Changing Active Directory group in Symantec Protection Engine 7.5


Article ID: 159299


Updated On:


Protection Engine for NAS


Symantec Protection Engine (SPE) 7.5 has been deployed with Active Directory (AD) Authentication and there is a need after the installation to change the AD group chosen during the installation.


The incorrect AD group has been selected during the installation and a different member of another group needs to be able to authenticate to be able to log in to the SPE Console.


Perform the following changes
1. Close the SPE console and in services.msc stop the symantec protection engine service
2. Take a backup of configuration.xml which is in the scan engine folder
3. In CMD go to the scan engine path where the xmlmodifier.exe resides
4. Run the command

xmlmodifier -s /configuration/resources/system/admin/ADAuthenticationMode/ActiveDirectoryDetails/@groupname DOMAIN\group configuration.xml

where DOMAIN\group should be replaced with your own domain and the new group name.

5. Press Enter. The command should not return any error. If it completes without error the change should have taken effect
6. Check the configuration.xml if the value has been updated. If it has the change was successfull.
7. Start the symantec protection engine service
8. Open up the SPE Console and a log in with any user in the new AD group should now work fine.


Applies To

Symantec Protection Engine (SPE) 7.5