantec.com/connect/downloads/sylinkreplacer-tool-connecting-sep-clients-sepm

it's saved my bacon a couple of times....for some reason a lot of my new deplyments fail to ever connect to the SEPM - they connect initially then bugger off and never check back in....so I often have to run this....it's a particular problem for me on servers, but I don't know why and this always works

but i think you use the main xml file on this not the one from the groups - don't know what the difference is though

still works the same for me

Dude, you're awesome. I don't know why I thought this had to be done locally and on each individual machine (logging in as admin each time). This is a life saver, thanks!

well I thought the same...that's what i had to do and it was such a ball ache...then I found this, think you used to have to raise a support call before and then they made it public? who knows....

have fun.......

Ok, so good news is, all the missing computers are now back in the correct container.

Bad thing is, they aren't showing up as managed. The virus definitions are still not updating correctly, even though the server obviously pulled their names from somewhere. It also shows the last "check-in" date as yesterday, when I rolled the Syslink back out to them.

Any thoughts on how to get these puppies managed? I hope I'm running the Syslink correctly. I don't have to do anything after it's been sent out to all the machines, right?

The error log reported that everything went smoothly with the tool...

hmm is DNS working correctly in your environment - can the 'unmanaged' clients ping the SEPM server name?

so replacing the sylink file made them check in and then they appeared in their containers? but now not showing green dot status?

By any chance did the missing computers get switched from Computer Mode to User Mode? I've run into that situation and thought the computers were missing because they weren't showing up as computers.

Yes, that is correct, which makes it all the more wierd. After I roll out the Sylink it checks in ok, but fails to update and does NOT show the green "managed" dot.

The computers are in computer mode, nice suggestion though.

I tested whether they could ping. Both the server and clients can ping each other just fine, it seems.

This also is only happening with one of our sites, evidently. The server was just moved onto a different VLAN than the clients, and the only clients still communicating with the server are the ones still on the same VLAN.

That would point me to a VLAN problem, but the issue is they can ping each other just fine, and they've checked in just fine.

What's even more weird is when I roll it out through the Migration & Deployment wizard by searching for the machine name, it will actually show up as managed (green dot) before it stops a few minutes later.

At that point it shows "not reporting status" in the fields.

hmmm that is odd - but I think you're on the right lines with the VLAN... is there a router bridging the 2 VLANs? iut's wierd how it checks in initially and then stops....if it was misconfiguration across the VLAN you'd think it would never check in.

can you confirm you can see the management server from a client by doing telnet servername 8014

if the telnet session connects at least you know there's no problem here....if it fails to connect could be a firewall issue or the device that bridges your VLANS

hmmm that is odd - but I think you're on the right lines with the VLAN... is there a router bridging the 2 VLANs? iut's wierd how it checks in initially and then stops....if it was misconfiguration across the VLAN you'd think it would never check in.

can you confirm you can see the management server from a client by doing telnet servername 8014

if the telnet session connects at least you know there's no problem here....if it fails to connect could be a firewall issue or the device that bridges your VLANS

Ok, so I went out to the location and switched the clients onto the same VLAN as our Server, and it worked!
 
The moment I switched it back they stopped working.

This is a single managed switch with two unmanaged switches. The clients are on one of the unmanaged switches and our server is on the managed switch. Two separate VLANs. That would mean our router is doing the intervlan routing.

I can telnet from the client and do the secars, hello test just fine.

I can ping/tracert the server from the client just fine.

As far as I'm aware, this means VLAN inter-routing is working fine, as if it wasn't, they wouldn't get any of that.

that's blummin odd isn't it?

Can you test the MTU from a device on one VLAN to a device on the other - see if you're getting 1500 across the link? I wouldn't be surprised if you're getting 1300 or lower which might cause a problem here with communication

message back if you want a litle handy tool that can test this for you