I have a very strange situation that is occuring on a handful of systems and it is a little worrysome. I have a mixture of Windows 2003 and 2008 servers that have been affected. Overall I have several thousand endpoints that have deployed OK, but for some reason there are a few that dont seem to like the upgrade.
Some were running a form of v11 and others 12.1.1101.401, the target for all is 12.1.2015.2015. Essentially what has happened is the NIC is essentially offline and you cannot access it via RDP and you need to console into the machine. Once on the sytem, there is nothing obvious to point to SEP, but long story short, each time I have needed to run cleanwipe to remove SEP. After removing and rebooting the system is OK. On 2 of the systems I have been able to go back in, clean out a few left over Symantec Reg keys, reboot and install 12.1.2 without issue.
I need to probably do the same to the others to get them deployed, but the concern is that the install is randomly taking down production systems even after what appears to be a successfull installation. The fact that I can run cleanwipe to restore function, delete registry keys, reboot and install tells me that SEP is OK in the end. Or so it appears, but what is happening to cause the systems to go completely offline after the initial deployment,
Any thoughts or ideas would be great. If there is something in the log I can look for, I can, but the simple fact that it completes successfully makes me think i will be searching for the unknown without a symhelp tool at the time a system is in the failed state.
If someone else has seen this and has ideas, I am all ears. But like I said, it has been completely random, newer 2008 servers, older 2003 and a mix of 12.1.1 and v11.x that all yielded the same failed state. In total that number is probably fewer than 10, but I still must seek some answers if they exist. Thanks.