Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

SEPM ne se met pas à jour et ne met pas à jour les clients

Rafeeq

RafeeqFeb 20, 2014 11:03 AM

Do your clients use proxy?
Migration User

Migration UserFeb 20, 2014 11:17 AM

Migration User

Migration UserFeb 20, 2014 11:37 AM

look these screen
Migration User

Migration UserFeb 21, 2014 06:58 AM

Glad to hear your problems are resolved

  • 1.  SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 19, 2014 02:54 PM

    Bonsoir à la communauté,

    Je rencontre un problème de mise à jour de symantec endpoint protection manager et d'infection sur les postes clients dépuis quelques:

    • la date dernière mise à jour au niveau des postes clients date du 19 dec. 2013
    • J'ai essayé la mise à jour manuel du manager en utilisatant les fichiers .jdb et tout semble s'être bien déroulé ( vérification au niveau du dossier C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\{C60DC234-65F9-4674-94AE-62158EFCA433})
    • le client endpoint protection au niveau du serveur est à jour
    • le problème c'est qu'aucun autre poste client n'arrive à se mettre à jour

    Comment puis-je resoudre ce problème ?

    Merci par avance pour votre aide



  • 2.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 19, 2014 02:57 PM

    Do the clients have a green dot and are checking into the SEPM?



  • 3.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 19, 2014 03:38 PM

    Thank you for your reply

    No, all clients have a yellow dot and yes they are checking into SEMP



  • 4.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 19, 2014 03:40 PM

    You may want to enable sylink debugging on one affected client so we can get a better idea of what's taking place:

    How to enable Sylink debugging for the Symantec Endpoint Protection 11.x and 12.1 client in the Windows Registry

    You can also see this:

    Troubleshooting Content Delivery to the Symantec Endpoint Protection client



  • 5.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 03:51 AM

    Hi, i enabled Sylink this morning and here is result:

    02/20 09:36:42 [124] <PostEvent>done post event=EVENT_LU_REQUIRE_STATUS, return=0
    02/20 09:36:42 [124] <mfn_LiveUpdate:> Agent returned closest matching seq: 80825020
    02/20 09:36:42 [124] <Add2LUFileList:>Adding LU Info to LU Download File List: {C60DC234-65F9-4674-94AE-62158EFCA433}131219017
    02/20 09:36:42 [124] <PostEvent>going to post event=EVENT_LU_REQUIRE_STATUS
    02/20 09:36:42 [124] <PostEvent>done post event=EVENT_LU_REQUIRE_STATUS, return=1
    02/20 09:36:42 [124] <mfn_LiveUpdate> EVENT_LU_REQUIRE_STATUS returned ERROR_SYSTEM_UNKNOWN - Ignore LU content. Moniker: {1CD85198-26C6-4bac-8C72-5D34B025DE35} Seq:131219017
    02/20 09:36:42 [124] <PostEvent>going to post event=EVENT_LU_REQUIRE_STATUS
    02/20 09:36:42 [124] <PostEvent>done post event=EVENT_LU_REQUIRE_STATUS, return=0
    02/20 09:36:42 [124] <mfn_LiveUpdate:> Agent returned closest matching seq: 71109001
    02/20 09:36:42 [124] <Add2LUFileList:>Adding LU Info to LU Download File List: {D3769926-05B7-4ad1-9DCF-23051EEE78E3}131219001
    02/20 09:36:42 [124] <PostEvent>going to post event=EVENT_LU_REQUIRE_STATUS
    02/20 09:36:42 [124] <PostEvent>done post event=EVENT_LU_REQUIRE_STATUS, return=1
    02/20 09:36:42 [124] <mfn_LiveUpdate> EVENT_LU_REQUIRE_STATUS returned ERROR_SYSTEM_UNKNOWN - Ignore LU content. Moniker: {C25CEA47-63E5-447b-8D95-C79CAE13FF79} Seq:80929016
    02/20 09:36:42 [124] <PostEvent>going to post event=EVENT_LU_REQUIRE_STATUS
    02/20 09:36:42 [124] <PostEvent>done post event=EVENT_LU_REQUIRE_STATUS, return=20
    02/20 09:36:42 [124] <PostEvent>going to post event=EVENT_LU_REQUIRE_STATUS
    02/20 09:36:42 [124] <PostEvent>done post event=EVENT_LU_REQUIRE_STATUS, return=1
    02/20 09:36:42 [124] <mfn_LiveUpdate> EVENT_LU_REQUIRE_STATUS returned ERROR_SYSTEM_UNKNOWN - Ignore LU content. Moniker: {DB206823-FFD2-440a-9B89-CCFD45F3F1CD} Seq:80820001
    02/20 09:36:42 [124] <PostEvent>going to post event=EVENT_LU_REQUIRE_STATUS
    02/20 09:36:42 [124] <PostEvent>done post event=EVENT_LU_REQUIRE_STATUS, return=20
    02/20 09:36:42 [124] <PostEvent>going to post event=EVENT_LU_REQUIRE_STATUS
    02/20 09:36:42 [124] <PostEvent>done post event=EVENT_LU_REQUIRE_STATUS, return=20
    02/20 09:36:42 [124] <PostEvent>going to post event=EVENT_LU_REQUIRE_STATUS
    02/20 09:36:42 [124] <PostEvent>done post event=EVENT_LU_REQUIRE_STATUS, return=20
    02/20 09:36:42 [124] <PostEvent>going to post event=EVENT_LU_REQUIRE_STATUS
    02/20 09:36:42 [124] <PostEvent>done post event=EVENT_LU_REQUIRE_STATUS, return=1
    02/20 09:36:42 [124] <mfn_LiveUpdate> EVENT_LU_REQUIRE_STATUS returned ERROR_SYSTEM_UNKNOWN - Ignore LU content. Moniker: {CC40C428-1830-44ef-B8B2-920A0B761793} Seq:131219002
    02/20 09:36:42 [124] <PostEvent>going to post event=EVENT_LU_REQUIRE_STATUS
    02/20 09:36:42 [124] <PostEvent>done post event=EVENT_LU_REQUIRE_STATUS, return=1
    02/20 09:36:42 [124] <mfn_LiveUpdate> EVENT_LU_REQUIRE_STATUS returned ERROR_SYSTEM_UNKNOWN - Ignore LU content. Moniker: {812CD25E-1049-4086-9DDD-A4FAE649FBDF} Seq:131219002
    02/20 09:36:42 [124] <PostEvent>going to post event=EVENT_LU_REQUIRE_STATUS
    02/20 09:36:42 [124] <PostEvent>done post event=EVENT_LU_REQUIRE_STATUS, return=1
    02/20 09:36:42 [124] <mfn_LiveUpdate> EVENT_LU_REQUIRE_STATUS returned ERROR_SYSTEM_UNKNOWN - Ignore LU content. Moniker: {E1A6B4FF-6873-4200-B6F6-04C13BF38CF3} Seq:131219002
    02/20 09:36:42 [124] <PostEvent>going to post event=EVENT_LU_REQUIRE_STATUS
    02/20 09:36:42 [124] <PostEvent>done post event=EVENT_LU_REQUIRE_STATUS, return=1
    02/20 09:36:42 [124] <mfn_LiveUpdate> EVENT_LU_REQUIRE_STATUS returned ERROR_SYSTEM_UNKNOWN - Ignore LU content. Moniker: {E5A3EBEE-D580-421e-86DF-54C0B3739522} Seq:131219002
    02/20 09:36:42 [124] <mfn_PrepareLUContent:>Requesting LU Info for :  Moniker: {C60DC234-65F9-4674-94AE-62158EFCA433} Target Seq:131219017
    02/20 09:36:42 [124] ************CSN=45193
    02/20 09:36:42 [124] <GetContentFileInfoUrl:> Request is: action=52&hostid=6302456AC0A8CA010189C12A3A1E0242&groupid=BBE85F80C0A8C90100503CB2EF000137&fn=[hex]7B43363044433233342D363546392D343637342D393441452D3632313538454643413433337D&cdn=[hex]4648594445443630&lun=[hex]41646D696E697374726174657572&udn=[hex]46494E414E4349414C484F5553452E4C4F43414C&lu=6&luseq=80825020,&lulasttriedseq=&lutargetseq=131219017&lucontentstate=0
    02/20 09:36:42 [124] <mfn_RequestLUContentInfo:>URL: /secars/secars.dll?h=861B3F0B52BF95E455F1BBAB499C0868722250224A9FAB227E7BC8EDB7DF854F1A3057D3F82AA320FDBE5C9106794ACA26DEA96F7DCE1621D799A2D60023A148A185DA2740A22A0622455196ADF3FDD30FC45449726B99BE7BA349D47DBCE2037B2CAB350E63CC90DCACD73EBC6F9B8589C3DDC56AC574EA2A888C8DEB07E98E838B46423AC9FDB6899B2A8E76AA448A54850BC152AF656CF5D1554A49759F14DC4452DDFEF26B0A40F494F869B242890812E9947528A0D7CFADD18583FC2E043AF8B3BC756A8DBA47391F7C17C53A7F23868E7CEDE419692A8BDB5BBEBF8263813BD8574AD99C75FD2AF954AAFDBB5A0A67182FD5A7137D2781D577088A062A51EFFD785219FEDE978C1A41D410901CF6716007689D21DA73DEF7267540AFAF5ECDB5990C6BED7EAFAC62106CBF95A101D60B74334D9FD32D9A99516B3225378331B1AC2236835A707211FE2EB7D50B3CDEEF076A65F6CF70FF52192D32AE2770061BB948B77B8C92F94275DB9709DB59AD39A7EE3F721D81D56EB9B5EBB4FB
    02/20 09:36:42 [124] <SendUrlAndReceiveResponse:>http://fhydes01:8014/secars/secars.dll?h=861B3F0B52BF95E455F1BBAB499C0868722250224A9FAB227E7BC8EDB7DF854F1A3057D3F82AA320FDBE5C9106794ACA26DEA96F7DCE1621D799A2D60023A148A185DA2740A22A0622455196ADF3FDD30FC45449726B99BE7BA349D47DBCE2037B2CAB350E63CC90DCACD73EBC6F9B8589C3DDC56AC574EA2A888C8DEB07E98E838B46423AC9FDB6899B2A8E76AA448A54850BC152AF656CF5D1554A49759F14DC4452DDFEF26B0A40F494F869B242890812E9947528A0D7CFADD18583FC2E043AF8B3BC756A8DBA47391F7C17C53A7F23868E7CEDE419692A8BDB5BBEBF8263813BD8574AD99C75FD2AF954AAFDBB5A0A67182FD5A7137D2781D577088A062A51EFFD785219FEDE978C1A41D410901CF6716007689D21DA73DEF7267540AFAF5ECDB5990C6BED7EAFAC62106CBF95A101D60B74334D9FD32D9A99516B3225378331B1AC2236835A707211FE2EB7D50B3CDEEF076A65F6CF70FF52192D32AE2770061BB948B77B8C92F94275DB9709DB59AD39A7EE3F721D81D56EB9B5EBB4FB
    02/20 09:36:42 [124] 9:36:42=>Send HTTP REQUEST
    02/20 09:36:42 [124] 9:36:42=>HTTP REQUEST sent
    02/20 09:36:42 [124] <ParseErrorCode:>12029=>The attempt to connect to the server failed.
    02/20 09:36:42 [124] <mfn_PrepareLUContent:>Requesting LU Info for :  Moniker: {D3769926-05B7-4ad1-9DCF-23051EEE78E3} Target Seq:131219001
    02/20 09:36:42 [124] ************CSN=45194
    02/20 09:36:42 [124] <GetContentFileInfoUrl:> Request is: action=52&hostid=6302456AC0A8CA010189C12A3A1E0242&groupid=BBE85F80C0A8C90100503CB2EF000137&fn=[hex]7B44333736393932362D303542372D346164312D394443462D3233303531454545373845337D&cdn=[hex]4648594445443630&lun=[hex]41646D696E697374726174657572&udn=[hex]46494E414E4349414C484F5553452E4C4F43414C&lu=6&luseq=71109001,&lulasttriedseq=&lutargetseq=131219001&lucontentstate=0
    02/20 09:36:42 [124] <mfn_RequestLUContentInfo:>URL: /secars/secars.dll?h=861B3F0B52BF95E455F1BBAB499C0868722250224A9FAB227E7BC8EDB7DF854F1A3057D3F82AA320FDBE5C9106794ACA26DEA96F7DCE1621D799A2D60023A148A185DA2740A22A0622455196ADF3FDD30FC45449726B99BE7BA349D47DBCE203FA2D5937A0D9C8446FAE71C0EE2BB32D35A113709F9D7927438C2E5B2A6651360687E400823329DB54BA1DC8474A3C0525F9C8040031C012EB7AA5AC8096AE87EF929F9D741E116B0A4507EDA6690E79E2A7224B88FDD2D0FF05583EE64055623AF8B3BC756A8DBA47391F7C17C53A7F23868E7CEDE419692A8BDB5BBEBF8263813BD8574AD99C75FD2AF954AAFDBB5A0A67182FD5A7137D2781D577088A062A51EFFD785219FEDE978C1A41D410901CF6716007689D21DA73DEF7267540AFAF5ECDB5990C6BED7EAFAC62106CBF95A16D8DBF0FB8AE6638D9BB574B9C29B45B8331B1AC2236835A707211FE2EB7D50B3CDEEF076A65F6CF70FF52192D32AE2735547820F983185D413DE322558B969459AD39A7EE3F721D81D56EB9B5EBB4FB
    02/20 09:36:42 [124] <SendUrlAndReceiveResponse:>http://fhydes01:8014/secars/secars.dll?h=861B3F0B52BF95E455F1BBAB499C0868722250224A9FAB227E7BC8EDB7DF854F1A3057D3F82AA320FDBE5C9106794ACA26DEA96F7DCE1621D799A2D60023A148A185DA2740A22A0622455196ADF3FDD30FC45449726B99BE7BA349D47DBCE203FA2D5937A0D9C8446FAE71C0EE2BB32D35A113709F9D7927438C2E5B2A6651360687E400823329DB54BA1DC8474A3C0525F9C8040031C012EB7AA5AC8096AE87EF929F9D741E116B0A4507EDA6690E79E2A7224B88FDD2D0FF05583EE64055623AF8B3BC756A8DBA47391F7C17C53A7F23868E7CEDE419692A8BDB5BBEBF8263813BD8574AD99C75FD2AF954AAFDBB5A0A67182FD5A7137D2781D577088A062A51EFFD785219FEDE978C1A41D410901CF6716007689D21DA73DEF7267540AFAF5ECDB5990C6BED7EAFAC62106CBF95A16D8DBF0FB8AE6638D9BB574B9C29B45B8331B1AC2236835A707211FE2EB7D50B3CDEEF076A65F6CF70FF52192D32AE2735547820F983185D413DE322558B969459AD39A7EE3F721D81D56EB9B5EBB4FB
    02/20 09:36:42 [124] 9:36:42=>Send HTTP REQUEST
    02/20 09:36:43 [124] 9:36:43=>HTTP REQUEST sent
    02/20 09:36:43 [124] <ParseErrorCode:>12029=>The attempt to connect to the server failed.
    02/20 09:36:43 [124] <PostEvent>going to post event=EVENT_SERVER_ONLINE
    02/20 09:36:43 [124] <PostEvent>done post event=EVENT_SERVER_ONLINE, return=0
    02/20 09:36:43 [124] <ScheduleNextUpdate>Reset Heartbeat factor index, hearbeat=300 seconds
    02/20 09:36:43 [124] HEARTBEAT: Check Point 6
    02/20 09:36:43 [124] <mfn_PostAgentInfo>===REQUESTING PLUG-IN OP-STATE: AVMan
    02/20 09:36:43 [124] <mfn_PostAgentInfo>===REQUESTING PLUG-IN OP-STATE: LUMan
    02/20 09:36:43 [124] <mfn_PostAgentInfo>===REQUESTING CMC OP-STATE ===
    02/20 09:36:43 [124] <PostEvent>going to post event=EVENT_SERVER_REQUIRES_CLIENT_SESTATE
    02/20 09:36:43 [124] <PostEvent>done post event=EVENT_SERVER_REQUIRES_CLIENT_SESTATE, return=0
     

     

    Any idea about the problem ?



  • 6.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 04:24 AM
      |   view attached

    Hi I enabled Sylink on one affected client and here is result in attached file

     

    Do you have any idea about this problem ?

    This client has been reinstalled yesterday

    Attachment(s)

    txt
    file.txt   44 KB 1 version


  • 7.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 04:25 AM

    I  renamed it to file.txt because .log extension was rejected



  • 8.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 04:33 AM

    What database are you using ?

    Symantec Endpoint Protection Manager 12.1 is not updating 32-bit or 64-bit virus definitions due to corrupt content

     

    Article:TECH166923 | Created: 2011-08-10 | Updated: 2013-06-20 | Article URL http://www.symantec.com/docs/TECH166923

     



  • 9.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 04:44 AM

    I use SEPM 11.03. Can I try this solution for my database version ?



  • 10.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 04:47 AM

    Are you using SQL Database ?

    If you are using SQL database please try below articles

    http://www.symantec.com/business/support/index?page=content&id=TECH211503



  • 11.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 04:52 AM

    http://www.symantec.com/docs/TECH166923 can't be applied to my problem. I just checked that SEPM is up to date (last definition virus date is 140219xx ).

    I try to solve issue for update all clients except client of server who is up to date



  • 12.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 05:09 AM

    Please try these steps and check if you see any .Err files

    Clients cannot send data back to Symantec Endpoint Protection Manager

    http://www.symantec.com/docs/TECH105348

     
     
    Kindly try this troubleshooting step: 

    1. Browse to \Program Files\Symantec\Symantec Endpoint Protection Manager\data\outbox\agentinfo

    2. Look for any .err files or tmp files & Dat files

    3. If you find anything which is not processed by sepm then it might be the reason for the client data loss

    4. Stop SEPM services from services.msc 

    5. Delete all the files inside the location \Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox\agentinfo

    6. Restart the SEPM services.

    Check the SEPM now if still issue persist go for step 7

     

    7. Run the Management server configuration wizard.

    Note: While running Management server configuration wizard it requires Database password. if you running SEP 12.1.2 it wont prompt you for DB password.



  • 13.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 05:37 AM

    under Symantec endpoint protection manager floder, i don't have agentinfo file or folder and i d'ont have any .err file



  • 14.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 05:41 AM
      |   view attached

    dear all,

    I attached my new Sylink.log file renamed sylink_.txt

    Attachment(s)

    txt
    Sylink_.txt   353 KB 1 version


  • 15.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 05:52 AM

    this is what I see in the logs

    02/20 09:36:42 [124] 9:36:42=>Send HTTP REQUEST
02/20 09:36:42 [124] 9:36:42=>HTTP REQUEST sent
02/20 09:36:42 [124] <ParseErrorCode:>12029=>The attempt to connect to the server failed.
02/20 09:36:42 [124] <mfn_PrepareLUContent:>Requesting LU Info for :  Moniker: {D3769926-05B7-4ad1-9DCF-23051EEE78E3} Target Seq:131219001
02/20 09:36:42 [124] ************CSN=45194

    check this document

    Symantec Endpoint Protection clients do not communicate with the Symantec Endpoint Protection Manager (SEPM)

     

    http://www.symantec.com/business/support/index?page=content&id=TECH137402



  • 16.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 10:24 AM

    I do previous recommendation on sep client and the result remained unchanged

    I just reinstalled sep on client and i still waiting



  • 17.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 11:03 AM

    Do your clients use proxy?



  • 18.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 11:17 AM

    log.JPGalert.JPG



  • 19.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 11:25 AM

    ARe the client showing offline ?

    Client GUI -> Help and Support ->Troubleshooting ->check server status .

    Are you able telent port 8014 ?



  • 20.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 11:37 AM

     

    look these screen

     

    webconnect.JPG

     

     

    gui.JPG



  • 21.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients
    Best Answer

    Posted Feb 20, 2014 11:38 AM

    Did you try this articles TECH166923 ?Try to restart SEPM server service.



  • 22.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 11:56 AM

    I try to do TECH166923 but i can't see \content\{535B6A4.... and \content\07B590B...

    I also saw that the SEPM service was stopped and when i tried to start it i had an error due to longtime

    folder.JPG



  • 23.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 20, 2014 11:59 AM

    client is communicating with SEPM , thats not an issue,

    is the odbc connection successful? as per this document

    http://www.symantec.com/business/support/index?page=content&id=TECH102681

    From the client does it show OK if you use the SEPM name

    From the screen shot I see that you are using IP, can you try the secars using name " fhydes01:8014"

    ? Does it show OK..

    Did you remove the registry setting as I mentioned earlier and reboot the machine?

    http://www.symantec.com/business/support/index?page=content&id=TECH104926

     



  • 24.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 21, 2014 06:56 AM

    Thank You dear all for your help, I think the issue was caused par corrupted content. I proceed as recommended by the  article http://www.symantec.com/docs/TECH166923 yesterday and this morning i saw that all clients were up to date.



  • 25.  RE: SEPM ne se met pas à jour et ne met pas à jour les clients

    Posted Feb 21, 2014 06:58 AM

    Glad to hear your problems are resolved wink