Endpoint Protection Cloud

 View Only

  • 1.  Deploy SEP Cloud via GPO

    Posted Dec 07, 2018 10:23 AM
      |   view attached

    Hello,

    we try to deploy the Symantec Endpoint Protection Cloud client in our windows network via GPO usage.

    We have downloaded and created the package, and when assigned to the client workstations, we see this in the "Add/Remove programs"

    "SEP Client Setup" Version 5.14.200.102

    But the client itself is not installed.

    Any ideas what might go wrong, or how the deployment is done correctly?

    We did receive the SEPCDeployment.msi together with the SEPCDeployment.mst file and do use this in the corresponding computer gpo's

     

     



  • 2.  RE: Deploy SEP Cloud via GPO

    Posted Dec 11, 2018 04:21 AM

    When I look at the logfiles I see this:

     

    2018-12-11-10-02-58-129 : 0x2DCC : Information : fsd::plugin::FSDPluginImpl::Start(166) : Plugin thread started
    2018-12-11-10-02-58-129 : 0x1ED0 : Information : CC_TOKEN not specified, use token from manifest
    2018-12-11-10-02-58-129 : 0x1ED0 : Information : fsd::plugin::SEPCInstaller::getTokenFromManifest(197) : use client token from manifest.
    2018-12-11-10-02-58-139 : 0x1ED0 : Information : fsd::plugin::SEPCInstaller::waitForPatchInProgress(287) : Checking for a patch in progress
    2018-12-11-10-02-58-139 : 0x1ED0 : Information : fsd::plugin::Installer::checkRebootFromLastRun(159) : Failed to open reboot registry key Software\Norton\FSDPlugin{08964037-51cb-4f65-949d-bebfe49c5b6f}\FSDInstallPendingReboot, error=2
    2018-12-11-10-02-58-139 : 0x1ED0 : Information : fsd::plugin::SEPCInstaller::handleRunningInstaller(496) : installerPath=C:\Users\Public\Downloads\Symantec\{SEPCC22162022-xxxxxx}\SEPC_Package\SEPC-ESD.dat
    2018-12-11-10-02-58-139 : 0x1ED0 : Information : fsd::plugin::InstallerProcess::waitProcessByPath(35) : converted path C:\Users\Public\Downloads\Symantec\{SEPCC22162022-xxxxxx}\SEPC_Package\SEPC-ESD.dat
    2018-12-11-10-02-58-139 : 0x1ED0 : Information : fsd::plugin::InstallerProcess::waitProcessByPath(49) : unable to get process handle...
    2018-12-11-10-02-58-149 : 0x1ED0 : Information : fsd::plugin::SEPCInstaller::handleRunningInstaller(518) : check version of installed SEPC
    2018-12-11-10-02-58-149 : 0x1ED0 : Information : SEPC in job: name 'Symantec Endpoint Protection Cloud', version 22.16.2.22.
    2018-12-11-10-02-58-149 : 0x1ED0 : Information : SEPC not installed
    2018-12-11-10-02-58-149 : 0x1ED0 : Information : SEPC in job: name 'Symantec Endpoint Protection Cloud', version 22.16.2.22.
    2018-12-11-10-02-58-149 : 0x1ED0 : Information : SEPC not installed
    2018-12-11-10-02-58-149 : 0x1ED0 : Information : No SEP, NGC or NIS installed
    2018-12-11-10-02-58-149 : 0x1ED0 : Information : Clean SEP SBE orphan item
    2018-12-11-10-02-58-149 : 0x1ED0 : Information : fsd::plugin::SepcRegistry::openKey(16) : Try to open registry key: Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\ProductInfo
    2018-12-11-10-02-58-149 : 0x1ED0 : Information : fsd::plugin::SepcRegistry::openKey(29) : Unable to open 64-bit registry key Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\ProductInfo
    2018-12-11-10-02-58-149 : 0x1ED0 : Information : fsd::plugin::SepcRegistry::openKey(34) : Failed to open registry key Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\ProductInfo
    2018-12-11-10-02-58-149 : 0x1ED0 : Information : fsd::plugin::SepcRegistry::openKey(16) : Try to open registry key: Software\Wow6432node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\ProductInfo
    2018-12-11-10-02-58-149 : 0x1ED0 : Information : fsd::plugin::SepcRegistry::openKey(29) : Unable to open 64-bit registry key Software\Wow6432node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\ProductInfo
    2018-12-11-10-02-58-149 : 0x1ED0 : Information : fsd::plugin::SepcRegistry::openKey(34) : Failed to open registry key Software\Wow6432node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\ProductInfo
    2018-12-11-10-02-58-640 : 0x1ED0 : Information : DING::CFilePackerEx::CArchiveInfo::Deserialize_legacy(631) : Segment header FSDManifest.js Deserialized
    2018-12-11-10-02-58-640 : 0x1ED0 : Information : Proxy host or port or both are empty in manifest. Use browser settings.
    2018-12-11-10-02-58-640 : 0x1ED0 : Information : fsd::FSDProxySettings::determineBrowserProxySettings(95) : Using Proxy setting, autodetect is set
    2018-12-11-10-02-58-640 : 0x1ED0 : Information : Status reporting switched off. No Reporting URL, Connection token or symqual ID specified in manifest
    2018-12-11-10-02-58-640 : 0x1ED0 : Information : Run SEPC installer C:\Users\Public\Downloads\Symantec\{SEPCC22162022-xxxxxx}\SEPC_Package\SEPC-ESD.dat /QN /NOREBOOT /showerrors 0 /launchui 1 /FSD "C:\ProgramData\Symantec\FSD\bin\SEPC_setup.exe"
    2018-12-11-10-02-58-640 : 0x1ED0 : Information : FSDTools::isRunningAsSystem(169) : Running under SYSTEM
    2018-12-11-10-02-58-640 : 0x1ED0 : Information : FSD executed under SYSTEM user and other sessions are available
    2018-12-11-10-02-58-640 : 0x1ED0 : Information : fsd::plugin::InstallerProcess::runProcess(88) : Launching the installer under user session
    2018-12-11-10-02-58-640 : 0x1ED0 : Information : session id: 1, elevated: 1
    2018-12-11-10-02-58-640 : 0x1ED0 : Information : GetTokenInformation failed: 1312
    2018-12-11-10-02-58-640 : 0x1ED0 : Information : admin SID found
    2018-12-11-10-02-58-640 : 0x1ED0 : Information : Initialized... session id: 1, elevated: 1
    2018-12-11-10-02-58-640 : 0x1ED0 : Information : Launching CreateProcessAsUser(C:\Users\Public\Downloads\Symantec\{SEPCC22162022-xxxxxx}\SEPC_Package\SEPC-ESD.dat /QN /NOREBOOT /showerrors 0 /launchui 1 /FSD "C:\ProgramData\Symantec\FSD\bin\SEPC_setup.exe"), attempt 0 (timeout: 100)
    2018-12-11-10-02-59-151 : 0x1ED0 : Information : CreateProcessAsUser succeeded
    2018-12-11-10-02-59-151 : 0x1ED0 : Information : Process launched with environment of currently logged on user
    2018-12-11-10-02-59-151 : 0x1ED0 : Information : fsd::plugin::SEPCInstaller::executeDingInstaller(566) : DING executed, wait
    2018-12-11-10-03-05-317 : 0x1ED0 : Information : fsd::plugin::InstallerProcess::waitProcess(76) : Process finished
    2018-12-11-10-03-05-317 : 0x1ED0 : Information : SEPC in job: name 'Symantec Endpoint Protection Cloud', version 22.16.2.22.
    2018-12-11-10-03-05-317 : 0x1ED0 : Information : SEPC not installed
    2018-12-11-10-03-05-317 : 0x1ED0 : Information : fsd::plugin::SEPCInstaller::handleInstallationResult(581) : Installer code -2147189755, version check -2
    2018-12-11-10-03-05-317 : 0x1ED0 : Information : DING::CFilePackerEx::CArchiveInfo::Deserialize_legacy(631) : Segment header FSDManifest.js Deserialized
    2018-12-11-10-03-05-317 : 0x1ED0 : Information : Proxy host or port or both are empty in manifest. Use browser settings.
    2018-12-11-10-03-05-317 : 0x1ED0 : Information : fsd::FSDProxySettings::determineBrowserProxySettings(95) : Using Proxy setting, autodetect is set
    2018-12-11-10-03-05-317 : 0x1ED0 : Information : Status reporting switched off. No Reporting URL, Connection token or symqual ID specified in manifest
    2018-12-11-10-03-05-317 : 0x1ED0 : Information : fsd::plugin::FSDPluginImpl::setStatus(245) : Set plugin status 7

     



  • 3.  RE: Deploy SEP Cloud via GPO
    Best Answer

    Posted Dec 13, 2018 03:47 AM

    It turned out, that the currently installed Avira Antivirus did block the install process.

    This is strange, since Avira is one of the listed products which can be deinstalled by SEP...

     

    https://support.symantec.com/en_US/article.INFO3976.html