Endpoint Encryption

 View Only

Replace Sylink 

Jan 12, 2012 07:08 AM

How to use SylinkDrop to make all SEP Clients on the network managed (Alternative to SylinkReplacer)

Sylink drop can be used on individual machines to make them managed where as SylinkReplacer is designed to be run from a machine to find SEP clients on the network and force them to be managed. Recently I have found that the replacer tool to be less and less effective at finding clients on the network particularly Windows 7 clients. I have also found the tool to be painfully slow at scanning IP ranges to find the clients in the first place.

As a workaround I have found it much more reliable to use the sylinkdrop tool in conjunction with psexec to set all computers on the network to be managed by a SEP server. To do this you will need to set up a share on the machine you are running the commands from with read access to everyone on the domain.

In this example the share I created was called “sylink” on the server AVSRV001. In the share you need the following files:

  • sylinkdrop.exe (scroll to bottom to find more info)
  • sylink.xml (found in - "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection" copy the file from a working manged client or the server and paste into the folder share)
  • drop.cmd (provided in download)
  • replace_domain.bat (provided in download)

In the drop.cmd file you will need to modify the server and share name in your file to match up with the shares you created. To edit right click and go to edit, also you won't have to run this file.

Once all the above is setup you can use the psexec command (available to download as part of the PsTools package by sysinternals from here)

Then simply run the following file replace_domain.bat

But first -

You will need to modify the server and share name in your file to match up with the shares you created. To edit right click and go to edit.

Also you will need to change domain\username to your domain name and an admin user and you will change password to the password matching the admin user. Now you can run the replace_domain.bat file

The file will enumerate all the computers in AD and then try to remotely execute the drop.cmd command on each of them. This will of course fail for computers which either don’t exist or are not present or switched on, so you may want to make a note of which clients fail (just watch the output of the command to collect these).

Where can I download / get Sylink Drop

Well sylinkdrop is not publically available from Symantec to download, however it is on your installation media in the following folder:

Tools\NoSupport\SylinkDrop

If you have lost your installation media providing you have an active subscription you should be able to log in to fileconnect.symantec.com with your serial number on your certificate and download the latest version (which will include sylinkdrop).

Statistics
0 Favorited
13 Views
1 Files
0 Shares
8 Downloads
Attachment(s)
zip file
Sylink.zip   348 B   1 version
Uploaded - Feb 25, 2020

Tags and Keywords

Comments

Sep 19, 2013 10:37 AM

enumerating domain....

\\CLIENT1:

PsExec could not start \Srv1\sylink\drop.cmd on CLIENT1:

System can´t find the path

???

Jun 05, 2013 06:02 AM

Thanks a lot james,
 
 
 
In your replace_domain.bat you have mentioned password \\* \\avsrv001\sylink\drop.cmd
 
if i'm not wrong \\* is entire domain, I tried replacing it with Specific OU I wanted to run this script on but unfortunately it didn't connect as it was having space in OU name,
 
Is there any other way we can specify this to run for particular OU objects ?

Jun 06, 2012 09:09 AM

I have used both but prefer sylink replacer .

Feb 16, 2012 09:18 AM

nice one

Feb 14, 2012 07:47 AM

Thanks for the feedback. If anyone has had a negative experience with the script then get back to me and I will try to iron out any problems. It worked on my network environment.

Feb 13, 2012 05:26 AM

not try it yet, but I will, thanks James

Feb 04, 2012 01:10 AM

Useful Information..

Related Entries and Links

No Related Resource entered.