Endpoint Protection

I have been working with SEPM for a couple of months on RU5 without too many issues, however one that cropped up, then disappeared and has cropped up again is: attempting to log on remotely to the SEPM console.

When attempting to access the console remotely (from both Windows XP and Windows 7 machines), the login attempt appears to succeed, the icons down the left hand side of the console appear while the "Loading..." progress bar continues, then I am returned to the login screen.

This is most frustrating.

I have tried the suggestions listed here:

https://www-secure.symantec.com/connect/forums/endpoint-sepm-mr4-log-and-return-log-screen-immidetely

It is not a permissions issue on the inetpub directory in the SEPM directory.
It is not a mis-configuration of IIS directory permissions (these have not changed and the system was working fine!)
Attempting to connect via <IPADDRESS>:8443 or <SERVERNAME>:8443 doesn't work - insteaad I get an error "Failed to connect to the server". Go figure.

Current Java version running on the remote machines is 1.6.0u14, Server is installed with SEPM 11.0 RU5 running on Windows Server 2003.

If there are any other hints or help that can be provided to sort this out, it would be greatly appreciated!

Many thanks
Vance

Hi,

Failed to connect  to server is an error which occurs if either the service is stopped at the SEPM or if your machine is unable to contact the server on the provided addresses [ servername or IP of SEPM ].

I suggest you can ping the server name and IP address. Do a telnet test on port 9090 and 8443 for the same.

If that succeeds, then, when you try to login to SEPM, you get an error, so it must be reflected in some log as well.

You can check the scm-server-0.log in sepm\tomcat\logs.

Let us know if you see any errors.

Aniket

paste scm-server-0.log from tomcat\logs\ folder after you try once log into the SEPM console.

Hi there

Telnet to the IP address on port 8443 is quite succesful, but still get the same error trying to connect to the SEPM server via IP address.

At the moment though, I'm not too worried by that, as it appears to connect properly using FQDN.

scm-server-0.log file shows no activity since earlier this afternoon when I try to log in, have pasted the entire contents of the file below. FYI: File last modified time: 3:05pm today. Time of last remote login attempt: 8:04pm.

2010-01-14 15:04:55.949 SEVERE: ================== Server Environment ===================
2010-01-14 15:04:55.965 SEVERE: os.name = Windows 2003
2010-01-14 15:04:55.965 SEVERE: os.version = 5.2
2010-01-14 15:04:55.965 SEVERE: os.arch = x86
2010-01-14 15:04:55.965 SEVERE: java.version = 1.6.0_14
2010-01-14 15:04:55.965 SEVERE: java.vendor = Sun Microsystems Inc.
2010-01-14 15:04:55.965 SEVERE: java.vm.name = Java HotSpot(TM) Server VM
2010-01-14 15:04:55.965 SEVERE: java.vm.version = 14.0-b16
2010-01-14 15:04:55.965 SEVERE: java.home = C:\Program Files\Symantec\Symantec Endpoint Protection Manager\jdk\jre
2010-01-14 15:04:55.965 SEVERE: catalina.home = C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat
2010-01-14 15:04:55.965 SEVERE: java.user = null
2010-01-14 15:04:55.965 SEVERE: user.language = en
2010-01-14 15:04:55.965 SEVERE: user.country = NZ
2010-01-14 15:04:55.965 SEVERE: scm.server.version = 11.0.5002.333
2010-01-14 15:05:00.606 SEVERE: ================== StartClientTransport ===================
2010-01-14 15:05:01.137 SEVERE: Schedule is started!

Thanks
Vance

Update: I have just logged off the Console session on the main server, and attempted remote login again, scm-server-0.log file has been updated as below. Something to note, I have a notification that has been triggered a bit lately showing that the server has suffered a System error, as below:

Server error output:
---------------------------------------------------------------------

Time	Site	Server	Severity	Event Type	Description
14/01/2010 20:13:53	<Site name>	<servername>	Severe	An unexpected exception has occurred	<AD Servername>:389

scm-sever-0.log output
---------------------------------------------------------------------
2010-01-14 15:04:55.949 SEVERE: ================== Server Environment ===================
2010-01-14 15:04:55.965 SEVERE: os.name = Windows 2003
2010-01-14 15:04:55.965 SEVERE: os.version = 5.2
2010-01-14 15:04:55.965 SEVERE: os.arch = x86
2010-01-14 15:04:55.965 SEVERE: java.version = 1.6.0_14
2010-01-14 15:04:55.965 SEVERE: java.vendor = Sun Microsystems Inc.
2010-01-14 15:04:55.965 SEVERE: java.vm.name = Java HotSpot(TM) Server VM
2010-01-14 15:04:55.965 SEVERE: java.vm.version = 14.0-b16
2010-01-14 15:04:55.965 SEVERE: java.home = C:\Program Files\Symantec\Symantec Endpoint Protection Manager\jdk\jre
2010-01-14 15:04:55.965 SEVERE: catalina.home = C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat
2010-01-14 15:04:55.965 SEVERE: java.user = null
2010-01-14 15:04:55.965 SEVERE: user.language = en
2010-01-14 15:04:55.965 SEVERE: user.country = NZ
2010-01-14 15:04:55.965 SEVERE: scm.server.version = 11.0.5002.333
2010-01-14 15:05:00.606 SEVERE: ================== StartClientTransport ===================
2010-01-14 15:05:01.137 SEVERE: Schedule is started!
2010-01-14 20:13:53.043 SEVERE: Unknown Exception
javax.naming.CommunicationException: nzsrvdc01:389 [Root exception is java.net.ConnectException: Connection timed out: connect]
    at com.sun.jndi.ldap.Connection.<init>(Connection.java:207)
    at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:118)
    at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1580)
    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2652)
    at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
    at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
    at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
    at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
    at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
    at javax.naming.InitialContext.init(InitialContext.java:223)
    at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
    at com.sygate.scm.server.util.ldap.LdapUtils.connect(LdapUtils.java:192)
    at com.sygate.scm.server.util.ldap.LdapUtils.connect(LdapUtils.java:165)
    at com.sygate.scm.server.util.ldap.LdapUtils.connectWithSimpleLogin(LdapUtils.java:92)
    at com.sygate.scm.server.util.ldap.LdapUtils.connectWithSimpleLoginForAD(LdapUtils.java:107)
    at com.sygate.scm.server.util.ldap.DirectoryAuthenticator.authenticate(DirectoryAuthenticator.java:148)
    at com.sygate.scm.server.consolemanager.AdminAuthenticator.verifyAdmin(AdminAuthenticator.java:394)
    at com.sygate.scm.server.consolemanager.AdminAuthenticator.authenticate(AdminAuthenticator.java:267)
    at com.sygate.scm.server.consolemanager.requesthandler.LoginHandler.doLogin(LoginHandler.java:161)
    at com.sygate.scm.server.consolemanager.requesthandler.LoginHandler.getCredential(LoginHandler.java:119)
    at com.sygate.scm.server.consolemanager.requesthandler.LoginHandler.handleRequest(LoginHandler.java:50)
    at com.sygate.scm.server.consolemanager.RequestHandler.handleRequest(RequestHandler.java:114)
    at com.sygate.scm.server.consolemanager.RequestHandler.<init>(RequestHandler.java:78)
    at com.sygate.scm.server.servlet.ConsoleServlet.doPost(ConsoleServlet.java:79)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:638)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:720)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:199)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:145)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
    at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
    at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
    at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:955)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:139)
    at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
    at org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:198)
    at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594)
    at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
    at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:955)
    at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2460)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:133)
    at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
    at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:119)
    at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
    at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594)
    at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
    at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:955)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:127)
    at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
    at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
    at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:955)
    at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:157)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:875)
    at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
    at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
    at java.lang.Thread.run(Thread.java:619)
Caused by: java.net.ConnectException: Connection timed out: connect
    at java.net.PlainSocketImpl.socketConnect(Native Method)
    at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
    at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
    at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
    at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
    at java.net.Socket.connect(Socket.java:519)
    at java.net.Socket.connect(Socket.java:469)
    at java.net.Socket.<init>(Socket.java:366)
    at java.net.Socket.<init>(Socket.java:180)
    at com.sun.jndi.ldap.Connection.createSocket(Connection.java:349)
    at com.sun.jndi.ldap.Connection.<init>(Connection.java:184)
    ... 59 more

Thanks
Vance

try to update JRE to the newest version

Makes no difference, but thanks for the suggestion!

Vance

try to uninstall console in add or remove programs - then install again

Thanks again, but still makes no difference. Have uninstalled and reinstalled with latest Java, uninstalled both console and Java and reinstalled default Java from SEPM server, then console, still doesn't work! =(

As you can see, frustrating...

Thanks
Vance

Are you able to login locally in SEPM server?
check the ODBC connection

If your database is  embedded databse
Verify communication to the embedded (Sybase) database.
Verify that the "Symantec Embedded Database" service is running and that the "dbsrv9.exe" process is listening on TCP port 2638.
Test the ODBC connection.
Click Start> Control Panel
Open Administrator Tools
Double-click Data Sources (ODBC)
Select the System DSN tab
Double-click the SymantecEndpointSecurityDSN and go through the wizard to ensure the following settings:
Name: SymantecEndpointSecurityDSN
Description: <Anything>
Server: Servername\InstanceName (Can be blank as it is localized, otherwise specify default "sem5")
Login ID: dba
Password: <password>

Leave the default settings for the remaining items and click Finish
Click Test Data Source, and verify that it states "Success"
Click OK
--------------------------------------------------------------------------
If your database is SQL database
Verify communication to the Remote (SQL) Database.
Verify that you have specified a named instance during installation and configuration. Example: \\<server name>\<instance name>
Verify SQL Server is running and properly configured.
Verify the network connections between Symantec Endpoint Protection Manager and the SQL database.
Test the ODBC connection.
Click Start> Control Panel
Open Administrator Tools
Double-click Data Sources (ODBC)
Select the System DSN tab
Double-click SymantecEndpointSecurityDSN and go through the wizard to ensure the following settings:
Name: SymantecEndpointSecurityDSN
Description: <Anything>
Server: Servername\InstanceName (Only enter the server name or IP address if using the default instance)
Login ID: sa
Password: <password>

Leave the defaults for the rest of the items and click Finish
Click Test Data Source on the next page and ensure it states "Success"
Click OK
 

Umm, so it does work with FQDN, is it? ...  Well, Are you using a proxy or any corporate firewall? Kindly check the below:

In the control panel Java applet settings,

1. Make sure cache is enabled and emptied.
2. Check the network settings.
3. Also, in the advanced settings, under console... select "show console" .. This would give us some hint during login...

Lets see what we get... :)

Cheers,
Visu.

Hello,
Under the Java network settings,
check Direct Connection instead of Use Browser-Settings.

Thank you