Symantec Endpoint Protection Manager (SEPM) installation is corrupted and it needs to be reinstalled and connected to existing SQL database.
Symptoms indicating a corrupted SEPM install include but are not limited to: SEPM failure to deploy content/definitions to the clients.
This solution consists of collecting the SEPM configuration/communication settings per the Disaster recovery document, uninstalling the current SEPM install and reinstalling it. This process will result in a clean install of the SEPM, utilizing the current settings to maintain communications with the SQL server and the SEP clients. This process will retain the current SEPM/DB content, such as policies and definitions.
1. Follow the first two steps of the Disaster Recovery for 12.1 document:
Symantec Endpoint Protection 12.1: Best Practices for Disaster Recovery with the Symantec Endpoint Protection Manager
a. Backup Existing database just in case of unexpected issues. The database backup folder is saved to the following directory:
Drive:\\Program Files\Symantec\Symantec Endpoint Protection Manager\data\backup.
The backup can be accomplished by using the Backup and Restore utility (From the SEPM Start Menu) or inside the Symantec Endpoint Protection Manager or by using the SQL DB backup functionality.
This step should be accomplished to ensure that the SQL server database is not impacted by the SEPM uninstall - install.
b. Back up the SEP recovery file.
This file contains the current SEPM configuration and communication settings. Typically this file is located at:
Drive:\\Program Files\Symantec\Symantec Endpoint Protection Manager\server private key backup\
If the SEPM Server OS is 64bit, the file path will be: Program Files(x86)
Select the file with the newest file date.
2. Disable SEPM Replication
If the SEPM is part of a site that uses replication, you must disable replication before uninstalling the SEPM. Disable replication at each site that replicates.
If this SEPM is not part of a replication plan, skip ahead to "Procedure for Re-installing the SEPM"
a. Log-on to the Symantec Endpoint Protection Manager Console.
b. Click the Admin tab, then Click the blue Servers tab at the bottoms of the pane.
c. On the Servers tab, in the left pane, expand Local Site, and then expand Replication Partners.
d. For each site that is listed under Replication Partners, right-click the site, and then click Delete.
e. In the Delete Partner prompt, click Yes.
f. Log-off the console, and repeat this procedure at all sites that replicate data.
Procedure for Re-installing the SEPM:
1. Uninstall the current SEPM install:
Control Panel > Programs and Features > Symantec Endpoint Protection Manager > Uninstall
2. Install the SEPM using the install set provided by Symantec (i.e. Clean Install.) - Use the same version of the SEPM as was previously installed.
3. Run the Configuration Wizard and point it to the recovery file selected in step 1.b
4. Make sure to select "Install an Additional Management Server to an existing site." If you use new site, it will override the current database selection.
This is the second option on this menu.
6. In the next screen, click Next.
7. If the recovery file was used correctly, the next screen should display the correct SQL server information, except for the database password. Enter the correct password and press Next.
8. The following warning prompt should appear: "The management server name already exists. Do you want to replace it with the new name?" Click Yes.
9. The SEPM Wizard will proceed to reconnect to the SQL server.
10. Log in to the SEPM and confirm client connectivity.
11. Re-apply replication to the SEPM/Site as required.
1. In some cases, the administrator will have to go in to the SEPM and re-apply policies to the assigned client groups.
2. SEP clients designated as GUPs may need to be re-selected and re-designated as a GUP.
Symantec Endpoint Protection 11.x and 12.1
SQL Data Base is used. (Not Embedded.)