Endpoint Protection

I am trying to install a Load balancing/Fail Over SEPM console.  I have installed the SEPM software and I am running the "Management Server Configuration Wizard."  I chose the "Add an addtional Manager to an Existing Site".  I am at the screen "Specify the database parameters of the existing Microsoft SQL Server Database".  I need to correctly compete the SQL Client folder.  What software to I have to install to have a valid local directory for this field. 

On the first site, I installed SQL 2005 on the same server and was able to use the default SQL location.  Do I have to install SQL server on each management server?

Sincerely
Bruce Singer

You need not to install SQL server in each server .But you shold have to insall SQL client in each server.Then only SEPM will be able to communicate with SQL databse

Here is a note from a document I created while setting up our two SEM servers.
------------------
Before installing or configuring SEM on the management servers, be sure to install the SQL client as per Installation Guide, pages 87/88. You will need the SQL2005 install DVD.
-----------------------

I pointed both sEM servers to a SQL database on our SQL server. Eventually this SQL server will replicate to an off-site SQL server. Then in the event of failure, I just go in and point SEM to the other server, same database, etc.
The two SEM servers seem to get along fine, they carry a balanced load, and if I take one down for upgrades or whatever, everything survives just fine until it's back again.

On the SQL bit on the servers, I dind't think it was all that clear that you need SQL CLIENT installed before you even attempt the SEM part. Trial and error got me there.

 You need to install SQL client and Microsoft SQL Server 2005 Command Line Query Utility
from http://www.microsoft.com/downloads/details.aspx?familyid=df0ba5aa-b4bd-4705-aa0a-b477ba72a9cb&displaylang=en

Then copy bcp.exe from Main SQL server program files\sql server 2005\tools\90\binn

and paste the bcp in the same location on your computer then give the location of the bcp file on your local computer data folder will be automatically generated.

All we did was install SQL client. Didn't do any of the other items, and don't see reference to that in the docs?

Didn't do the command line query utility, didn't copy the file from server to client (it already existed.....)  Just installed the SQL client, then SEM, and fired it up.

Is there a specific reason, or document outlining that other - the utility, the file copy, etc?

SQL Client should be enough for successfull database connection, but when using x64 OS for SEPM, you need to copy bcp.exe file and point that file's location in configuration wizard, since x64 OS folder paths are different than x32 and SEPM wizard doesn't look for the file on right places, or something like that.

Best Practices guide for Installing the Symantec Endpoint Protection Manager with a SQL Server 2005 Database

http://service1.symantec.com/support/ent-security.nsf/docid/2008031504445748

Hi, on top of the "SQL Client", if you choose the Management compontent, the BCP file will be installed as well. I believe in 2005 it was called the "Studio Management" component., or it could be called "Management Tools" -- I forget which version of SQL the name changed in. The main thing is you have a working copy of bcp.exe.

Ya..well there's always a best practise and a common practise...people tend to use to best practise only when normal practise doesn't work :) 

Currently 32 bit 2003 server.
bcp was there with the SQL client install.
C:\Program Files\Microsoft SQL Server\90\Tools\Binn
dated 11.25.2008  65 k in size.
Came with SQL client, didn't install anything else.

Now it's quite interesting that Symantec has you install it one way in the documentation, then later shows those lucky enough to find it on the web and label it "best practices".

Why don't the best practices come with the product instead of letting hundreds of people fail and have days of troubels, then hide it on the web?
Just curious - that document SHOULD be on the install CD, with the product, not hidden away. It's critical to product install in my opinion.
Just wondering.......

(Actually, personally, I believe even the original install documents are SERIOUSLY lacking as they are written from an engineers point of view, and they don't really state that you must do the SQL client install first. I finally figured that out after several failures one day.....)

Looking at that document, two things - it doesn't say anything about copying any files, let alone bcp.exe and further, what does THIS mean?
>>Additionally, the Symantec Endpoint Protection Manager Console WILL NOT accept the drive path to any server / network shared drive where the BCP.EXE utility is present. <<

Huh?

And really, that document pretty much states what I did - simply ran the client install, it did the rest, mostly by default, but it would have been VERY NICE had that been with the original install instructions and not hidden away........

 Well I knew about this document bcoz I used it a lot when i was in Symantec..So i knew there is a doc..

There's no secret to bcp.exe, with or without Symantec. I don't see a reason why it should be explicitly mentioned.

Any DBA will know that the client components have to be installed for the database to communicate with the architecture.

You don't neccessarily have to copy and paste bcp or any other file.

What I always do is copy the contents of CD1 on to CD2 , replace all and then proceed with the SQL install for any SQL component. Though some argue that client components should be installed from CD2.

Sandeep and Vikram - you should both be with Symantec!
Vikram, someday you need to tell me why you left, and I'm curious about your background.

Anyway, that explains how you knew it.

and our DBA didn't know that all that stuff was needed - but he's a SQL SERVER person, and knows SQL very well, can navigate the inner workings, writes stored proceedures and queries and can find pretty much anything you want anwhere on a server or inside of SQL.
But the document does have that statement I'm still not understanding:
>>Additionally, the Symantec Endpoint Protection Manager Console WILL NOT accept the drive path to any server / network shared drive where the BCP.EXE utility is present<<

Yet it must be present for SEM to work. So on one hand you all are saying bcp needs to be present, and that document statement says that it won't accept a location where it IS present.
LOL - I'm more confused now!
1. I have no idea what BCP is, other than when I installed the SQL client, it was installed with the client.
2. You must install the client, which installs BCP, yet the document says the SEM install won't accept a path where BCP is, and I don't know what Symantec means by this.......... they obviously do accept it.

I installed the client component from the SQL install CDs......... what client is on CD2 - which CD2 - SEP or SQL?

ShadowsPapa, i assume that it only means that installer doesn't accept any OTHER server/network share path, so you cannot use \\someotherserver\c$... or \\someotherserver\share paths. Meaning that it has to be found locally.

But still, if you have x64 OS you need to manually browse to local folder where bcp.exe is located, if it hasn't changed in RU5.

Then they need to STATE that is must reside locally, on the same machine as SEM.
IMO, they aren't really stating that in an easily understood way.
They could say "the path must be local to the SEM install or on the same machine"

I know they are going 64bit for everything else here, but I'm going to see if they will let me stick with 32bit for SEM - 2 reasons...
SEM isn't a 64 bit app, and, 32bit apps on a 64 bit machine and OS seem to run slower, in our experience here. No use tossing up a 64 bit machine for an application that can't use it, and will actually run slower on it.

(this is another case of where there have been multiple responses, but I get No email notices that there have been replies.........AND, it seems that I must manaully CHOOSE to be alerted to responses to my posts, instead of that being the default)

I agree the document may not be clear. I think that last line was an add on because we actually had people point to a remote share for BCP.EXE. This seems to work at first, but the moment you have a network hiccup the SEPM box would have problems. So we added additional checks that were not in the original release to prevent using a network share for BCP.EXE. And I would guess at the same time that not-so-clear doc line was added.

When I first tried to install SEM, and had no idea the SQL client had to be installed, the DBA here said " that file is on the server, so just point to that" and I did. But SEM kept balking and shooting me errors during the install and would not continue.
So I contacted Symantec, and they said "you must install the SQL client", so I did, but it still wasn't clear, so I was still pointing to the SERVER for that file.
Then it finally clicked, nearly by accident, and the SEM install finished and didn't error any mroe.
So Ghent - I think your explanation pretty well matches what happened to me. The documents weren't crystal clear.
No offense, but someone needs to re-write all the SEM and SEP related documentation that comes with the product, make it more clear, and put it in non-engineer speak. The answers might indeed be there, but with 1400 pages across multiple documents, it's not always easy to find (that's another reason these forums are good! No one says " you dummy, that's on page 920, go figure it out" but instead gives the answer then says as a hint "this is also found on page 920".)

Hey, no offence taken!
I know the documenation is somewhat lacking -- It's hard to document an enterprise product of this size to everyones satisfaction. Most users use only a fraction of the features in SEPM.

But thanks for your comments. I'll put in a request to have better documentation in this area.