Endpoint Protection

I had to upgrade my SEPM server from Server 2003 Std x86 to Server 2003 R2 Std x64. I followed the instructions at http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007082112135948 but the clients are not reconnecting, even after client reboot. I kept the same name/IP and same settings for everything, as far as I can remember. I notice that the keystorepass has changed - when I do a new backup of the server cert, it is different than before. Does the fact that I have a different architecture make a difference? I didn't see anything like that in the docs which would say that's a problem. What should I try to get them to reconnect?

Since  keystore pass has changed , the clients are not commuincating

In this case you have replace the sylik on the client using the sylink replacer

https://www-secure.symantec.com/connect/downloads/sylinkreplacer-tool-connecting-sep-clients-sepm

Hope the Server name and IP address is the same on which you are performing the DR process.

Conrad,
I recently had to do disaster recovery and afterwards was in the same boat with clients not communicating to the SEPM.  I may have some ideas, but first need to know if you have just one or more SEPM servers?  If multiple, are they using replication?

Just 1 SEPM server.

I tried this, and it didn't work at all. Tried both subnet ranges and explicit list of IPs, but no go.

Do as follows
Restore the database
Copy server.xml from  \Program Files \Symantec\Symantec Endpoint Protection Manager\tomcat\conf and keystore.jks from \Program Files \Symantec\Symantec Endpoint Protection Manager\tomcat\etc  old server to new server run the management server configuration wizard and try ...

That did not work either, but thanks for the effort.

IF you are really stuck just do a fresh install of SEPM and use completely new settings.
Then export the sylink.xml from the console and drop it onto your clients.

You can use sylink drop tool or do it manually or script your own tool.

smc -stop
replace sylink.xml
smc -start

Grab the sylinkmonitor tool to see exactly what is happening on your clients as well.
You will need to enable debugging on your SEP client to get it logging.
http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/4be077e14183395388257348007a2472?OpenDocument

I recovered over 15,000 orphaned SEP clients by replacing sylink.xml files so it definitely works :)

cheers

Z

I ended up just doing it manually.  Took about 30 sec/PC, so not a huge PITA...

After upgrade symantec RU3 to RU5, I was not able to login in the management console.
 

Who marked this as "Solved?"  I certainly didn't.  "Reinstall everything" isn't an acceptable answer for a product of this scope and cost.