Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrade.
Please accept our apologies in advance for any inconvenience this might cause.

SEPM Clients (find unmanaged computers) Installation Package Fails

Created: 15 Aug 2013 • Updated: 16 Aug 2013 | 21 comments
This issue has been solved. See solution.

I am setting up SEPM to push down the virus updates to the managed clients. I currently have 4 clients in the default workgroup and have 7 that are still unknown. WHen I search for the unmanaged clients it finds the 7 PC's in the domain, but when I try do client installation package it fails. Any thoughts?

Symantec Error2.jpg

 

Operating Systems:

Comments 21 CommentsJump to latest comment

_Brian's picture

What's the OS of the machines?

Is the remote registry service enabled?

Have the machines met the requirements?

How to prepare computers to install Symantec Endpoint Protection 11 client software

http://www.symantec.com/docs/HOWTO36145

sharknado's picture

I appologize, I forgot to give all of the pertinent information for more full picture.

SEPM Server - 11.1

Server - Windows 2003 32 bit OS

Client - Windows 7 Enterprise 64 bit OS

-All clients have firewall disabled

-SEP Client - 11.0 (Each client has it installed from the corporate image)

---------------------------------------------------------------------------------------------------------------------------------------------

This morning I will begin to uninstall all of the legacy SEP on each client. This is the only step that I haven't done in the "How to prepare computers to install Symantec Endpoint Protection 11 client software"

http://www.symantec.com/business/support/index?page=content&id=HOWTO36145

 

MichaelD50's picture

What version of SEPM 11 are you running? "Find Unmanaged Computers..." went away in SEPM 12.1.

Have you considered upgrading to SEP 12.1 on general principles?

MJD

sharknado's picture

This is the version that we were given by corporate. This server doesn't touch the internet and has no ability to upgrade to SEP 12.1 unless I burn it to disk.

Rafeeq's picture

Disabled UAC/disabled windows firewall? and make sure remote registry serivce is enabled.

sharknado's picture

All the clients have the firewall disabled..... Remote Registry Service enabled? I'll have to check into this.

sharknado's picture

Does the Remote Registry Key have to be enabled even if you have Admin rights on the PC?

_Brian's picture

Yes, the service needs to be enabled/started.

Rafeeq's picture

It needs to be Enabled.

Here is the checklist of all the services and registries for remotep push install of SEP

http://www.symantec.com/business/support/index?page=content&id=HOWTO80805

sharknado's picture

Here is my issue with this......

1. Half of the clients are loaded to the SEPM clients default workgroup and are having updates pushed to them and are fine. The only thing I did was disable the firewall.

  1. Remote Registry Service: startup is 'manual'
  2. SEP software was legacy and already on the machine from Coporate image
  3. Windows Defender 'on'

2. The other half of the clients I just completed

  1. Remote Registry Service: startup is 'automatic'
  2. SEP uninstalled
  3. WIndows Defender disabled

And I re-run Installation package for unmanaged clients and it failed on all of them. Am I missing something here? Cause this doesn't make sense on half didn't touch them and it worked fine and the other half with all the tinkering and they are failing.

Anyone?

Rafeeq's picture

Are you sure of the ID and password for the workgroup? Coz in many situations I have seen that each machine has different local admin ID and Password.

From the location

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\bin

Copy the clientremote.exe and clientremoteres.dll file to a machine which is already in the workgroup along with your package.

Run the clientremote.exe

If push is successful that means ID and password is correct and package is pushed successfully

If the Installation failed then its the issue on the client and we need to check the SEP_inst.log

SOLUTION
sharknado's picture

Stupid question, but just wante to clarify I understand.

Copy the "clientremote.exe and clientremoteres.dll file to a machine which is already in the workgroup" i.e. client that shows up in the SEPM client default workgroup?

Also when I Click Browse and Specify the Folder containing the client Software.... Is this the client software on the server? where SEPM is installed?

 

 

Rafeeq's picture

From the first screen shot what you have posted. You are trying to install SEP to a workgroup not to a domain right? Isn't it?

If thats true then copy the client remote and also the SEP installer to a workgroup and do the push from that machine to others.

 

sharknado's picture

I am failing to understand, I must appologize.

I have a Windows 2003 server that all of the 10 clients are loaded to the domain. SEPM is on this domain server with 4 of the clients that are in the SEPM clients default workgroup and the other 6 as unmanaged clients.

I do a search for unmanaged clients and 6 are found. I select all 6 clients and the option is to push Installation to the unmanaged clients.

If I understand right (sorry, my thick head), Copy the clientremote.exe and clientremoteres.dll file to a unmanaged client and a full install package.exe. run clientremote.exe from the unmanaged client, then browse and point to the install executable.

 

Rafeeq's picture

But why in the Screen shot you have selected Workgroup. It should be your Domain and your domain admin Id and password. Look at the screen shot what you have posted again.

sharknado's picture

Ah, yes. Sorry, I realized that I did that and re-did the scan but didn't update the screenshot. It still failed.

Current Status:

I copied the clientremote.exe and clientremoteres.dll file to a machine along with the package I created. I tried to push it to all the unmanaged PC's that I selected, but it kept failing.

So I went to each PC and ran the setup.exe package that you suggested I copy over. The package installed SEP and loaded the client to the SEPM client default workgroup and updated the virus definitions. Unfortunately I had to do it on each PC and I don't know why the push didn't work.

Not sure if I am going to have problems with pushes in the future, but for right now everything is up and running and all clients up to date and in the SEPM client workgroup.

Thank you so much for helping me ....... I couldn't have done it without help. And thank you for you patience with me.

Rafeeq's picture

Happy to help :) . This solution is very important to me and I will not forget this. This was my 1000 Solution. :) Thank you.

Happy weekend.

AJ_01's picture

What is your aep version?

Disable the firewall service and try again

Regard

AJ

Rafeeq's picture

Check these

 
1) HTTP 400 - Bad Request communication error for Symantec Endpoint Protection Manager (SEPM) 11.x
 
3) Symantec Endpoint Protection clients do not communicate with their Manager: 400 - Bad Request in Sylink log
 
In addition check your IIS logs