Endpoint Protection

I am learning Symantec for th efirst time.  I have setup a server with the SEP manager.  It connects correctly to a separate SQL DB.  Everything works fine as long as I am using an Uber-Admin: someone who can see every domain.  I am not using any authentication such as RSA or AD/LDAP etc....

If I create a standard Admin, they cannot access the console.  Their account doesn't update either with failed logins.  They just get rejected out of hand.  I wiresharked the server and the remote console connects with the default admin.  The data is encrypted, but there is plenty of data going through.  If I create a new admin, and connect remotely, the wireshark data is quite small.  The server seems to reject them out of hand and no further negotiation occurrs.  It just states that an authentication failure occurred.  If I switch to any uber-admin account, then it works fine.

I cannot find anything in the help manuals about this.  Suggestions please?

Hi,

       There are certain requisites that you need to consider during the creation of Passwords.

Database Username: Allowed:

Below is the list of special characters that can be used as part of the username for the database when installing the Symantec Endpoint Protection Manager

~ == Tilde + == Addition
= == Equal To / == Back Slash
# == Dollar _ == Underscore
| == Pipe . == Period
% == Percent : == Colon

Database Username: Not Allowed:

Below is the list of special characters that cannot be used as part of the username for the database when installing the Symantec Endpoint Protection Manager
` == Tilde ( == Open Round Bracket
& == Ampersand ) == Closed Round Bracket
? == Question Mark [ == Open box bracket
< == Less than ] == Closed Box Bracket
! == Exclamation { == Open Curly Braces
* == Asterisk } == Closed Curly Braces
$ == Dollar , == Comma
; == Semicolon ^ == Carat
@ == At the rate - == Subtraction
> == Greater than \ == Backslash

The following names are also not allowed:

sysadmin, server admin, setupadmin, securityadmin, processadmin, dbcreator, diskadmin, bulkadmin.

Database Password: Allowed
Below is the list of special characters that can be used as part of the password for the database user account when installing the Symantec Endpoint Protection Manager
~ == Tilde : == Colon
= == Equal To _ == Underscore
# == Dollar . == Period
| == Pipe + == Addition
% == Percent / == Back Slash

Database Password: Not Allowed
Below is the list of special characters that can be used as part of the password for administrative user accounts for Symantec Endpoint Protection Manager
` == Backtick # == Hash
$ == Dollar % == Percent
& == Ampersand ^ == Carat
~ == Tilde + == Addition
- == Subtraction = == Equal to
| == Pipe \ == Back Slash
/ == Forward Slash ' == Single Quote
? == Question Mark : == Colon
> == Greater Than < == Less than
. == Period @ == At the rate


Admin User Account Password: Allowed
Below is the list of Special characters or Symbols that are allowed to use in Password for Admin user account for Symantec Endpoint Protection Manager
- == Subtraction = == Equals to
| == Pipe ' == Single Quote
/ == Forward Slash $ == Dollar
. == Period ` == Backtick
+ == Addition ? == Question Mark
~ == Tilde < == Less than
^ == Carat > == Greater Than
% == Percent \ == Back Slash
# == Hash & == Ampersand
: == Colon

Admin User Account Password: Not Allowed
Below is the list of Special characters or Symbols that are not allowed to use in Password for Admin user account for Symantec Endpoint Protection Manager
! == Exclamation Mark ) == Closed Round Bracket
{ == Open Curly Braces " == Double Quotes
; == Semicolon @ == At The Rate
( == Open Round Bracket } == Closed Curly Braces
[ == Open box bracket * == Asterisk
] == Closed Box Bracket , == Comma



Please follow this and let us know whether it helped

I have the default "Admin" account with a legitimate working password.  Then I added a user for testing:
- Name: name
- Password: nametest
- Account: Administrator (standard administrator; over 1 domain)

That user cannot log in.  Even from the local WIndows box, let alone from remote.

Sandip made a valid point here, but if its a simple password with no special characters and the error recieved during logon is "authentication failure occurred"

We might want to try to "Administer the Domain" for the newly created accounts with the Domain in SEP Manager with which we are working with:

Steps for the same:

1. Log into the SEPM
2. Click on Admin
3. Click on Domains
4. Click Add Domain
5. Choose the Domain Name:
6. Click OK
7. After the new Domain is created and highlighted click Administer Domain
8. Are you sure you want to administer the domain " " ? Click Yes
9. Click OK

Thanks :)

I'm not certain why creating a new domain will solve and authentication error....

Look, I have a working domain.  I want to grant other users the ability to access the domain.  If I add the new users as equals with the default Admin account (i.e. System Admin) then they can log in.  If I make them a standard Administrator, then they are prohibited from logging in.  Why would that be?

On the login window, I needed to specify the Symantec Domain to which the user was associated.  No where can I find any information stating that this was for the *Symantec* domain.  We don't use AD and so I assumed that this was related to AD or some LDAP component.  Since this field starts up minimized and out of sight, I assumed it was a non-neccessary step.

Ooops.

Thanks anyway.