Endpoint Protection

 View Only

  • 1.  Unable to Login to SEP console after DC change

    Posted Jul 02, 2010 09:05 AM
    Recently my boss changed our DC's over and since then, we are unable to login to the SEP console using any account.  When we login, we get Authentication Failure.  Is there any way to login to SEP with a generic account so that we can change the authentication server?


  • 2.  RE: Unable to Login to SEP console after DC change
    Best Answer

    Posted Jul 02, 2010 09:13 AM

    Have you enabled Windows authentication ?
    Do you have more than one domain, if yes then
    In the SEPM Console, click on the Admin tab.
    Select Domains
    If more than one Domain is present, add the admin account to all the Domains.
    NOTE:  You may also select the correct Domain by clicking on the button "Options" while logging into the SEPM,
    You should now be able to login successfully.



    If not then run Resetpass.bat from the SEPM/tools folder and the default user name and password is admin

    Title: 'Resetpass tool fails to reset the password for the Symantec Endpoint Protection Manager Console'
    Document ID: 2009082803505248
    > Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2009082803505248?Open&seg=ent




  • 3.  RE: Unable to Login to SEP console after DC change

    Posted Jul 02, 2010 09:37 AM
    Go to Program Files\Symantec\Symantec Endpoint Protection Manager\Tools and run resetpass.bat.After this you will be able to login to SEPM.The user name and password will be admin.


  • 4.  RE: Unable to Login to SEP console after DC change

    Posted Jul 02, 2010 10:09 AM

    I hope you did not set your default 'admin' account to Directory Authentication.  If you did, you're locked out for good.

    WARNING:
    Do not use the built-in SEPM "admin" account when setting up Active Directory Authentication, as this could lock you out of SEPM with an "Authentication Failure" when changing the Active Directory account, or when upgrading Active Directory, or when changing the Active Directory mode, or when removing SEPM(s) as a replication partner.

    SEPM Active Directory Authentication is only supported for new (Administrator) user created in SEPM.

    (from http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008041609304248 )

    sandra


  • 5.  RE: Unable to Login to SEP console after DC change

    Posted Jul 15, 2010 09:18 AM
    Let me clarify....  When the DC's were changed over, their names were also changed.  I am also running an embedded database for SEP.  Is there any way to get into that Database so that I can change the DC setting in there?  I have done the resetpass and that did not help.  I am able to backup the database on the SEP server, so there has to be a way that I can get into it and check the settings.  Is there any way to get into the database using SQL and if so, where is the DC setting? 


  • 6.  RE: Unable to Login to SEP console after DC change

    Posted Jul 15, 2010 09:59 AM
    Restart your SEPM server,run resetpass.bat then try to login using admin as user name and password.....


  • 7.  RE: Unable to Login to SEP console after DC change

    Posted Jul 15, 2010 12:03 PM
    Already tried the resetpass....didn't work.  Still won't let me in....


  • 8.  RE: Unable to Login to SEP console after DC change

    Posted Jul 15, 2010 01:46 PM
    Wait, what do you mean when you say they were 'changed over'?  Are you talking about dcpromo?

    Was one of these machines your SEPM?

    Title: 'Unable to login to the manager console after running dcpromo on the server'
    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008060409262448

    If the name was changed too, you may have issues on that front with client communication.

    sandra