Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

migrated to 12.1 ru2

Created: 20 Nov 2012 • Updated: 21 Nov 2012 | 32 comments
This issue has been solved. See solution.

Hi there,

 

I just recently migrated to the new version of SEPM 12.1 ru2, migration went fine no problems at all.
However right now all my clients went offline, first they all were online..

Anyone has an idea what this could be?

 

LEVD

Comments 32 CommentsJump to latest comment

.Brian's picture

Do you see the green dot on the icon? Can you right click the SEP icon in the task tray and "Update Policy"?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

levd's picture

i saw a green dot icon :) now all clients are 'offline' according to the manager and all green dots disappeared.

update policy is not helping on a client.

 

LEVD

levd's picture

I read about cloning issues however not all my clients are cloned and they are offline also.

Also im using sid changer in Ghost to change the unique identifier.

levd's picture

any ideas?

Server can connect to DB
Client responds ok to hello secars
Client log show nothing only update policy, and later cant connect to management server

.Brian's picture

It sounds like they are trying to point to a different server? Did you build a new server?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

levd's picture

No, no new server, same servers, migrated to the new version. (failover)

.Brian's picture

So when you open the client GUI and go to help >> Troubleshooting, what does it show under server? Offline?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

levd's picture

yes offline, yesterday i migrated all was ok.

.Brian's picture

Can you run the SEP Support Tool on one of the affected clients to see what it shows?

Do you use a proxy in your environment? If so try this:

Open regedit. Go to:

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings

If there's an item called GlobalUserOffline, delete it and do an smc -stop and smc -start from the Run prompt

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

levd's picture

no i dont use a proxy server.
There is not GlobalUserOffline entry in there.

 

.Brian's picture

Did you push a client package from the server to upgrade clients? It wasn't an unmanaged package, correct?

Run the support tool to see what it shows.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

levd's picture

no, i did not updated clients yet, i made a new group to update 2 clients to test, i copied in 2 clients.

After that i looked liked all went offline..

 

How to run the support tool?

levd's picture

running the support tool, some errors, one about secars can't communicate to my sepm consoles port 80 http code 503

Rafeeq's picture

can you check if there are any ip restrictions in your IIS

you can log in to sepm?

levd's picture

yes no problem, maybe the migration changed ports clients connect to?

Rafeeq's picture

you can check that. on one of the clients, open sylink and check for port number or you can post the sylink.xml file here,

open the file in wordpad and paste the first half contents.

levd's picture

I think its a problem with my ports.

IIS is running on port 80, sepm port settings are greyt out at http port 8014 and https 443

this is part of my server.xml from the tomcat folder:

 

<Server port="8765" shutdown="13C5A7580A68052600A969E49893FA99">
- <Service name="SCM">
  <Executor minSpareThreads="5" name="SEPMThreadPool" />
  <Connector acceptCount="100" connectionTimeout="20000" debug="0" disableUploadTimeout="true" enableLookups="false"executor="SEPMThreadPool" maxProcessors="75" minProcessors="5" port="9090" redirectPort="443" useBodyEncodingForURI="true"useURIValidationHack="false" />
  <Connector SSLEnabled="true" acceptCount="100" ciphers="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA" clientAuth="false" debug="0" disableUploadTimeout="true"enableLookups="false" keystoreFile="C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\keystore.jks"keystorePass="NukOQf3kIVKe3rve" maxProcessors="75" minProcessors="5" port="8443" scheme="https" secure="true" sslProtocol="TLS"useBodyEncodingForURI="true" useURIValidationHack="false" />
- <Engine defaultHost="localhost" name="Catalina">
- <Host appBase="webapps" autoDeploy="false" debug="0" liveDeploy="false" name="localhost" unpackWARs="true">
- <Context crossContext="true" debug="0" docBase="ajaxswing" path="/console" reloadable="false">
  <Logger className="org.apache.catalina.logger.FileLogger" prefix="localhost_ajaxswing_log." suffix=".txt" timestamp="true" />
  </Context>
- <Context crossContext="true" debug="0" docBase="/portal.war" path="/portal" reloadable="false">
  <Logger className="org.apache.catalina.logger.FileLogger" prefix="localhost_portal_log." suffix=".txt" timestamp="true" />
  </Context>
  </Host>
  <Realm className="org.apache.catalina.realm.LockOutRealm" />
  </Engine>
  <Connector SSLEnabled="true" acceptCount="100" clientAuth="want" debug="0" disableUploadTimeout="true" enableLookups="false"keystoreFile="C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\keystore.jks"keystorePass="NukOQf3kIVKe3rve" maxProcessors="75" minProcessors="5" port="8444" scheme="https" secure="true"sslImplementationName="com.sygate.scm.pool.customssl.CustomSSLImplementation" sslProtocol="TLS" useBodyEncodingForURI="true"useURIValidationHack="false" />
  </Service>
- <!--

 

levd's picture

Guess i fixed it, i think i forgot to edit the default communication port during migration, standard is 8014. My iis Symantec Webserver is configured on port 80, during migration the altered settings in the past are not changed but left on port 80.
I changed the communication port in SEPM to 80, clients tryed to communicate on port 80, SEPM was 8014 default.

Clients seem to be slowly coming back to my console.

I think is what happened.

Thanks all.

LEVD

PS: i cant find any port settings in sylink.xml or is this me?

Rafeeq's picture

this should be using port 80

check if port 80 is used by any other  application, check windows firewall.

click on start

run

smc -stop

smc -start ( when you start , do u find dot just for few mins and then disappear). This might happen if client has different cert.

whats the outupt of this cmd?

http://www.symantec.com/business/support/index?page=content&id=TECH102682

 

levd's picture

Rafeeq can you read my solution and let me know if this could be the problem. Clients are communicating again,.

Rafeeq's picture

if no port is listed in sylink that means its using port 80

when you upgrade it asks you do u want to use default or custom

if your 1st install is on port 8014 and during upgrade if you select default. It will change the port to 80. I think thats what went wrong.

.Brian's picture

Yes, will communicate on 8014 unless otherwise changed. Sounds like once you set back to port you were using its now working

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

levd's picture

Well guys thanks all for your help.

 

LEVD

Dushan Gomez's picture

Which one is the solution ?

Dushan Gomez
IT Manager
VCP 4 and 5 | MCITP Exchange Server | MCTS SharePoint Server | MCP Windows XP

 

levd's picture

the one i marked as a solution, i figured it out.

 

LEVD

Dushan Gomez's picture

ah I thought so.. :-)

Dushan Gomez
IT Manager
VCP 4 and 5 | MCITP Exchange Server | MCTS SharePoint Server | MCP Windows XP

 

levd's picture

Brian,

It seems like my issues are not all gone yet.
Just working in the console now, and all my clients went offline again.. very strange.

If i run support tools on a client it states error unable to connect to the remote server 80, im betting in a bit the clients will communicate again, but this behaviour is not normal is it.

 

LEVD

levd's picture

It looks like i have SEPM isapi proxy errors in my server logs during failure of client connections.

levd's picture

It seems i fixed it "again"..? maybe it was a different issue then yesterday i dont know about that.

I followed this document: http://www.symantec.com/business/support/index?page=content&id=TECH161964 
How to bypass the IIS Proxy to apache webserver, it seems like this was giving me issueswith disconnecting clients.

Can someone shine a light on this ?

SOLUTION
levd's picture

Also maybe noteworthy.

I migrated my old SEPM 11.0.7 with the following configuration:
1 site, in this site 2 SEPM servers configured as fail-over.
I noticed on my main SEPM server the iis bypass to apache, this i changed like described in the document: http://www.symantec.com/business/support/index?page=content&id=TECH161964

I noticed on my fail-over SEPM server the migration just deleted my IIS symantec webserver, only running on apache i guess.

Well i hope the changes in the SEPM communication ports and the changes in IIS bypass to apache solved my issue and keeps it solved :)

LEVD

Dushan Gomez's picture

thanks fpr sharing the solution here !

Dushan Gomez
IT Manager
VCP 4 and 5 | MCITP Exchange Server | MCTS SharePoint Server | MCP Windows XP