Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

Can't Log onto SEPM

Migration User

Migration UserJan 19, 2010 04:58 AM

Repair SEPM from add/remove programs..
Migration User

Migration UserJan 19, 2010 06:49 AM

Pls paste the new scm-server.0.log

  • 1.  Can't Log onto SEPM

    Posted Jan 19, 2010 03:44 AM

    Firstly I noticed the green dot on the SEP Client Shield had disappeared so went to investigate further on the sever.

    When ever I try to log on to SEPM, it say's "Failed to connect to the Server" and SEPM's service was stopped. Although I've started and restarted the SEPM's service and try to log on again, the result was still the same as it keeps stopping.  Even after Server Reboots it does not solve the issue.

    PS. My Event Viewer shows Event ID : 4096 from Source: semsrv and description is : The Java Virtual Machine has exited with a code of -1, the service is being stopped.  There are also sql error messages relating to a failed SSPI login because the user is not part of a trusted domain Error Code 17896  SSPI handshake failed with error code 0x8009030c while establishing a connection with integrated security; the connection has been closed
    2010-01-19 05:35:51.035 SEVERE: ================== Server Environment ===================
    2010-01-19 05:35:51.037 SEVERE: os.name = Windows Server 2008
    2010-01-19 05:35:51.038 SEVERE: os.version = 6.0
    2010-01-19 05:35:51.038 SEVERE: os.arch = x86
    2010-01-19 05:35:51.038 SEVERE: java.version = 1.6.0_14
    2010-01-19 05:35:51.039 SEVERE: java.vendor = Sun Microsystems Inc.
    2010-01-19 05:35:51.039 SEVERE: java.vm.name = Java HotSpot(TM) Server VM
    2010-01-19 05:35:51.039 SEVERE: java.vm.version = 14.0-b16
    2010-01-19 05:35:51.041 SEVERE: java.home = C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\jdk\jre
    2010-01-19 05:35:51.041 SEVERE: catalina.home = C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat
    2010-01-19 05:35:51.041 SEVERE: java.user = null
    2010-01-19 05:35:51.041 SEVERE: user.language = en
    2010-01-19 05:35:51.042 SEVERE: user.country = GB
    2010-01-19 05:35:51.043 SEVERE: scm.server.version = 11.0.5002.333
    2010-01-19 05:35:51.063 SEVERE: Unknown Exception
    org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.)

    Any Help would be much appreciated


    Regards

    Mike

    Upon checking the scm-server-0.log the following entries can be found which also indicates a login issue, also FYI during setup I have configured the SEPM to use a SQL 2005 database but has been running fine since installation (OCT 09) just after the release of the latest version 11.0.5

     



  • 2.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 03:49 AM
    This can happen if System DNS is setup improperly. To properly setup System DNS perform the following:

    Determine the name of the MSSQL Server

    Determine the instance name in which reporting is installed


    Note:

    Open the services applet on the MSSQL Server (services.msc)

    Look for MSSQL. If you only see MSSQLSERVER the default instance is being used. However, if you see MSSQL$<

    From the control panel open Administrator Tools

    Double click Data Sources (ODBC)


    Select

    Double Click Reporting and go through the wizard to ensure the following settings:

    Name: Reporting

    Description: <

    Server: Servername\InstanceName (Only enter the server name or IP address if they are using the default instance)

    Login ID: sa

    Password: <

    Leave the defaults for the rest of the items and click Finish

    Click the Test Data Source on the next page and make sure this works

    Click OK

    the System DNS tab

    If reporting is installed to the default instance there will be no instance name.name> this will be the named instance you needAnything>password>
     


  • 3.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 04:12 AM
    There werent any system DSN's setup (as far as I'm aware there nevr have been) but created one called reporting.  I know the SQL instance name it is MSSMLBIZ and database name sem5.  SQL server authentication isnt enabled on the instance so tested with a admin account leaving everything else at defaults and the test was a success.

    Through the error logs the user is shown as null - surely its a basic usernme and password / authentication issue - is there somewhere I can check this configuration? 


  • 4.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 04:22 AM
    Please clear the Transsaction log in SQL

    Please refer to the following documentation from Microsoft to clear the full transaction logs:

    http://msdn.microsoft.com/en-us/library/ms175495.aspx

    http://support.microsoft.com/kb/317375

    http://support.microsoft.com/kb/873235


  • 5.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 04:52 AM
    ok I have done that although it was not large by any means - still at its default 128MB with 97% free

    still hasn't helped though - sorry


  • 6.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 04:58 AM
    Repair SEPM from add/remove programs.. 


  • 7.  RE: Can't Log onto SEPM
    Best Answer

    Posted Jan 19, 2010 05:09 AM
    Go to services.msc
    select symantec endpoint manager
    select properties
    in the log in put in admin account id and pass(who has access to entire domains)
    start the service, it should run now


  • 8.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 06:15 AM
    great we are makig progress - the log in with credentials instead of running as system account works to a point.  Green dot's are back and can log into the SEPM but now I get an error - unable to communicate with reporting component after logon


  • 9.  RE: Can't Log onto SEPM



  • 10.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 06:38 AM
    unfortunately this is on a 2008 server with IIS7 and difficult to translate the steps (well for me anyway)

    but many thanks for the support to all that have helped so far


  • 11.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 06:48 AM

    thats a good news, the reporting component issue is because of odbc connections, set the odbc connection to success following this link if you are using 64bit windows

    How to work with Data Sources (ODBC) or ODBC connection in 64bit Windows OS
    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008021900094548

    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/beb4238fecda37a588257433006db633?OpenDocument

    let me know if this was successful :)
     



  • 12.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 06:49 AM
    Pls paste the new scm-server.0.log


  • 13.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 07:46 AM
    well this is very confusing - Although the system DSN was there under the 32bit console and I completed the configure option through till the test was successfull, it still didnt work.  I restarted SEPM, SQL SERVER, IIS but still wouldnt work.  I've tinkered with the DSN, as the name was referenced differently in the links above - tried both but still not working.

    Then and I don't know why but just curious I guess I set the SEPM service log on credentials back to the local system account and it still worked allowing me to log onto the SEPM console but still generating the reporting error.  I restarted IIS again and voila its all working!

    So thankyou for your help although I now dont know the why's and wherefores to what is going on.


  • 14.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 07:50 AM
    oh and FYI the latest log transcript is

    2010-01-19 12:37:26.719 SEVERE: ================== Server Environment ===================
    2010-01-19 12:37:26.721 SEVERE: os.name = Windows Server 2008
    2010-01-19 12:37:26.721 SEVERE: os.version = 6.0
    2010-01-19 12:37:26.721 SEVERE: os.arch = x86
    2010-01-19 12:37:26.722 SEVERE: java.version = 1.6.0_14
    2010-01-19 12:37:26.722 SEVERE: java.vendor = Sun Microsystems Inc.
    2010-01-19 12:37:26.723 SEVERE: java.vm.name = Java HotSpot(TM) Server VM
    2010-01-19 12:37:26.723 SEVERE: java.vm.version = 14.0-b16
    2010-01-19 12:37:26.723 SEVERE: java.home = C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\jdk\jre
    2010-01-19 12:37:26.724 SEVERE: catalina.home = C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat
    2010-01-19 12:37:26.724 SEVERE: java.user = null
    2010-01-19 12:37:26.724 SEVERE: user.language = en
    2010-01-19 12:37:26.725 SEVERE: user.country = GB
    2010-01-19 12:37:26.725 SEVERE: scm.server.version = 11.0.5002.333
    2010-01-19 12:37:30.550 SEVERE: ================== StartClientTransport ===================
    2010-01-19 12:37:31.222 SEVERE: Schedule is started!


  • 15.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 07:50 AM
    Reset the IUSR password prove it in the directory security tab of iis manager --->website
    For c:\inetpub give full permission for this user
     


  • 16.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 07:51 AM
    Thats  a great relief now :) 
    When it happens again( should not ) we know what to look far


  • 17.  RE: Can't Log onto SEPM

    Posted Jan 19, 2010 07:53 AM
    Are you able to login through http:// <server ip>/reporting?
    Are you able to get login screen if u provide this url? 


  • 18.  RE: Can't Log onto SEPM

    Posted Jan 20, 2010 03:32 AM
    hi aravindKM

    yes from a client machine I can log in fine to the reporting site.  As I said it all appears to be working now as it was originally configured - starting the SEPM service with admin credentials then setting it back to use the local system account seems to have nudged everything back into place.  I dont know why but it is all working

    Thanks again for your help

    Mike