SEP clients offline after migrating to a new server

Just a quick post today. We have migrated our Symantec Endpoint Protection Manager to a new server last week. For the most part the Disaster recovery best practices support article is very useful. However what it doesn’t mention is that unless your new server has the same name your clients will still be trying to connect to the old one. I suppose that’s why it is a DR procedure rather than a migration.

What you need to do is update the clients connection settings. There are a few ways in which you can achieve this again pretty well detailed here and for SEP 12.1 RU2 or newer here.

Advertisements

Symantec Endpoint Protection Manager 12.1 Password Reset

UPDATE: SEPM 12.1.5 and higher

A few kind people reported that this doesn’t seem to work with 12.1.5. I have tested the script with 12.1.6 and it still works however you might need to set the JRE_HOME system variable first.

To do this:

  1. Navigate to the “Advanced System Settings” section of the Control Panel.
  2. In the “System variables” section of the Environment Variables window that opens, ensure that the JRE_HOME environment variables are pointed at the following location:  C:\Program Files\Java\jre<version>
  3. Click OK and Apply to close the System Properties Window.

You can check it worked if you try going to %JRE_HOME% and end up in the folder you’ve just set.

If you run into any problems do comment below.

UPDATE: Download the script from here: https://dl.dropboxusercontent.com/u/12211262/resetpass.bat

I’ve spent some time today trying to reset the admin account for Symantec Endpoint Protection Manager. In earlier versions you could use resetpass.bat file as detailed in http://www.symantec.com/business/support/index?page=content&id=HOWTO18134. However for greater security Symantec haven’t included this utility in version 12.1. Instead you can use the Forgotten Password link on the logon screen. The main problem is that if you haven’t set up email server settings in the Manager console previously this won’t be any help to you.

Quite a few forum posts suggest logging a support case with Symantec to obtain a new version of the resetpass.bat file but I couldn’t find anybody actually offering this up for download so I thought I’d share the love and save other people logging support calls:

@echo off
setlocal

set CATALINA_HOME=%CD%..\tomcat
set JRE_HOME=%CD%..\jre

“%JRE_HOME%\bin\java.exe” -Xms64m -Xmx256m -XX:MinHeapFreeRatio=30 -XX:MaxHeapFreeRatio=40 -classpath “%CD%..\bin\inst.jar;%CD%..\bin\inst-res.jar” -Dcatalina.home=”%CATALINA_HOME%” -Djava.library.path=”%CATALINA_HOME%\bin;%CATALINA_HOME%..\ASA\win32″ com.sygate.scm.tools.DatabaseFrame setpassword admin admin
endlocal

You can download the file here: resetpass.bat or just copy and paste into notepad and save as resetpass.bat in \Program Files\Symantec\Symantec Endpoint Protection Manager\Tools folder

You will need to run this from command prompt with admin priviledges and your admin login will be set to:

username: admin
password: admin