Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

dbunload utility for SEP 12.1

Created: 29 Feb 2012 • Updated: 27 Mar 2012 | 3 comments
LUE500's picture
3 Agree
0 Disagree
+3 3 Votes
Login to vote
Status: Implemented

Since the dbunload utility doesn't support Symantec Endpoint Protection 12.1 the workaround is, use SEP backup and restore utility to shrink embedded database.

Symantec Endpoint Protection 12.1: Best Practices for Disaster Recovery with the Symantec Endpoint Protection Manager
http://www.symantec.com/docs/TECH160736

Unfortunately, this procedure did not reduce the size of the database. In my case, the size increased from 5 GB to 7.5 GB.
The data base maintenance didn't changed the size after a few cycles.

If a tool can be created like dbunload, it would be much appropriate.

Comments 3 CommentsJump to latest comment

Elisha's picture

 Title

dbunload utility in Symantec Endpoint Protection 12.1 generates "SQL error:
Authentication violation" when it tries to create a new database  

Problem

You want to shrink the embedded database used by Symantec Endpoint Protection Manager (SEPM) version 12.1. You follow the command in How to shrink the embedded database using the Dbunload tool. However, you receive an authentication violation error when the utility tries to create a new database.
 

Error

Below is the command issued and the output seen:

------------------------------------------------------------
 C:\Program Files\Symantec\Symantec Endpoint Protection\Manager\ASA\win32>dbunload.exe -c "dbf=C:\Program Files\Symantec\Symantec Endpoint Protection Manager\db\sem5.db;start=dbsrv11;uid=dba;pwd=********" -ar

SQL Anywhere Unload Utility Version 11.0.1.2472
Connecting and initializing
Unloading user and group definitions
Unloading table definitions
Unloading text configurations
Unloading materialized view definitions
Unloading index definitions
Unloading functions
Unloading view definitions
Unloading procedures
Unloading triggers
Unloading SQL Remote definitions
Unloading MobiLink definitions
Creating new database
***** SQL error: Authentication violation 

Cause

SEP 12.1 uses an OEM version of embedded database. Under OEM license, an application must provide an OEM authentication string in order to make changes to the database. This helps prevent any change from un-authorized application. Dbunload tool only supports reading the authentication string as clear text when creating a new OEM database. For security reason, we don't want to expose the authentication string as clear text. Without supplying the authentication string, the above mentioned error is generated.

Solution

Please use SEP backup and restore utility to shrink embedded database in version 12.1.

1) Back up the embedded database with SEP backup utility.
2) Uninstall SEPM and delete the database.
3) Reinstall SEPM.
4) Restore the embedded database with SEP restore utility.
5) Run configuration wizard after restore.

0
Login to vote
Elisha's picture

Most of the data in the databse usually comes from one of three places:

  1. Client pacakges
  2. AV defs
  3. Log files

All of these can be controlled.  Try the follwoing:

  • Remove old client packages you don't need any more.  This can be done via SEPM console --> Admin tab --> Install Packages tab.
  • Reduce the number of revisoins of content (AV defs) SEPM stores.  This can be done via SEPM console --> Admin tab --> Servers tab under Site Properties --> LiveUpdate tab.
  • Reduce the amount of log files SEPM stores.  This can be done via SEPM console --> Admin tab --> Servers tab under Database Properties --> Log Settings tab.
0
Login to vote
Elisha's picture
0
Login to vote