Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

No data from SECARS when reporting agent registration info

Migration User

Migration UserJun 11, 2012 06:42 PM

Try by disabling firewall and UAC
Migration User

Migration UserJun 11, 2012 07:09 PM

that's for windows xp, i'm running server 2008 r2
Migration User

Migration UserJun 11, 2012 07:10 PM

Already tried this
Migration User

Migration UserJun 11, 2012 07:14 PM

firewall and UAC disabled, still the same
Migration User

Migration UserJun 11, 2012 07:24 PM

Try by repairing SEPM....

  • 1.  No data from SECARS when reporting agent registration info

    Posted Jun 10, 2012 11:09 AM

    I am facing this exact situation:

     

    https://www-secure.symantec.com/connect/forums/client-recieves-500-server-logs-no-data-secars-when-reporting

     

    same errors in esrecreg.log, same errors in sylink monitor. Older clients have the green dots, the newer ones dont have it. Tried the solution from the link (changing from port 9090 to something else) and it still does not work. Running endpoint 11 ru7, mp2



  • 2.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 10, 2012 03:19 PM

    Have a look at this document:

    After migration to 11.0 RU7 clients are not updating or connecting - Sylink.log 500 internal server error

    http://www.symantec.com/docs/TECH168828

    HTH!



  • 3.  RE: No data from SECARS when reporting agent registration info

    Trusted Advisor
    Posted Jun 11, 2012 03:13 AM

    Hello,

    Are you using Windows 2008 Server / Windows 2003 64 bit server?

    Could you pull and upload the sylink.log from the newer clients  to us to check the root cause of this issue?

    Secondly, are these newer client machines cloned / imaged ? If yes, check this: http://www.symantec.com/docs/TECH96808

    Are you using any proxy?

    Check this Article and work on the steps provided in it.

    After migration to 11.0 RU7 clients are not updating or connecting - Sylink.log 500 internal server error

    http://www.symantec.com/docs/TECH168828

    OR / AND

    Possible Causes: Legacy proxy settings in the registry still persist after environmental changes on client machine.

    Solution

    The legacy proxy settings can be removed by performing the following steps:

    1.   Open the registry (Start->Run->type "regedit").

    2.  Go to HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\InternetSettings\connections

    3.  Delete the registry keys "DefaultConnectionSettings" and "SavedLegacySettings".

    4.  Reboot the machine.

    Note:  These registry keys will automatically regenerate after reboot of machine.

    Also, this also could be caused due to incorrect proxy server information in the following registry location: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\InternetSettings

    Removing the incorrect proxy info from this key and then rebooting allowed the client to communicate normally.

    One important thing to keep in mind is that any incorrect proxy information must also be removed from the following two locations as well:

    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings

    If the settings are not removed from these two keys, they will repopulate the Internet Settings key after every reboot.

    Remove the incorrect proxy information from all 3 registry locations noted above, then reboot.

    Just to add, in many of my cases, where was an issue with the System Account at User Proxy Level. They had to Bypass the Proxy on the server.

    Hope that helps!!



  • 4.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 06:42 PM

    Try by disabling firewall and UAC



  • 5.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 06:49 PM

    Try this as well

    Replace the Serdef.dat file on the SEP 11 Client

    1. Export a new package from the newly installed SEPM without checking the 'Single EXE' option
    2. On the SEP 11 Client machine, click Start > Run and type 'smc -stop'
    3. Copy the serdef.dat file from a working system and paste it over the existing version at \Program Files\Symantec\Symantec Endpoint Protection\
    4. On the SEP 11 Client machine, click Start > Run and type 'smc -start'
    5. The client should now successfully connect to the SEPM


  • 6.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 06:59 PM
      |   view attached

    I am using 2008 r2.

    None of the machines are clones

    No proxy

    I already looked at that article, it applies to xp.

    Already checked the proxy settings - no proxy, deleted those two keys jsut to try it, didnt fix anything.

    attached the sylink monitor

    Attachment(s)

    txt
    sylink_25.txt   11 KB 1 version


  • 7.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 07:09 PM

    that's for windows xp, i'm running server 2008 r2



  • 8.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 07:10 PM

    Already tried this



  • 9.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 07:14 PM

    firewall and UAC disabled, still the same



  • 10.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 07:24 PM

    Try by repairing SEPM....



  • 11.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 07:37 PM

    We were using RU6 when i noticed this error, i upgraded to RU7, and then RU7 MP2.

    Should i still repair SEPM?



  • 12.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 07:52 PM

    Then I think some permission issue in IIS.

    Run SEP support tool and see whether it is reporting some issues...



  • 13.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 08:07 PM

    This is the error i am getting. My understanding is that 8005 is not used and i can ignore that error.

     

    Error: No applications are using 's configured port 8005 with a start of 'Listen'

    Information: IIS location /LM/W3SVC/2 is not configure for SSL



  • 14.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 08:23 PM

    Is it using 8765 intead of 8005?

    <EDIT>

     

    If no follow the below procedure


    To change the Tomcat port

    1. Click Start > Run.
    2. Type services.msc, and then click OK.
    3. Stop the Symantec Endpoint Protection Manager service.
    4. Go to the following folder:

      C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\conf\
    5. Right-click the file server.xml, and click Edit to modify the file.
    6. Change port="8005" to an open port.
    7. Save the changes to the server.xml file.
    8. Start the Symantec Endpoint Protection Manager service.
    9. Log on to Symantec Endpoint Protection Manager.


  • 15.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 08:50 PM
      |   view attached

    tomcat IS listening on port 8765, its the very next line. Like i said, my understanding is that we can ignore this error.

     

    see attached screenshow



  • 16.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 08:53 PM

    Look like this error can be ignored. Can you please post scm-server-0.log...



  • 17.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 11, 2012 09:08 PM

    2012-06-11 15:51:22.485 SEVERE: ================== Server Environment ===================
    2012-06-11 15:51:22.485 SEVERE: os.name = Windows Server 2008 R2
    2012-06-11 15:51:22.485 SEVERE: os.version = 6.1
    2012-06-11 15:51:22.485 SEVERE: os.arch = x86
    2012-06-11 15:51:22.485 SEVERE: java.version = 1.6.0_31
    2012-06-11 15:51:22.485 SEVERE: java.vendor = Sun Microsystems Inc.
    2012-06-11 15:51:22.485 SEVERE: java.vm.name = Java HotSpot(TM) Server VM
    2012-06-11 15:51:22.485 SEVERE: java.vm.version = 20.6-b01
    2012-06-11 15:51:22.485 SEVERE: java.home = C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\jre
    2012-06-11 15:51:22.485 SEVERE: catalina.home = C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat
    2012-06-11 15:51:22.485 SEVERE: java.user = null
    2012-06-11 15:51:22.485 SEVERE: user.language = en
    2012-06-11 15:51:22.485 SEVERE: user.country = US
    2012-06-11 15:51:22.485 SEVERE: scm.server.version = 11.0.7200.1147
    2012-06-11 15:51:29.664 SEVERE: ================== StartClientTransport ===================
    2012-06-11 15:51:30.341 SEVERE: Schedule is started!
     



  • 18.  RE: No data from SECARS when reporting agent registration info

    Posted Jun 12, 2012 02:46 PM

    Not finding any error. Please increase the debug level as per below KB and post scm-server-0.log

    How to debug the Symantec Endpoint Protection Manager