Hi everyone I have sep on windows7 and i use dial up modem. But modem is disable and never enable when click anable button in device manager setting. This problem is in windows services but i can not fix it. Please help me.
Hello all,
I try to update firewall rules using smc -importadvrule
After doing it, I see that rules are updated in firewall rules.
But when service restarts (after reboot or smc -stop / start), the update is not present anymore.
I tried with XML and SAR files.
It's like I didn't do anything.
Do you have an idea ?
Thank you in advance.
1) Our current use
We configured an old virus definition alert to create support ticket in our internal ticketing system. This is done by just specifying in the alert setup the appropriate email address that is used for IT ticket creation.
When an alert is generated, we receive a ticket that is assigned to the appropriate IT support person that review the list of computers with old virus definition.
2) Limitation
The IT support person in charge of reviewing the list of computers with old virus definition, has to do it manually and brake down the list into smaller lists of computers according to the computers locations. Then recreate manually different tickets that are assigned to IT managers of the locations where computers with old defintions were found.
3) Solution
To minimize the manual work, it would be helpful if there is the possibility to create seperate alert message for each computer with old virus definition, instead of having an alert message with a list of computers.
This way we can immediatly create support ticket for each computer and this ticket will be quickly assigned to the right IT manager for timely action.
Thanks,
Rodrigue
Hi,
With pretty much all Windows services/roles, you get to tell them where to actually store big content. Windows Server Updates Services binaries for example installs to C:\ but update files are downloaded to D:\somefolder. This seems logical and is always a 'best practice' from Microsoft.
How do we do the same for SEPM. We want the application binaries on C: and client packages, definitions, updates etc. on D:\SEPM for example.
We use Hyper-V and our Windows volumes are kept quite lean a mean whereas 'big data' stuff is all separate and can grow freely. If it's not possible, can someone highlight all these folders so I can symbolic link them where I want them.
Thanks
I upgraded our SEPM to 14.2 MP1 last night and pushed out a few upgrade packages to clients. The majority of clients accepted the packaged and upgraded. But a few of the clients gave the message listed in the title. What would be causing this to happen? Is there a way to prevent it from happening? Any help would be appreciated. Thank you!
When trying to remotely push to the workstations, I want to find by IP range, but when I click find computers in the search network tab, there is no pop up to input the IP range. I've done this on other SEPM installs on other servers, but this one isn't working. Is there a setting I need to change?
Recently deployed 14.2 across Windows Server platforms; 2008 non-R2, 2008 R2, 2012, 2016.
Now seing the following folder accumulating large number of files on most systems, does not seem to be OS version specific.
C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.770.0000.105\Data\CmnClnt\ErrorInstances
In some cases several Gb in total.
Is there some way to prevent this and/or restrict the number of files retained (by size, count or date)?
I have executed SymDiag and nothing untoward is indicated.
Any assistance greatly appreciated.
As per the technical support team advice unchecked secure connection and tried logging in it shows server is down
what could be the issue but the AD server is up and running. There is no problem checked the firewall its not blocking anything. Telnet port was working properly which is 636 am able to ping the ad server . And tried changing server name to ip adress it didn’t work so used fully qualified domain it didn’twork. What do you think? Could be an issue with our environment or with sepm
Will restarting smcd service in Linux , stop scheduled scans on Linux machines, RHEL 7.5 (862.14.4)
I notice that Defintion updates are not happening, and scheduled scans are still running.
Tried: https://support.symantec.com/en_US/article.HOWTO81...
Command says completed..
Restarted services, Any other option?
/etc/init.d/symcfgd stop
after that
/etc/init.d/symcfgd start
/etc/init.d/rtvscand start
/etc/init.d/smcd start
I'm curious to know of the experience so far, of those, who have enrolled their SEPM in the Cloud Portal.
I have read some docs that state what is available when managed by the cloud, against being managed by the SEPM.
Do you guys find the clients are managed "better" in the cloud ?
What is the best feature of the cloud management?
Can anyone provide pros and cons based on their experience?
I'd appreciate it.
Thanks.
Hi,
We are trying to do this. Current SEPM is Server 2008 R2 and remote SQL is Server 2008 R2 and SQL 2008 Standard (non-R2).
New server is 2016, both Windows and SQL (again remote SQL). Followed the guide about doing a new site with replication. Getting this error at the db part when it's initialzing the db:
You are no longer connected to the Symantec Endpoint Protection Manager. You must lon on again to continue.
It creates the db, so to try again I always have to delete it. Doesn't matter if I use Windows or SQL authentication.
Can't find much on the net about this one.
Thanks
Hi,
As per below forum,
https://www.symantec.com/connect/forums/how-run-vi...
1) For Virus defination out of date notifivation condition, once I place exe file in bin folder, the exe file gets executed on its own??
add the batch or executable file in <drive>:...\Symantec Endpoint Protection Manager\bin folder.
2) Does it work only for single exe or can I include both x86 & 64 bit exe definition file in the file path??
Also,it mention Add the file name in a delimited list to the user-defined task key in semlaunchsrv.properties.
For example:
sem.launchsrv.authorized.userdefined.tasks=bin\\notification.bat|bin\\runmybat.bat
Can i get clarrification for above.
Hi All,
In the policy section I have disabled the Live update option, but still in the client machine Live Update state is in enabled state. Also the client machine is getting communicated correctly. There is no issue in the communication part. I have tried by repairing and stop/start the services, still the issue exist. But I want the live update part to be greyed out for the client machine.
Kindly sugest on this.
Note: SEPM version.14.2
SEP client Version.14.0.
Hi.
I was wondering if someone has same issue with this version of SEP?
I tried removing SMB and other rules - it didn't help, only when I uninstall SEP FW from the server or disable it by policy
network works fine.
I didn't find anything in release notes or fixes of this version.
Attached pictures with FW and without.
Thank you.
Good morning all,
I have been hitting my head against the wall on this one. At another site I manage, SEPM and another application that uses a different database were installed on a server which suffers from extreme disk space issues. The best idea I was able to come up with was to create a new virtual server, setup a new SEPM instance on that server, have it replicate from the old server, and eventually flick the switch in Management Priority to make the clients point to the "new" server so we can decommision the old server.
Unfortunately I have been having numerous problems after asking the new server to replicate from the old server, to the point where it refuses to start the Symantec Embedded Database service. I get the message:
The Symantec Embedded Database service on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs.
What can I do in order to begin troubleshooting what is happening here?
Thanks!
Hello all.
I have several clients in SEPM (migrated from v12 to v14), in 3 groups.
In all the groups I tried the auto-upgrade clients.
For one group everything worked fine.
For another group some clients did the upgrade others didn't.
For the third group none has done the upgrade.
In the computer status logs for those clients that didn't upgraded I have the status: "The client is ready to accept the upgrade package".
I logged into those clients and there was no message waiting or nothing else. I rebooted them but nothing happened. The "upgrade schedule" option in all the client packages is not selected. I have forced the auto-upgrade last tuesday.
By the way, all the clients with no exception, do update the signatures, even those who didn't,migrated yet to v14.
What could be wrong here?
Thanks in advance,
Best regards,
Manuel Marques
Hello,
We have a requirement to have a CA signed certificate on all customer facing sites. According to best practice,we are using a self-signed certificate on our SEP console to authenticate and secure client to SEPM communications. Unfortunately the self-signed certificate used in client communications is also used and presented on the java web console. We are in need of an ability to choose a separate certificate for use with the SEPM java console.
Hello All,
I am not sure whether I can get an answer over here, but has anyone tried to install Symantec 14.X setup from Tanium to Windows 10 or Windows 7 systems?
I did create a package on Tanium with below commands, it installs the setup file but sylink file is not getting replaced, are there any additional arguments needs to place?
Command Used: cmd /c TEU.exe
TEU.exe is nothing but setup file which I have uploaded on Tanium Server.
It would be great if someone can help to create a package on Tanium.
Thanks in Advanced.
Hi All, we have had a penertration test done on our SEP Clients and they have found that a user can potentioally run exploit from the SEP Detection Results when the client detects a risk. See below screen shot.
For the life of me I cannot see a policy setting that will block the action of 'Undo Action Taken..' Can anyone advise where the setting is to block the 'Undo Action Taken..'?
Hello
I need to mass deploy W10 PC's and would like to include the SEP cloud client in my image. Could someone tell me how this is done please? I understand I somehow have to delete a GUID on the image before I sysprep? Or is there and easier way.
Thanks for any help you could give.
RSC