Unexpected server error. ErrorCode: 0x10010000 after attempting to login to Endpoint Protection Manager

book

Article ID: 161540

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Logging in to Symantec Endpoint Protection Manager (SEPM) console takes longer than normal, about 60 secounds. Then once you login, you receive an error message "Unexpected server error. ErrorCode: 0x10010000". The first 3 tabs (Home, Monitors, and Reports) cannot be navigated.

The error-<timezone>.log in "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\apache\logs" contains warnings/errors similar to the following:

[Tue Dec 09 09:07:56.042235 2014] [fcgid:error] [pid 588:tid 460] (OS 1314)A required privilege is not held by the client.  : mod_fcgid: can't run ../php/php-cgi.exe
[Tue Dec 09 09:07:56.057835 2014] [fcgid:warn] [pid 588:tid 460] (OS 1314)A required privilege is not held by the client.  : mod_fcgid: spawn process ../php/php-cgi.exe error

 

You may also see the following error in the server-0.log:

Server returned HTTP response code: 503 for URL: https://SERVERNAME:8445/Reporting/reports/sr-login.php

Cause

The "NT SERVICE\semwebsrv" account lacks "Replace a process level token" permissions in the system's local security policy.

Environment

SEP 14.x

Resolution

Edit the Local Security Policy (under Administrative Tools) on the SEPM machine(s), proceed to Local Policies, User Rights Assignment and add the "NT SERVICE\semwebsrv" user to the "Replace a process level token" policy.

NOTE: If a domain level group policy is assigned to the SEPM, then changes to this security setting will need to be made at the domain level by the Active Directory administrator.