Endpoint Protection

 View Only

  • 1.  sepm starts then stops

    Posted Aug 20, 2012 03:42 PM

    I have a SEPM 12.1.1101.401 RU1 MP1 running on a Windows 2008 Server R2 with 2 vCPU and 8 GB of vMemory. The server have been working fine for a year now, until a few months ago. The SEPM service suddenly stopped and no matter how many times I try to start it, its stops again. I opened a case and they determine that it was a problem with tomcat. After reconfiguring a conf file, I ran the Configuration Wizard which asks for the DBA password. I forgot the password and have been trying to retrieve it somehow without any luck. I searched within the sem5.log file and found nothing, I changed the values on the Php.ini file so it can show me on an error (something I saw over the internet), but nothing. I cannot do most of the things suggested on the internet because the sepm service is not running. Maybe you can get the password using some methods, but I think that sepm service need to be running for that to happen. I need to know if there's any other way to get that password or how to get the password from the sem5.log file (a specific place or near what), most of the file it looks encrypted.



  • 2.  RE: sepm starts then stops

    Posted Aug 20, 2012 04:58 PM

    Please roll back settings for Php.ini the way they were .

    Please post scm.log to finest from steps below and paste the logs .

    Advanced logging for the SEPM console can be enabled by following these steps:

      1. Stop the Symantec Endpoint Protection Manager service
      2. Add the line scm.log.loglevel=FINEST to the bottom of the file: C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\conf.properties

        To debug SEPM notifications, also add: scm.mail.troubleshoot=1
        To debug SEPM proxy authentication, also add: scm.proxy.debug=1

        NOTE: For additional debug values besides FINEST, please see the Table of SEPM Logging Levels below. 
      3. If IIS logs must be gathered in addition to the SEPM debug logs, then follow the steps below:
      4. Restart the IIS Admin service
      5. Restart the Symantec Endpoint Protection Manager service
      6. Detailed log files will now be saved in the folder: C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\
      7. Look for errors relating to the problem in the catalina.out and scm-server-0.log files.


  • 3.  RE: sepm starts then stops

    Posted Aug 20, 2012 04:59 PM

    just follow this line and upload the scm server and catlina out logs

    Add the line scm.log.loglevel=FINEST



  • 4.  RE: sepm starts then stops

    Posted Aug 20, 2012 08:25 PM

    Hello,

    I would suggest you to Run the upgrade.bat from -

    %Program Files (x86)%\Symantec\Symantec Endpoint Protection Manager\bin.

    which may resolve your issue.

    Symantec Endpoint Protection: How to change the database password to a non complex password for use with the Management Server Reconfiguration Wizard

    http://www.symantec.com/docs/TECH103774

    However, incase, you need to somehow recover the password, you may have to contact Symantec Technical Support.

    https://www-secure.symantec.com/connect/forums/reset-password-embedded-database-sepm-121



  • 5.  RE: sepm starts then stops

    Broadcom Employee
    Posted Aug 20, 2012 09:59 PM

    check this link and let know if it helps?

    How to find the Database password for Embedded Database

     

    https://www-secure.symantec.com/connect/articles/how-find-database-password-embedded-database



  • 6.  RE: sepm starts then stops

    Posted Aug 21, 2012 02:42 AM

     

    How to perform Disaster Recovery without Database backup/Restore

     
     


  • 7.  RE: sepm starts then stops

    Posted Aug 21, 2012 03:32 AM

    Try repairing your SEPM first and see if it resolves your issue ,

    If that doesn't work perform disaster recovery without Databasebackup/restore


    http://www.symantec.com/business/support/index?page=content&id=TECH160736



  • 8.  RE: sepm starts then stops

    Broadcom Employee
    Posted Aug 21, 2012 04:19 AM

    Hi,

    If above suggested options are not working then you are left with following choices only.

    1) Install SEPM as a fresh install & create new database.

    2) Install SEPM & perform disaster recovery without database password.

    http://www.symantec.com/business/support/index?page=content&id=TECH160736

    If liked then promote following idea also:

    https://www-secure.symantec.com/connect/ideas/sepm-should-store-dba-password-cache-or-should-have-access-reset-dba-password-admin-embedded-d

     



  • 9.  RE: sepm starts then stops

    Posted Aug 21, 2012 01:53 PM

    Thanks everyone for all your input. To recap; the Symantec Endpoint Protection Manager Service will not start, the problem that Technical Support found was with tomcat, when I was instructed to run the Configuration Wizard I couldn't run it because I don't remember the DBA password.

    Now, I checked one of the links that were suggested, but I've already tried to check using the ODBC method with no luck. Of what I can gather here, I will have to reinstall SEPM and perform disaster recovery without database password. I haven't try that yet and it looks that I would not try that for a couple of days since we are working with our contingency plan due to the proximity of Tropical Depression Nine on the Caribbean.

    Thanks again to all for your input, I'll get back to you with the results from the disaster recovery.



  • 10.  RE: sepm starts then stops

    Posted Aug 21, 2012 02:54 PM

    Hi Pana ,

    Just a quick input for you . If your SEPM will be offline ie in not working state SEP clients might go Out of date defs if they are not configured to take Live update over internet . Hence i would suggest to follow dr as soon as possible.

    SEP client offline and out of date in the network is not a good idea...