I'm about at my wits end here, hoping someone can help. I've spend about 3 hours on the phone over the last week with Symantec support, and while they have been infinitely patient, no resolution yet.
I have (somewhat regretably now) recommended and sold a competitive upgrade to a client to replace Trend Micro. I'm installing SEPM on the server and it continually rolls back as soon as it hits "Configuring IIS". The SEPM_INST.LOG the following "return value 3" message:
SESM CA: Command Line: "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\bin\IISCONFIG.VBS" -install "0" "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\" "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\bin\" "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Php\php-cgi.exe" "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\bin\cacls.exe" "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Php\Php.ini" "C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection Manager\Php\temp\" "8014" "0"
SESM CA: Error: ShellExecuteEx failed.
SESM CA: RunCommandFromBin End
SESM CA: Failure in IIsConfig.vbs script - See the Windows Event Viewer application log for the failure event.
Action ended 13:47:26: InstallFinalize. Return value 3.
Action 13:47:26: Rollback. Rolling back action:
Rollback: Configuring IIS
Rollback: InstallIISConfigRollback
SESM CA: InstallIISConfigRollback Begin
SESM CA: UninstallIISConfig Begin
SESM CA: RunCommandFromBin Begin
SESM CA: Program: C:\WINDOWS\system32\CSCRIPT.EXE
SESM CA: Command Line: "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\bin\IISCONFIG.VBS" -uninstall
SESM CA: Error: ShellExecuteEx failed.
SESM CA: RunCommandFromBin End
SESM CA: UninstallIISConfig End
SESM CA: InstallIISConfigRollback End
There is nothing relevant in the application log.
Here are the details:
-
SEPM v11.0.6000.550 on Windows Server 2003 SP2
-
Trend Micro (client/server security agent and the management server) has been uninstalled completely
-
Install is running on a console session under the Administrator account
-
Server is a DC and also has BackupExec installed with LiveUpdate (I have uninstalled LU and reinstalled from the SEP package successfully as we were also getting errors in the log concerning LU, but they are now gone)
-
Server is also a Terminal Server, but I have ensured the connection was disabled and all users logged off while I attempted the installation.
-
IIS is a fresh install, nothing but the default website (which I tried deleting also, but it didn't help). I have tried enabling every option in the Applications section of Windows Add/Remove Components screen and verified that the default website is running.
-
I have followed all of the steps listed on the Symantec Endpoint Protection Manager installation rolls back at Configuring IIS page with no issues.
-
I can run the following command successfully and create a "Reporter" extension in IIS: cscript "C:\WINDOWS\system32\IISEXT.VBS" /AddFile "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Php\php-cgi.exe" 1 Reporter 1 Reporter
-
I have run netstat and verified there are NO websites, save for the default site, running on port 80 or 8014 (Symantec Default)
-
I have tried installing SEPM under the default website and under a custom website on 8014
-
I have rebooted the server several times.
-
I have installed the Windows Scripting Host (reinstalled as it were ... there are already functioning WSH-aware programs running)
-
I have verified the default impersonation level is set to "Identify" in Component Services
-
The server runs a medical billing application that uses SQL and is dished out via TS to remote users. I realize it would be ideal to have more than one server for these functions, but that is not an option.
-
I ran the SEP_SupportTool program and it reported no problems.
That's where I'm at right now and I am about at my wits end with SEP and this server. Please help! Let me know if I should attach any additional information.
Thanks in advance,
Paul