Good morning - or at least I hope it ends up that way!
Note - I did NOT upgrade or update SEP on any device at all - ALL CLIENT AND ALL SERVERS are still running 11.0.7. NOTHING has been updated from 11 to 12.1 as far as protection, clients, servers, etc. - still running a pure 11.0.7 sho.
I DID upgrade the SEPM part only on our two dedicated SEPM servers - ONLY the management part.
OK - here's the issues ;-)
I went in and turned off the rule to protect registry keys, etc. for everything. I STOPPED the SEPM service on our second server. SQL backup was in place thanks to a backup that night. I went to server 1 and launched the SEPM upgrade from the SEPM folder in the DVD files I'd copied onto the server.
The first went really well. It upgraded SEPM on the server, then ran the configuration wizard, found the database and changed the schema for SQL, then it launched the console (the JAVA version) successfully, I logged and saw that yeah, that was our stuff.
I logged out of the console, left SEPM1 and went to SEPM2 and launched the upgrade of SEPM2 (the second server) from the SEPM fiiles I've copied onto the server. (I'd left the SEPM service disabled so it would not touch the database)
It ran the processes, did the install, then launched the wizard and blew up. Seems in between the SQL server crashed - or at least the network interface died and it's a VMWare server, dunno what happened, but NIC communications pretty much stopped. So the SEPM2 upgrade basically stopped at the half-way done point. The admin got the SQL server going with the help of a VMWare tech and I launched the wizard on SEPM2 and finished. It then also connected to the database.
The day was over and I was beat and went home..........
The issues:
* My email inbox is FLOODED with alerts! Some of them many megabytes in size, HUGE lists in these messages. Yea I had alerting setup to email me, but not like this!
* Device control has gone totally flakey! I am getting email alerts for the last 12 hours about devices being enabled, then disabled, disabled then enabled, back and forth over and over - and NO ONE WAS here! The computers I was getting alerts about were not in use! I have device control disable USB devices like thumb drives, and firewire is disabled, and I've get an occasional alert, and when computers were turned on, I got a message that firewire was disabled on that computer, but they were not often, and generally ONLY when the computer was first turned on. These are coming at me all night and now all through today, disabled, enabled, disabled and so on, the same computers, the same firewire, the same USB devices.
Some of the reports have information that's days old and I already received!
* WORST of all - I can't launch a console on a computer that is not the SEPM server.
When I attempt to launch the web site http://nameofserver:9090 it totally crashes IE to the point I have to end the task.
ONE of the emails had a link in it that said "to launch the console, etc. etc." http://nameofserver:9090/symantec.html
and THAT too crashed IE.
I tried firefox and it loaded the text, but nothing else - and just sat there. No links, no buttons, etc.
The web part of the SEPM servers now seems to be trashed and non-functional. I don't have console access from any computer other thn the servers themselves, and even then only the JAVA version, not the web version.
I was shocked how badly this went...............
Help please!