Logging in to Symantec Endpoint Protection Manager (SEPM) console takes longer than normal, about 60 secounds. Then once you login, you receive an error message "Unexpected server error. ErrorCode: 0x10010000". The first 3 tabs (Home, Monitors, and Reports) cannot be navigated.
The error-<timezone>.log in "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\apache\logs" contains warnings/errors similar to the following:
[Tue Dec 09 09:07:56.042235 2014] [fcgid:error] [pid 588:tid 460] (OS 1314)A required privilege is not held by the client. : mod_fcgid: can't run ../php/php-cgi.exe
[Tue Dec 09 09:07:56.057835 2014] [fcgid:warn] [pid 588:tid 460] (OS 1314)A required privilege is not held by the client. : mod_fcgid: spawn process ../php/php-cgi.exe error
You may also see the following error in the server-0.log:
Server returned HTTP response code: 503 for URL: https://SERVERNAME:8445/Reporting/reports/sr-login.php
The "NT SERVICE\semwebsrv" account lacks "Replace a process level token" permissions in the system's local security policy.
Edit the Local Security Policy (under Administrative Tools) on the SEPM machine(s), proceed to Local Policies, User Rights Assignment and add the "NT SERVICE\semwebsrv" user to the "Replace a process level token" policy.
NOTE: If a domain level group policy is assigned to the SEPM, then changes to this security setting will need to be made at the domain level by the Active Directory administrator.