Hi,

I have been editing our policies in the SEP manager console but the changes are not applied on my test client.
When I check the client properties in the manager console the currnet policy serial number is dated January 2008 while the current policy should be dated december 2009.

on the client the windows firewall is currently turned off.

I hope someone can shed any light on this matter!?

Does the client icon have a green light? When you look at help and Support, Troubleshooting, does it show online with the server? On the console, does it show online and what is the last checkin time? Can you force a policy update, and does that change the last checkin time? If you have more than one client, can you export a policy from a working one and import it to a non-working one?
 
I have occasionally seen clients which do not update properly. Try replacing the Sylink.xml file. Also try moving it temporarily to another group to see if it will refresh there, then move it back.

on the sepm
right click on your test group
run command
update content
check if that updates the policy serial number

this seems to be communication issue. check for secars test to verify the client is able to communicate with the manager!!

 Troubleshooting Client Communication

@dgh: SEP has a green light
@Rafeeq: tried that already :(
@pete_4u2002: secars?? :blush:
@AravindKM: I'll have a look!!

HTTP Status 404 - /secars

---

type Status report

message /secars

description The requested resource (/secars) is not available.

---

Apache Tomcat/4.1.31

first I tried port 8444 because when i login to the SEPM the server is localhost:8444 but that resulted in no page found.
Could it be that SEPM is wrongly configured? Port 8444 instead of 9090??

you need to use the pport the SEPM website it is working on..

check kin IIS manager to know the SEPM website the port hosted on. Then check the secars
http://192.168.2.10:port/secars?hello,secars

let us know the message. it should give OK for proper communication.

Ensure that their is no port conflict with any other applications which is running on the same machine.. 

Refer below discussions also
Not showing green dot
HTTP 404 Not Found, URL: http://localhost/secars/secars.dll?action=34
If the discussionds not helps helps paste the scm-server-0.log with is present in Program Files \Symantec\Symantec Endpoint Protection Manager\tomcat\logs

do you changed anything in SEPM recently? 
Especially related to IIS?
If yes what you done
Also assure that In IIS if you go to properties in IP address files all assigned is selected...

@pete: according to ISS manager secars uses port 80 (default web site) if I run "hello secars" for port 80 I do get OK.

@aravind: I'm starting to think that the guy that originally installed our server (including SEP(M)) made some mistakes :( I recently got the task of fixing it :p

ok:
Default web site (which contains secars) is port 80 and IP is [all unassigned]

Maybe a wrong thought but... shouldn't I need to log on to SEPM using localhost:80 instead of 8444?

I think there is something wrong with the port.
How many clients having problem?
All clients having the same issue or a few having problem?
Any way create a new sylink file and replace it any one client and see whether it works...
 

Because of serious performence issues 99% of my colleagues removed the SEP client from their PC ages ago :s
I reinstalled is recently to find a solution for the problem. Only 3 clients and the server still use SEP, all of them use the same outdated policy (server uses it's own policy but that one is also from january 2008.

I'll have a go on replacing the sylink file.

Hmmm,



there is no Sylink.xml file on the server in folder: C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\outbox\agent\

ohh there is in the subfolder:
0DAA762DC0A8020A01416BA688464C2F and in subfolder 2C8BFC98C0A8020A00DC54CEAFAAC9C3 and in subfolder
BE78478AC0A8020A00727E089ABAFB1D and last but not least in subfolder D3B4425CC0A8020A008558B75D4DDF9D.

all 4 of them dated 31 March 2008 3:02

How can I create a new one?

create new group inside the manager , you wil get a new numbered folder in the agent / outbox folder.
try replacign that sylink

I did: In SEPM clients tab Add group I added myself to the group (copy as active dir member move is impossible)
Whent back to the outbox folder but no new long numbered folder :(


the command file is modified. The files in there are new.
A4C2DA0AC0A8020A0088249C139FD7BD.dax
A4C2DA0AC0A8020A0088249C139FD7BD.dax.sig
A4C2DA0AC0A8020A0088249C139FD7BD.xml

this is because I tried to run update content

you need to check in this folder for numbered folders
 C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\outbox\agent\

Still the same numbers :( in C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\outbox\agent:

0DAA762DC0A8020A01416BA688464C2F
2C8BFC98C0A8020A00DC54CEAFAAC9C3
BE78478AC0A8020A00727E089ABAFB1D
D3B4425CC0A8020A008558B75D4DDF9D
Command
default
whitelist

For creating a new sylink file Log to SEPM ------>clients
select the desired group, right click on it select Export communication settings. Then Browse and save the sylink file in appropriate place..(Remember while you are replacing the sylink file in a client the file name should be sylink.xml only )

Sorry, but I can't find the option :(

Log in to sepm
click on clients tab
now on top click the new group you have created
on the right hand side you wil see a policy tab ( you will see, clients, policies,details, install package)
click on policy tab
at the bottom you will get export communication settings, save it to desktop
this is the sylink file
replace this file as per the procedure mentioned above

I have been looking looking and looking but....
I selected Group Test2, on right hand side the policytab. For Test2 the screen looks exactly as in the earlier screenshot.

click on details tab, do u see any policy serial number or is it blank?

Group Name: test2
Description:

Full Path Name: Global\test2
Number of Physical Computers: 1
Number of Registered Users: 1
Created By: administrator
Created: 2 december 2009 15:49:45 CET
Last Modified: 2 december 2009 15:49:45 CET
Block New Clients: No
Policy Serial Number: 9371-12/03/2009 19:46:07 359
Policy Date: 3 december 2009 19:46:07 CET
Custom Intrusion Prevention Serial Number: Not Applicable

 You cannot add a sub-group under AD groups.
RIght click on Global or Temporary and then you will get the option to add group.

Your SEPM looks a very old version I guess 11.0.2xxxx.xxxx or 11.0.1xxx.xxxx
the latest version is 11.0.5002.333

You should first consider upgrading SEPM then a push upgrade on the clients...

Version older to 11.0.3000.xxxx had to many bugs many with communication and new folder not getting created under agent folder aswell.

I would strongly suggest an Upgrade.

Migrating to Symantec Endpoint Protection 11.0 RU5

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009090313483348

now go to
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\outbox\agent\
look for a folder which starts with 9371
take a sylink file ,which will be inside this folder
replace it.

Just a quick note:  It looks like you are using a very old version of SEPM, pre MR3.  There were some issues with the older versions that you may be experiencing.  You may want to upgrade to RU5 or at least MR3 or later.

@lawman 2 and Vikram: I'll try upgrading asap.

I'll be back in a while. Next week I'll be out of the office so upgrading SEP will have to wait :(

Thanks everyone!!!!! I got it to work, the solution was upgrading the software.