Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all 10484 articles
Browse latest View live

Lsass.exe is stuck waiting in Symantec Drivers

May 14, 2018, 12:37 am
$
0
0
I need a solution

HI team,

All our environment servers were not accessible post regular updates from Symantec server.

For resolution we only have to restart the server. and after every update issue reoccurs on srver.Post anaylsys from Azure memory dump it shows below error

"

Lsass threads are stuck waiting in Symanted drivers

0: kd> !mex.t ffffe0001ec11080

Process                      Thread           CID       UserTime KernelTime ContextSwitches Wait Reason         Time State

lsass.exe (ffffe00011b2b900) ffffe0001ec11080 2a0.16b0      31ms         0s              69 WrPushLock  1h:26:59.468 Waiting"

As for now we have uninstall Symantec from all the servers as it was causing downtime. Request to please help us with guidance what is the above error and how we can resolve it.

Regards,

RIzwan

0
Search

How to Desactivate File transfer with Bluetooth with ADC SEP 14

May 14, 2018, 1:37 am
$
0
0
I need a solution

Please, I would like to allow Bluetooth devices on a windows 10 computer for audio/video services, etc. but I want to desactivate File Transfer using bluetooth.

How this can be done using Symantec Application and Devices Control. Please provide step by step solution. Regards
 

0

Client install package forces reboot before installation

May 14, 2018, 7:07 am
$
0
0
I need a solution

I have recently updated SEPM to 14.0.1 (14.0 RU1 MP2) build 3929 (14.0.3929.1200) 

Now when I build an installer (exe) for windows servers and try to install, it will force reboot the server within a matter of secounds. I have double checked the install feature set and confirmed the no reboot option is selected as well as the client container set for no reboot. This is only happening with servers, the workstations are fine and in fact do not reboot. The only difference is the server policy and feature set has no firewall. 

Is this an issue with the build version? before the upgrade I was able to install the agent and the client (servers) would not reboot. I actually still have the installer of the old version and confirm this version will not force a reboot. 

This happens on server 2008 and 2012

0
1526314396

Adjusting the Intensive Protection Policy

May 10, 2018, 6:24 am
$
0
0
I need a solution

I've been working my way through tuning out all my Intensity Level 3 detections so taht I can adjust the Intense Protection Policy up to start blocking Level 1-3 and detecting at Leve 4 & 5.  I went to adjust it, and I found that I cannot.  I even tried duplicating the policy and adjusting it there.  Anyone else encounter this issue?  What gives?

0

Block download & upload of attachments in Outlook 2016

May 10, 2018, 6:40 am
$
0
0
I need a solution

Dear All,

We have Symantec Endpoint 14.1 installed recently,

I would like to have a rule to block upload / download of unwated attachments on the outlook 2016 client which is installed on all PCs on our network.

I need to allow certain attachments - pdf, dwg, jpeg, etc... while we definitely want to block others

Can you pl help and let me know how this can be configured ?

0

How To "Internal Error" in Help > Troubleshooting > Connection Status

May 14, 2018, 12:53 am
$
0
0
I need a solution

How To "Internal Error" in Help > Troubleshooting > Connection Status

0

Lsass.exe is stuck waiting in Symantec Drivers

May 14, 2018, 12:37 am
$
0
0
I need a solution

HI team,

All our environment servers were not accessible post regular updates from Symantec server.

For resolution we only have to restart the server. and after every update issue reoccurs on srver.Post anaylsys from Azure memory dump it shows below error

"

Lsass threads are stuck waiting in Symanted drivers

0: kd> !mex.t ffffe0001ec11080

Process                      Thread           CID       UserTime KernelTime ContextSwitches Wait Reason         Time State

lsass.exe (ffffe00011b2b900) ffffe0001ec11080 2a0.16b0      31ms         0s              69 WrPushLock  1h:26:59.468 Waiting"

As for now we have uninstall Symantec from all the servers as it was causing downtime. Request to please help us with guidance what is the above error and how we can resolve it.

Regards,

RIzwan

0

How to Desactivate File transfer with Bluetooth with ADC SEP 14

May 14, 2018, 1:37 am
$
0
0
I need a solution

Please, I would like to allow Bluetooth devices on a windows 10 computer for audio/video services, etc. but I want to desactivate File Transfer using bluetooth.

How this can be done using Symantec Application and Devices Control. Please provide step by step solution. Regards
 

0
Search

Client install package forces reboot before installation

May 14, 2018, 7:07 am
$
0
0
I need a solution

I have recently updated SEPM to 14.0.1 (14.0 RU1 MP2) build 3929 (14.0.3929.1200) 

Now when I build an installer (exe) for windows servers and try to install, it will force reboot the server within a matter of secounds. I have double checked the install feature set and confirmed the no reboot option is selected as well as the client container set for no reboot. This is only happening with servers, the workstations are fine and in fact do not reboot. The only difference is the server policy and feature set has no firewall. 

Is this an issue with the build version? before the upgrade I was able to install the agent and the client (servers) would not reboot. I actually still have the installer of the old version and confirm this version will not force a reboot. 

This happens on server 2008 and 2012

0
1526314396

SEP Upgrade but DB Type is ASA

May 14, 2018, 10:55 am
$
0
0
I need a solution

Hi, We are currently running SEP12 RU6MP6. We want to upgrade to SEP14 RU1MP2. Upon checking the details of the DB, we have noticed that the Database type is Adaptive Server Anywhere (ASA) and not Embedded (SQL Anywhere).

To do the upgrade, is it the normal process or is there a special way to upgrade the ASA? Will the normal upgrade method update the DB schema and still keeps the DB type as ASA, or it will change it to Embedded (SQL Anywhere)?

Thanks in advaced for the responses,

MabundaG

0
1526324032

SEPM not finding updated content from internal liveupdate server

May 15, 2018, 1:11 am
$
0
0
I need a solution

I am experiancing an issue where our test SEP environement where the SEPMs are not pulling content down from our internal liveupdate server.

This used to be working fine however in the past few months any attempt at initiating a liveupdate results in the following messages:

"no updates fround for......"

"LUALL.EXE Finished. There were no new contnet updates. Return code = 1"

"Liveupdate Succeeded"

we connect to our internal liveupdate serve via a proxy, and i have confirmed that connectivity exists between the SEPMs and Proxy server as well as proxy server to the internal liveupdate server.

In our Production environment Liveupdate DOES pull down content fron the same internal liveupdate server successfully, and the same proxy is also used. So im not sure why its working in our prduction environment but not the test environemnt.

Any advice or suggestions on what may be going on here would be much appreciated!

Thanks. 

0

SEP 14.0: virus quarantined, but missing details?

May 15, 2018, 6:27 am
$
0
0
I need a solution

Hi all, 

SEPM reported an alert yesterday, and both the alert email itself, plus the Details view from within Monitors > Risk, show nothing about the path of this file.  It was picked up via a Scheduled Scan based on file signature hash - a 2 year old variant too so not fancy - and shows up as (without the quotes) "> >support.exe"..  I realize a Scheduled Scan could have found something only in memory and not on disk, perhaps that's why it shows no file path, but I'm surprised SEP doesn't say someting like "in memory" or something. 

I do plan to upgrade SEPM to 14.1 pretty soon but generally speaking, file-based detections in the past have always shown me the file path too.  

What's up with that moneky business? 

For what it's worth, the alert email indicates Quarantined: 1, and Deleted: 1.  Yet, Monitors > Risk inside SEPM only shows Quarantine and no mention of Deleted.  SEP on the client side has no files in it's Quarantine.  

No action was taken by me (the only admin) to delete the file from Quanrtine if that helps.  Also, the user was SYSTEM when I view the alert details so maybe it Deleted it after Quarantining it, based on some criteria I don't understand? 

0

SEPM not finding updated content from internal liveupdate server

May 15, 2018, 7:51 am
$
0
0
I need a solution

I am experiancing an issue where our test SEP environement where the SEPMs are not pulling content down from our internal liveupdate server.

This used to be working fine however in the past few months any attempt at initiating a liveupdate results in the following messages:

"no updates fround for......"

"LUALL.EXE Finished. There were no new contnet updates. Return code = 1"

"Liveupdate Succeeded"

we connect to our internal liveupdate serve via a proxy, and i have confirmed that connectivity exists between the SEPMs and Proxy server as well as proxy server to the internal liveupdate server.

In our Production environment Liveupdate DOES pull down content fron the same internal liveupdate server successfully, and the same proxy is also used. So im not sure why its working in our prduction environment but not the test environemnt.

Any advice or suggestions on what may be going on here would be much appreciated!

Thanks. 

0

Migrating SEPM to a VM

May 15, 2018, 8:22 am
$
0
0
I need a solution

Just wondering if there are any good articles on Migrating SEPM to a VM.

Currently hosting on a physical Svr2008 system, and want to migrate to a VM running Svr 2016 - what do I need to be aware of?

Many thanks

0

SEPM 14 and VC++ Redistributable

May 16, 2018, 4:58 am
$
0
0
I need a solution

Hello,

I'm looking for documentation saying what exact versions of VC++ is required for SEPM. Any clue where I can find this? 

0
Search

Problem with Symantec during updating Windows 10

May 16, 2018, 9:12 am
$
0
0
I need a solution

Hi all! When I was udpating Windows 10 ( to 1709 or 1803 ver), I got massege " Symantec Endpoint Protection is not compatible with Win 10". I had to uninstall it. Why does this happen and how to force it work =) Thank you! 

0

Bandwidth Calculation For Replication Deployment in EP ver 14.x

May 16, 2018, 10:12 am
$
0
0
I need a solution

Hi every one,

I plan to deploy 2 SEPM in two city and replication with each orther. Each SEPM will manage  275 Endpoint. They replicate log, policy ...

I was read the article : https://support.symantec.com/en_US/article.TECH201290.html

But i can understand it :( . Is there any orther article guide how to calculate bandwidth for replication between two SEPM, between SEPM and SEP ??

I need to calculate before deployment.

Many thanks,

Quang

0

Duplicate client entry in SEPM.

May 16, 2018, 11:22 pm
$
0
0
I need a solution

Duplicate client entry in SEPM. SEP client installed machine is physical machine and is not re-imaged. 

Everytime when there is stop and start of Symantec service, new client entry with new hardware id is happening. 

Sometime even without stop and start of service,  new client entry with new hardware id is happening. 

Can someone help me with a solution or work around other that Delete offline client in Edit domain properties. 

0

cant set exception type

May 17, 2018, 6:15 am
$
0
0
I need a solution

When I try to add a file or folder exception in SEP 14 I can only select Application control as the scan type - I need to add an exclude for all scans for some folders related to Windows 10 Feature Updates and cant set the exclude type. This is the first change I have tried to make since SEP 12 policies were migrated to sep 14. 

0

Error upgrading from SEPM 12.1 to 14.0.1 MP 2

May 17, 2018, 8:51 am
$
0
0
I need a solution

I am attempting to update a client from SEPM version 12.1.4013 to 14.0.1 MP2. I am running through the install for just the SEPM and recevied the warning that the it can't read the user rights (ref: https://support.symantec.com/en_US/article.TECH228...). I was able to add the following to Group Policy NT SERVICE\semsrv, NT SERVICE\semwebsrv, NT SERVICE\SQLANYs_sem5 but when I try to add,
NT SERVICE\semapisrv I get a message from Group Policy that the account can't be validated.

In the article, TECH228988 this service account has an asterisk after it indicating that this service was added for version 14. I have a support case open with Symantec and probably have eight hours into this since Tuesday night. I am wondering if I need to upgrade the client to the inital realease of SEPM 14 and then update to the latest version. Doesn't seem like I should have to take steps to get to the latest version when I should just be able to install the latest release.

Any suggestions would be appreciated.

Thanks in advance

0

Viewing all 10484 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>