Dear All
SEPM servers-we have Version (14.2.RU1.MP1) build 4814
SEP Clients -we have Version (14.2.RU2) build 5323
although for the clients we have upgraded on November 26-30 using SAV32 / SAV64 from the kit since the last version and throughout December,
I did not encounter any problems, now they have appeared as you see in the attachments
How to proceed in this situation until we will soon upgrade to SEPM
Hello,
Is it possible within SEPM to get an email alert anytime a specific .dll is quarantined on any machine? If you are in agreement about utilizing "Notification Condition" feature of SEPM for this, where exactly would I put the dll name under :risk name"? and Action taken would be "quarantined?"
Hello,
Is it possible within SEPM to get an email alert anytime a specific .dll is quarantined on any machine? If you are in agreement about utilizing "Notification Condition" feature of SEPM for this, where exactly would I put the dll name under :risk name"? and Action taken would be "quarantined?"
We have a Windows 2012 R2 server running Symantec Endpoint Protection 14.2.53.23.2000. Same behavior I am reporting was also observed with ver 14.0.3876.1100
We have a backup appliance Rubrik on version 5.2 that archives virtual machines fine to the above server fine. It is when we attempt to write a virtual machine tape, using Qstar software we run into a problem. The job keeps restarting.
If we disable Symantec the jobs fails. If we put exceptions in place for the Qstar directories the job fails too.
If we remove Symantec the job completes.
How do we go about troubleshooting this type of scenerio? Rubrik and Qstar believe Symantec is the cause.
Thanks!
Will SEP still be supported after the merger? Newer versions, newer definitions?
If not, when is the cut off?
Hello all,
we still have issues with the new SEP client and the Windows Security Center after updating to the newest SEP version on some clients. The Security Center shows that Symantec is not started on some clients. Does anyone know how to fix that issue because its unsettle our users and some applications on our clients only starts when the Windows Security Center shows a "green" status.
I added some screenshots of the issue, unfortunately the Windows is a german one but it shows how the Security Center looks like on that clients.
Thank you!
Hi There,
Our environment is running on 14.2 build 1031 , All of the suddent all the desktops status shows offline though our servers are onnline and still can report.
From Desktop we are able to telent the port even I can see the server side the connection established in netstat.But at client sidet its showing timeout was reached.
can any one help here .
Note- All servers in server farm can still able to connect the SMC only desktops were impacted .
https:///secars/secars.dll?hello,secars - servers status give ok
but client status show not available
Hi all,
Aforetime, Google released Update 78 for Chrome and since then it's seems to be broken for symantec endpoint protection users.
The problem is you can't load any pages, You will get "Aw, Snap" Error.
Anyone know a permanent solution?
My symantec endpoint protection version is 14 (14.0 RU1 MP1) build 3897
Hi There,
Our environment is running on 14.2 build 1031 , All of the suddent all the desktops status shows offline though our servers are onnline and still can report.
From Desktop we are able to telent the port even I can see the server side the connection established in netstat.But at client sidet its showing timeout was reached.
can any one help here .
Note- All servers in server farm can still able to connect the SMC only desktops were impacted .
https:///secars/secars.dll?hello,secars - servers status give ok
but client status show not available
Dear All,
We are currently working in a project where we need to deploy, Centralized AV update to 50 Servers (winSvr 2012) and 20 Workstation (Win8). Our current architecture as below;
L3 network (no internet access): Client Server and Workstations n
L3 network (no internet access): SEPM
L3.5 DMZ (no internet access) : No SEPM instance
L4 (business netwrk with internet connection): SEPM
We need your help to advice the best practice and any sample architecture on how to deploy centralize AV update from L4 down to L3 clients.
Regars,
Naragas
Hi,
I know Symantec has release the following workaround - https://support.symantec.com/us/en/article.tech256047.html - for the Google Chrome 78/79 'Aw Snap...' issue.
I also noticed that SEP 14.2 RU2 was released on November 12, 2019, and the release notes don't mention this issue been fixed.
When does SEP plan to address this issue?
Thanks
How to get log of Symantec SEP Manager and parse them with grok?
I was tried to parse them with grok but without success.
Someone know how to do it ?
Hello,
I wanted to update my Symantec 14 to 14.2 RU2. The starting version was 14.0.1 becaue I'm using Windows 10 64bit. I successively updated to newer versions which was successful till version 14.2.1.1 (14.2 RU1 MP1) 14.2.4814.1101 but when I run the patch to update to the newest version, hence, 14.2.2.0 (14.2 RU2) 14.2.5323.2000, it doesn't work. The SEP_INST_PATCH.log shows the following output:
01/09 09:04:49.949 [ec] SymDelta FileVersion: 14.0.0.0
Log initialized: LogLevel=4 Log, Size=2097152, RotationCount=2
01/09 09:04:49.965 [ec] (SymDelta::CSymDelta::invokeUnzip) Inflating...\\?\C:\Users\xxx\AppData\Local\Temp\pft34D4.tmp\Patch.dax
01/09 09:04:50.684 [ec] (SymDelta::CSymDelta::invokeUnzip) UnZipTask took (milliseconds): 703
01/09 09:04:50.684 [ec] (SymDelta::CSymDelta::PerformApplyDelta) Performing [ XDELTA3 - Apply Delta ]
01/09 09:04:50.699 [ec] (SymDelta::CXDeltaTool::Apply) Dir: \\?\C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.4814.1101.105\Data\Cached Installs
01/09 09:04:50.699 [ec] (ApplyPackage) Apply package command line: "DummyXdeltaPath" -d -s %src% %patch% %out%
01/09 09:04:50.699 [121fc] (LaunchXDeltaInternalAndWait) Launching: "DummyXdeltaPath" -d -s "\\?\C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.4814.1101.105\Data\Cached Installs\Setup.exe""C:\Users\xxx\AppData\Local\Temp\SymDelta_65416\Patch.dax.tmp\Setup.exe.DIFF""\\?\C:\Users\xxx\AppData\Local\Temp\pft34D4.tmp\SmcLU\Setup.exe":
01/09 09:04:50.746 [121fc] (LaunchXDeltaInternalAndWait) Launching: "DummyXdeltaPath" -d -s "\\?\C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.4814.1101.105\Data\Cached Installs\dcsagent.cab""C:\Users\xxx\AppData\Local\Temp\SymDelta_65416\Patch.dax.tmp\dcsagent.cab.DIFF""\\?\C:\Users\xxx\AppData\Local\Temp\pft34D4.tmp\SmcLU\dcsagent.cab":
01/09 09:04:50.949 [121fc] (LaunchXDeltaInternalAndWait) Launching: "DummyXdeltaPath" -d -s "\\?\C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.4814.1101.105\Data\Cached Installs\Sep64.msi""C:\Users\xxx\AppData\Local\Temp\SymDelta_65416\Patch.dax.tmp\Sep64.msi.DIFF""\\?\C:\Users\xxx\AppData\Local\Temp\pft34D4.tmp\SmcLU\Sep64.msi":
01/09 09:04:51.152 [121fc] (CDeltaApplyThread::run) 74236 \\?\C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.4814.1101.105\Data\Cached Installs\sep_NE.slf CRC match failed.
01/09 09:04:51.152 [ec] (SymDelta::CXDeltaTool::Apply) Return Code: 31
01/09 09:04:51.152 [ec] (SymDelta::CSymDelta::processDirs) ApplyDelta Operation failed.
What's the problem?
I am trting to uninstall this on my Mac. It is inactive -- haven't used for years.
We are receiving multiple events regarding below subject line ,Kindly have a look
Failed to get Management policy from the server (error code 13, Code category)
we are receiving this alert from
Source : Client management
Category : policy
In file "mailConfig.properties" there is email address. How to know username for which this email is associated for?
Hi all. Has anyone been able to order SEP any time in the past month? As a Symantec partner, I do my SEP ordering at Ingram. Ingram is unprepared for this Broadcom merger and they're falling apart over there. I have been nearly a month trying to place some orders for new customers. These customers have purchased new computers as part of the Win 7 situation, and we're having to deploy them WITHOUT ANY ENDPOINT SECURITY. To say this situation is riduclous is an udnerstatement.
When I do get a reply from Ingram, it was at first to say things like they are in training for the new procedures and have reduced staff etc. while adapting to tthe Broadcom stuff. So I let it go a bit what with the holidays and all. Inquiring further a couple weeks later, now I'm told they're prioritizing renewals it seems at least to the end of January, so basically will not get my orders in anytime soon, and really in my mind who knows if Feb 1 we'll just be told sorry we're backed up for a nother month.
What I find odd is that SEP will keep on functioning just fine whether you're license is current or not, at least for 30 days or more. So why not let existing customers continue as-is and fix up their licensing renewals later, and prioritize taking on new customers who, unless they're loyal Symantec people like me, will end up moving elsewhere.
So again I have business clients that are running computers without any form of endpoint security. Am I the only Symantec partner finding this situation utterly idiotic? .
Also is there a Symantec parnter group on here? The PartnerNet doens't seem very active.
Thanks!
Is anyone seeing delays renewing their SEP licenses? We're renewing through our supplier as we've done for the past 10 years and we're being told that there's a processing delay from Broadcom.
Our license expires next week - we started the renewal process several weeks ago.
Is it possible to get a temporary license to January 31, 2020 to allow time for our renewal to be processed?
We have a number of UNMANAGED clients that we install the license file directly to.
Can’t reset password for SEPM v.14.
Try to use “Forgot password”, but don’t receive mail to registered mail (see it in mailConfig.properties), but receive informational mails to this email from SEPM. Please, help me reset password.
Hi everybody,
i'm trying to create a bunch of groups in SEP Manager via REST API and powershell. However after creating 23 groups i get the following error:
Invoke-RestMethod : {"error":"Rate limit exceeded."}
At C:\temp\rest.ps1:60 char:21
+ ... oupResult = Invoke-RestMethod -SkipCertificateCheck -Uri $Uri -Header ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (Method: GET, Reques\u2026PowerShell/6.2.3
}:HttpRequestMessage) [Invoke-RestMethod], HttpResponseException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommandMaking a pause (of 2-15 seconds) between the creation of the separate groups doesn't change anything about the error.
If I restart the script directly after the error occurred it won't create any new groups but stop with the same error again; if i wait like a couple minutes the script will create some groups before crashing again with the 'Rate limit exceeded' error.
My system environment:
VM with Windows Server 2016 & Powershell 6.2.3
SEP Manager 14.2.1031.0100
What can i do to work around this error or is there a way to get any more information why this is happening?
Thanks for your help in advance.