Endpoint Protection

 View Only
  • 1.  Remove SEPM from remote clients or convert to unmamaged

    Posted Aug 15, 2014 02:49 PM

    Hello All,

     

    We have been hosting a SEPM server for our clients for the last several years.  We use NAT redirects, since the server is behind our datacenter firewall and the clients are not connected via VPN.  Everything works great functionally.  What I am having a problem with is client removal.  We occasionally have a client who leaves our services.  When that occurs, the SEP installations are uninstalled from the client machies as part of our offboarding process.  Where this has become an issue is when there is a machine that is missed.  We then no longer have access to the client PCs.  The SEP client continues to check in to our SEPM and take a license.  How can I stop this from the SEPM?  

    Keep in mind the following:

       - I no longer have any remote access the the remote computers, other than the connection via the internet and NAT redirection that the client uses to connect to the SEPM at our datacenter

       - I want to either convert it to unmanaged so it stops checking in to our SEPM or remotely uninstall it.  I see nowhere that I can do either of those things through the SEPM.  

    Is there another Symantec Endpoint management tool that I could use to achieve this?  We were initially considering blocking the IP address of the client, however some of them do not have static IPs.

    Any help would be greatly appreciated.

     

    Regards,

    Jason



  • 2.  RE: Remove SEPM from remote clients or convert to unmamaged

    Posted Aug 15, 2014 03:38 PM

    Once the SEP client is uninstalled from the PC, there is no way it can commnicate back in. You can just delete from the SEPM console.



  • 3.  RE: Remove SEPM from remote clients or convert to unmamaged

    Posted Aug 15, 2014 04:12 PM

    Completely agreed.  The problem is that if a computer was missed during the uninstall, and we didn't catch it, there is now no way for us to remove the client from the computer and / or stop it from checking in to our sepm.  At that point, we would no longer have any access to the client's workstations.



  • 4.  RE: Remove SEPM from remote clients or convert to unmamaged

    Posted Aug 15, 2014 04:55 PM

    Are you using "domains" within SEPM? Ie create a domain under Admin for each client.

    Then you could simply delete the domain when the client leaves.



  • 5.  RE: Remove SEPM from remote clients or convert to unmamaged

    Posted Aug 15, 2014 09:46 PM

    I am not familiar with domains.  We currently have a folder for each client.  Could you elaborate a little on the difference with a "domain"?



  • 6.  RE: Remove SEPM from remote clients or convert to unmamaged

    Posted Aug 16, 2014 01:07 AM

    It's mean that system is login with local admin account or with Domain login id. When the system is in workgroup it login with local admin account. When it is in domain it login with Active Directory integerated/created account.

    Below is article to make it unmanage

    How to change managed Symantec Endpoint Protection(SEP) client to unmanaged SEP client?

    Article:HOWTO36107  |  Created: 2010-11-21  |  Updated: 2011-01-31  |  Article URL http://www.symantec.com/docs/HOWTO36107