Endpoint Encryption

 View Only

  • 1.  Reinstall the console - SEE 8.2.1

    Posted Feb 14, 2013 10:13 AM

    Hi! I need to reinstall the management console of Endpoint Encryption. We are having to many problems and we come to this. 

    Our IIS user lock in certain time in the AD, the GPO doesn't impact on the clients. 

    We need a procedure to reinstall all the console.

     

    Thx!!



  • 2.  RE: Reinstall the console - SEE 8.2.1

    Posted Feb 15, 2013 05:21 AM

    This might seem silly, but it is literally as simple and going to Add/Remove Programs and uninstalling the Console and reinstalling it (Framework, then followed by Full Disk, Helpdesk, Removeable Storage, etc, as required).

    Most of the configuration data is in the database, and the policy configuration is held in the GPO.  None of this stuff is in console itself.  As long as the Database and the management server itself are not touched, you're fine.

    Regarding your issues however, it sounds to me like you've had to update the password on the IIS Check in account, and that some clients are locking it out by using the old password, is that right?

    Just to clarify, the process for changing the password on this account is:

    • update creds in AD
    • update creds in SEEMS Configuration Manager
    • create and export new Framework Client package with updated creds from the SEE Console
    • perform upgrade install on all existing clients with new Framework Client package

    It is important to note that the creds used for checking in cannot be udpated by policy, and can only be done via a client upgrade:

    http://www.symantec.com/docs/TECH122714



  • 3.  RE: Reinstall the console - SEE 8.2.1

    Posted Feb 19, 2013 01:53 PM

    That was a complete answer, thx. 

     

    Regarding my user, is still locking every 5 minutes, and I just reinstall the console with different users... 
     
    We scan the traffic and my user still try to authenticating FROM the server.

    2012-12-13 00:04:18 10.130.0.96 POST /GECommunicationWS.asmx - 1080 Domainx\userx 10.130.9.5 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.50727.5466) 401 1 1326 31

     

    Any ideas how to remove this user from whatever it is?



  • 4.  RE: Reinstall the console - SEE 8.2.1

    Posted Feb 22, 2013 03:52 AM

    No probs, hope it helps!  As always, it'd be appreciated if you could mark any useful posts with a "Thumbs Up" or as the Solution wink

    As far as your user account locking out, the log you posted looks as if it came from IIS on your SEE Management Server, is that correct?  That particular log entry indicates a client machine on 10.130.9.5 tried to authenticate to your server (10.130.0.96) using the account DomainX\UserX and failed.

    Can you track down whatever machine was on 10.130.9.5 at the time the log entry was generated?