Video Screencast Help

Symantec Endpoint Protection Manager Console

Created: 23 Aug 2012 | 11 comments

This thing always freezes on me. Anyone have any ideas?

Comments 11 CommentsJump to latest comment

W007's picture

Do you have login Admin Account ?

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

ᗺrian's picture

Try re-installing with latest version of java

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mithun Sanghavi's picture


What version of SEPM 11.x are you running? What OS are you running the SEPM on?

Do you receive any error when the SEPM application freezes?

What version of IE are you running on the machine?

Could you upload us the "scm-server-0.log" and "scm-server-1.log" logfiles?

Try working on the steps provided in the Article below for- 

Tuning the Performance of the Symantec Endpoint Protection Manager console

Monitoring Server Health on Symantec Endpoint Protection Manager

Hope that helps!!

Mithun Sanghavi
Associate Security Architect


Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SameerU's picture

What is the OS version ?


Simpson Homer's picture

installl latest version of java, reboot the machine

Run a repair on the SEPM and see if your able to login..

Ashish-Sharma's picture

Check same thread

What errors are you seeing in the Windows Event viewer?

I recommend upgrading to the latest build (RU6 MP2). There were a few "System Hang" issues resolved in newer builds.

 RU6 MP2 - Network Threat Protection no longer causes applications to hang

Fix ID: 2030478
Symptom: Occasional system hangs with Network Threat Protection enabled.
Solution: Code changes made to prevent the hang from occurring.
RU6 -  System hangs after new virus definitions arrive and the AutoProtect Option "Rescan the Cache when new definitions load" is enabled
Fix ID: 1859398
Symptom: System hangs after new virus definitions arrive and the AutoProtect Option "Rescan the Cache when new definitions load" is enabled
Solution: AutoProtect Rescan synchronization has been fixed

Thanks In Advance

Ashish Sharma

ZGoggins's picture

I think it just needed a reboot

thanks for the posts

Sayan's picture

If your problem is not resolved then Go for disaster recovery

How to prepare for disaster recovery

To perform disaster recovery, you must prepare for disaster recovery. You prepare for disaster recovery by backing up the database, disaster recovery file, and (optionally) the IP address and host name of the management server. As a best practice, you should store this data off-site at a secure location.

Differences between SEP 11.x and 12.1.x

Many of the individual files and data that had to be separately gathered in SEP 11.x are now generated and saved automatically by the SEPM into one file, the disaster recovery file. The recovery file includes the encryption password, keystore files, default domain ID, certificate files, license files, and port numbers. This file can be imported automatically during the disaster recovery process.

Similar data from Endpoint Protection Manager 11.x that has been manually compiled is also referred to as a "recovery file" but cannot be automatically imported. If you are installing version 12.1 to recover a previous 11.x installation, you must refer to this file manually. See Using 11.x disaster recovery files with Symantec Endpoint Protection Manager 12.1

Steps to prepare for disaster recovery


Additional Information

Step 1: Back up the database.

Back up the database regularly, preferably weekly. The database backup folder is saved to the following directory:

Drive: \\Program Files\Symantec\Symantec Endpoint Protection Manager\data\backup.

The backup file is called

Step 2: Back up the disaster recovery file.

The recovery file includes the encryption password, keystore files, default domain ID, certificate files, license files, and port numbers. After you install the management server, copy the compressed recovery file to another computer. By default, the file is located in the following directory:

Drive:\\Program Files\Symantec\ Symantec Endpoint Protection Manager\Server Private Key Backup\

■ The recovery file only stores the default domain ID; IDs for all domains (including the default domain) are stored in the database. If you have multiple domains and will be performing a disaster recovery without a database backup, you must re-add additional domains and their IDs after the SEPM is re-installed. See step 3 for instructions on backing up additional domain IDs.

■ If you update the self-signed certificate to a different certificate type, the management server creates a new recovery file. Because the recovery file has a timestamp, you can tell which file is the latest file.

Step 3: Create text file Backup.txt. Save to this file the IP address and host name of the management server, and all domain IDs beyond the default domain.

If you have a catastrophic hardware failure, you must reinstall the management server using the IP address and host name of the original management server, this is case sensitive. Add the IP address and host name to a text file that is called Backup.txt. If you have multiple domains and will be performing a disaster recovery without a database backup, you must recreate additional domains and their IDs after the SEPM is re-installed. Domain IDs may be found in the SEPM Admin view or in sylink.xml files.

Step 4: Copy the files you backed up in the previous steps to another computer.

Copy the backed up files to a computer in a secure location.

Performing the disaster recovery

A disaster recovery requires you to sequentially complete the following procedures:

  1. If you had a catastrophic hardware failure, restore the server hardware using the IP address and host name from Backup.txt (from Step 3 above).
  2. Reinstall Symantec Endpoint Protection Manager using a disaster recovery file (gathered in Step 2 above). When the Management Server Configuration Wizard runs, choose "Custom configuration" and "Use a recovery file".
  3. Stop the following Services: Symantec Endpoint Protection Manager and Symantec Endpoint Protection Manager Webserver
  4. Restore the database (Use the "Database Backup and Restore Wizard from the SEPM tools folder).

Note that the recovery file should be used during the configuration of a new installation; if you use the recovery file to re-configure an existing installation, the Manager certificate can be restored but the existing default domain ID will not be changed unless you restore a database backup. Also, if you choose to configure the Manager as a replication partner, the default domain ID in the recovery file will be ignored and the Manager will use the domain ID(s) in the database of its replication partner.

If you do not have a database backup to restore

You can perform a disaster recovery without a database backup, but the following points apply in this case:

  • All policies must be re-created, or imported from other backups i.e. exported policy files.
  • Clients will be able to communicate with the SEPM but will re-appear in the console only after their next check-in.
  • Clients will reappear in the default group as they check in, unless you enable automatic creation of client groups on the re-installed SEPM by editing "scm.agent.groupcreation=true" to the file.
  • If you originally had multiple SEPM domains beyond the default domain, you must re-create them using domain IDs from Backup.txt.

Re-enabling Federal Information Processing Standards (FIPS) 140-2 compliance:

After recovering the SEPM, it is necessary to re-enable FIPS compliance as this setting is not stored in the disaster recovery file.



How do I perform a disaster recovery when the database backup/restore process fails using the "Database Backup/Restore Wizard" for an Embedded Database?

Database backup/restore fails through the database backup and restore wizard


Inability of the "Database Backup/Restore Wizard" to access the database to launch a backup OR a restore operation


Follow the steps below to resolve this issue:


2.      Copy the "Server Private Key Backup" folder from:
\\ProgramFiles\Symantec\ Symantec Endpoint Protection Manager\Server Private Key Backup 

3.      Paste it to another storage area (as it will be deleted during Symantec Endpoint protection Manager uninstall)

4.      Stop the services "Symantec Embedded database" and the "Symantec Endpoint Protection Manager"

5.      Copy the "db folder" from:
\\ProgramFiles\Symantec\ Symantec Endpoint Protection Manager\

6.      Paste it to another storage area.


Warning: Re-installation of Symantec Endpoint Protection Manager needs to be done on the same IIS Port and Website for it restore client-server communication after the Disaster Recovery Process is complete.

1.      Ensure that the server has the same IP Address and Host Name the Operating System has been Installed.

2.      Install the "Symantec Endpoint Protection Manager" with the "Embedded Database" with the default settings.

3.      Log in to the Console

4.      Click Admin.

5.      Select TasksServers.

6.      Under "View Servers", expand Local Site.

7.      Click the that identifies the local site.

8.      Select Tasks.

9.      Click Manage Server Certificate.

10.  In the "Welcome panel", click Next.

11.  In the "Manage Server Certificate panel", select Update the Server Certificate

12.  Click Next.

13.  Under "Select the type of certificate to import", select JKS keystore.

14.  Click Next.
Note: If one of the other certificate types has been implemented, select that type.

15.  In the "JKS Keystore panel", click Browse.

16.  Locate and select the backed up "keystore_.jks" keystore file.

17.  Click OK

18.  Open the "server_.xml" file

19.  Select and copy the "keystore password."

20.  Activate the "JKS Keystore" dialog box.

21.  Paste the "keystore password" into the "Keystore" and "Key boxes."
Note: The only supported paste mechanism is Ctrl + V.

22.  Click Next 
Note: If you get an error message that says you have an invalid keystore file, you probably entered invalid passwords. Retry the password copy and paste. (This error message is misleading.)

23.  In the "Complete panel", click Finish.

24.  Stop the services Symantec Embedded database and the Symantec Endpoint Protection Manager

25.  Go to:
\Program Files\Symantec Endpoint Protection Manager\ 
on the new "Symantec Endpoint Protection Manager" and rename the "Db" folder to "Db_new"

26.  Move the "old db" folder under:
\Program Files\Symantec Endpoint Protection Manager\

27.  Go to Administrative ToolsData Sources ODBC

28.  Ensure the database connectivity after the changing the database file location to:
\Program Files\Symantec Endpoint Protection Manager\db1\sem5.db

29.  Start the service Symantec Embedded database

30.  Run the Management Server Configuration Wizard

31.  Click Yes to replace the database after entering the password

32.  Login to the "Symantec Endpoint Protection Manager" using the OLD password.

33.  Ensure that the Domain ID is same as it was on the old clients.

·         If it not, follow the direction in the below document to restore the Domain ID. This will enable client communication

All of the clients should begin reporting back within approximately 30 minutes

Viachaslau Kabak's picture

you just needed to clean cache which console gathers on the local disk)