Endpoint Protection

I upgrade SEPM 11.0.4 to 11.0.5. After upgrade clients don't communicate with manager server (there is no green mark on client sign in task bar). How can I find the sourse of such things and resolve it.

I can view this clients in SEPM console. But can not update them to 11.0.5 version. Command are run successful but nothing happens.

What was the port number your clients were running before
you can open iis and check to which port number sepm is configured too.

check if you have windows firewall enabled on sepm and also on clients.
disable windows firewall and check if clients get green dot.

Thanks for the answer.

In both cases it was default web-site (port 80).

Windows Firewall is off on every box in our domain.

And now I see that test
http://sepm/secars/secars.dll?secars,hello does not work.

Test

http://sepm/reporting/index.php works well
 

Please check that the server Ip/ Name is there is server column. Follow the steps:

1. Click the Symantec Icon on the task bar ---click Help and Support-- TroubleShooting

See what is mentioned in front of Server??? If it is offline  then replace the sylik
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009022414415348

If the server is same where u have installed SEPm then try to telnet
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009082701244448

Let us know the status.

And now I see that test
http://sepm/secars/secars.dll?secars,hello does not work.

what is teh message?

The page does not exist

HTTP 400 error

okay this should be it.

open IIS
expand symantec webserver
right click and select properties.
click on directory security
select ip address and domain name restriction
check if you have an ip set to deny
for sepm to work it should be all allowed.

check the same for 5 sepm virtual directory
secars,
secreg
reporting
contents
clients packages.

The server is offline! Thanks for the prompt.

We have more than 1000 computers. What is the best way to replace sylink.xml?

The access is allowed for all virtual directories and web-site

try this

Troubleshooting for Symantec Endpoint Protection Manager (SEPM) 11.x error "HTTP 400 - bad request"
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008041811532648

Try to use the sylinkreplacer.exe.

It is available in the Download section.

Thanks for the answer!

I'll try to recieve this tool from support.

But when I tried manually to replace sylink.xml there was no changes. The client doesn't communicate with server.

I've noticed that group id in SEPM console doesn't consist in C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\outbox\agent\ folder of SEPM.

Before this I backuped up database, reinstall SEPM, restore database and update SEPM.

if u create new group
and export sylink
does that..help to communicate.

No, it doesn't help.

One thing which I've not done is rebooting of server. May be it'll help. But I can not to check it now

Try by rebooting, if not helps pls  paste the scm-server-0.log with is present in Program Files \Symantec\Symantec Endpoint Protection Manager\tomcat\logs 

Rebooting does not helped. I run "Update content" on groups and noticed that some servers are connected to manager, some aren't. May be it need some time to update connection...

Moreover workstaions and domain controllers are reconnected relatively quickly. Other servers are not.

Hi,

You can run SylinkMonitor and gather the logs. I am sure that they will contain some relevent logs for the issue.

Aniket