If it helps any, I am getting this in my event viewer:

The Java Virtual Machine has exited with a code of -1, the service is being stopped.

Alright, well the reporting error is gone, after a few reboots and manually starting the services...  They seem to be stable again...  But we are right back where wew started...

*******************************************

June 17, 2009 1:38:34 PM EDT: D:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\temp\null (The system cannot find the file specified) [Site: SYMANTEC] [Server: SYMANTEC]
June 17, 2009 1:38:34 PM EDT: Failed to connect to the server.

Make sure that the server is running and your session has not timed out.
If you can reach the server but cannot log on, make sure that you provided the correct parameters.
If you are experiencing network issues, contact your system administrator. ErrorCode: 0x80020000 [Site: SYMANTEC] [Server: SYMANTEC]

********************************************

Few things wrong with this statement... 
- I can log into SEPM.
- The server is running (the machine is the server)
- There are no network issues, I am connected, as I always have been, via RDP.
- I am the System Administrator
- ErrorCode: 0x80020000 ->  There is no replication partner setup or defined... 

This KB may provide some help - http://service1.symantec.com/SUPPORT/ent-security....

Could you please check the scm server0.log & catilina out.log
Is it giving you any error realted to 401 or 8005 respectively
If yes then you can try this for 401
1.  Create a new user on the SEPM machine. Consult your domain admin if you do not have the rights to do this.  This user only needs to be a member of the Users Group.  Make sure it is a member of the Users Group.
2.  Add this user with full control permissions to the following locations
    - <drive:\>program files\Symantec\SEPM\Inetpub\reporting
    - <drive:\>docs and settings\all users\app data\symantec\SEPM\php\temp
3.  In IIS manager exand your web sites --> right click "Symantec Web Server" --> properties --> directory security tab: click "Edit" under Authentication and Access Control --> Browse to the newly created user to use for authenticating with Our Web server.

& if its 8005 under catilina.out then follow this

http://service1.symantec.com/support/ent-security.nsf/docid/2007100309555748 

If it works then mark this as solution

Are you saying that WSUS and SEPM are on the same box? We had this problem. There's an issue with SEPM and WSUS being installed on the same computer because they share the same virutal directory called 'content'.

There's a Symantec article about that somewhere.

No I think WSUS & Symantec can run on same server but they shoould be hosted on different websites

I think you are talking about this
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007111913581148

Thanks for the replies.

@SJE,

They have been living together for a while, happily.  The migration to the same box was done after the release of MR4 MP2.  I don't remember which release addressed and fixed this issue, but it was working fine.

Something went and got screwy. Not sure what.  IIS, is working fine and I can build and run a custom website, no problem in a matter of moments.  There are no issues with rights on the machine, as the only time it is logged into and stays "locked" is with an Enterprise Admin account.  The account has full rights everywhere.

No 401 or 8005 errors.  Just symantec thinks it has a replication partner and is trying to acquire data from it...  very weird...

SEPM and WSUS...  Backups made of both databases. 

Should be noted, that this was an original install from...  SEP 11.00.xxxx  So, maybe it is time it takes a little trip down uninstall lane and gets rebuilt from scratch.  

 WSUS is taking the same trip.

So, I uninstalled everything.  SEPM, WSUS, IIS, everything.

I re-installed SEPM.  Clean install works just fine.  I restored the database, works just fine.  As soon as I restart the SEPM service, it won't start and event viewer gives me:

The Java Virtual Machine has exited with a code of -1, the service is being stopped.

Installing to the default c: or different drive?

I have 3 Different HDDs in the box.

The first a 40gig, is for system.  (C:\)
The second a 120 gig, is for Symantec (d:\)
And the third is another 120 gig for WSUS (e:\)

Symantec is on it's own custom drive and gets installed last. 
WSUS is on the default website and gets installed first.  I am not sure if something in SEP blocks the other ports on standard website, but regardless, it works well like this.
* * * * * * * * * *

I tried to reinstall the backups of the Database for SEP and the system would have nothing of it.  I completely reinstalled EVerything from scratch.  That includes OS and WSUS as well as Symantec. 

Everything is running harmoniously again and it even gave me an opportunity to update some of the Centralized exception policies and in there things like "logging all data written to USB".

The problem we are facing this morning, the system seems to have forgotten how to handle exceptions that were configured in the past.  I imported the Application and Device control policies and configured them for my groups to which they corresponded...  And now, some of them don't work.... 

Anyone else run into this kind of problem or know a way to resolve this? 

Thank you

Hi,

The policies which are not working, Can you provide some brief input on the same like, it is not working on some clients or on entire group that you have in SEPM.

Thanks,

Nirav Mistry

I have setup a Centralized Exception for an "in-house" Exe that we use. 
I have the MD5, the Folder, the process and the Exe itself in the exceptions.  Everything was working fine. 
After rebuilding the server, and importing the policy, it no longer seems to work.  The problem is; nothing happens.  There are no logs anywhere in Symantec (Client or server), nothing in the event viewer, nothing anywhere to indicate what isn't working... 

I am going to uninstall the SEP client and run another test to see if the problem is, our in house programmers, modifying a table somewhere in a DB and not realizing it had impact on the other EXE or if it is indeed SEP that is blocking it. 

*******

UPDATE:
It's not working on a machine that does not SEP and has never had SEP installed on it.  Time to go "beat down on a group of programmers".

Also, although I never got an initial response to resolve this thread...  I rebuilt everything from scratch and made a new image of my drives, should anything like this occur again in the future.  I don't see a purpose to keeping it open as "it's fixed" here after a full rebuild.  Not very efficient, time wise, but functional.

HI,

If you are still getting the error ": D:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\temp\null (The system cannot find the file specified) [Site: SYMANTEC] [Server: SYMANTEC]"

Please try to create a folder by the name 'temp' in the tomcat directly. I have seen the same error on a different case and after creating the temp folder, everything started working.

But, even after re-installing SEPM, you are getting java -1. I think you should look into scm-server-0.log and catalina.out file.

[Tip: You will find the errors in the line before the indentation changes]

Let us know if you see any errors.

Hoe this helps.

Cheers,
Aniket